+++ This bug was initially created as a clone of Bug #154314 +++ From Bugzilla Helper: User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.6) Gecko/20050225 Firefox/1.0.1 Description of problem: Second time already when I hear nss_ldap is replying with wrong results and causing peoples' mails to be shown to wrong people: http://www.dovecot.org/list/dovecot/2005-March/006345.html http://www.dovecot.org/list/dovecot/2005-April/006859.html Something should really be done about this. At the very least I'm adding a check to make sure getpwnam() returns the same user name that is being requested, and if not put out some huge warnings about something being broken.. Version-Release number of selected component (if applicable): How reproducible: Sometimes Steps to Reproduce: Install Dovecot with nss_pam enabled. Try logging in enough times with different users and see how at some point it shows you wrong user's mailbox. Additional info:
Can this be related to nss_ldap sometimes not closing the filedescriptors across forks as it is supposed to do? That can cause all sorts of strange errors in the returned data used by forking daemons. Sendmail suffers quite a bit from this.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
*** Bug 243715 has been marked as a duplicate of this bug. ***
Just realized I've never posted this link: The last and most reliable reproducer I have for this: http://people.redhat.com/tjanouse/dovecot/154314/ldaptest2.c
~~~~~~~~~~~~~~ ~ Attention: ~ Immediate attention required for this ***High Priority*** bug. ~~~~~~~~~~~~~~ A fix for this issue should be included in the latest packages contained in **RHEL4.7-Snapshot2**, accessible now on http://partners.redhat.com. After you (Red Hat Partner) have verified that this issue has been addressed, submit a comment describing the results of your test in appropriate detail, along with which snapshot and package version tested. The bugzilla will be updated by Red Hat Quality Engineering for you when this information has been received. If this issue has not been properly fixed or you are unable to verify the issue for any reason, please add a comment describing the most recent issues you are experiencing, along with which snapshot and package version tested. If you are sure the bug has not been fixed, change the status of the bug to ASSIGNED. For IssueTracker users, submit verification results as usual; Bugzilla will be updated by Red Hat Quality Engineering for you. For additional information, contact your Partner Manager. Thank you, Red Hat QE Partner Management
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2008-0715.html
Partners, I would like to thank you all for your participation in assuring the quality of this RHEL 4.7 Update Release. My hat's off to you all. Thanks.