From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922 Description of problem: When I use lchsh or lchfn as root on an existing user in my ldap db, I am prompted for the binddn and then the app exits. [root@db ~]# lchsh gary Changing shell for gary. LDAP Bind Password: [root@db ~]# /etc/libuser.conf sections look like: [defaults] modules = files ldap create_modules = ldap ... [ldap] # Setting these is always necessary. #server = 127.0.0.1 server = ldap://localhost:389 basedn = dc=example,dc=com bindtype = simple binddn = cn=Manager,dc=example,dc=com Using other tools to verify the entry is successful: ldapsearch -b 'dc=example,dc=com' -x -W -D 'cn=Manager,dc=example,dc=com' -H ldap://127.0.0.1:389 uid=gary loginShell Version-Release number of selected component (if applicable): 0.53.7 How reproducible: Always Steps to Reproduce: 1. lchsh gary 2. 3. Actual Results: App exited Expected Results: prompt for new shell Additional info:
Seems that libuser was still trying to use TLS but not producing any error output. Commenting out the ldap_start_tls_s call allows the expected behaviour.
Thanks for your report. The program dies with SIGPIPE; bash normally does not report this because it happens often with pipelines. This is caused by a bug in the ldap server; a workaround is to configure your ldap server to support TLS. *** This bug has been marked as a duplicate of 164958 ***