Bug 38410 - openssl libs should be placed in /lib or you can't use LDAP services for UID/GID
openssl libs should be placed in /lib or you can't use LDAP services for UID/GID
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: openssl (Show other bugs)
7.1
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-04-30 13:01 EDT by Henning Schmiedehausen
Modified: 2008-05-01 11:38 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-04-30 13:01:31 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Henning Schmiedehausen 2001-04-30 13:01:28 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-1t i686)


I use LDAP for User information, mounts and everything else. I use the
nss_ldap switch
to get the information from a central ldap server and I use secure LDAPv3
connections.
If you do so, you can't cleanly shutdown, because the last running bash
(which shuts the system down) has the following files mapped:

(this is from a RH 6.2 system with enhancements but applies the same to RH
7.1)

startx  22825 henning  cwd    DIR      0,6   16384   250
/mnt/home.net/henning (shirley:/mnt/raid1/home/henning)
startx  22825 henning  rtd    DIR      3,5    4096     2 /
startx  22825 henning  txt    REG      3,5  310640 87892 /bin/bash
startx  22825 henning  mem    REG      3,5  340771 46284 /lib/ld-2.1.3.so
startx  22825 henning  mem    REG      3,5   12224 43938
/lib/libtermcap.so.2.0.8
startx  22825 henning  mem    REG      3,5 4101836 46339 /lib/libc-2.1.3.so
startx  22825 henning  mem    REG      3,5  246652 46347
/lib/libnss_files-2.1.3.so
startx  22825 henning  mem    REG      3,5   58060 46269
/lib/libnss_ldap-2.1.3.so
startx  22825 henning  mem    REG      3,5  183752 46275
/lib/libldap.so.2.0.5
startx  22825 henning  mem    REG      3,5   44550 46272
/lib/liblber.so.2.0.5
startx  22825 henning  mem    REG      3,5  370141 46345
/lib/libnsl-2.1.3.so
startx  22825 henning  mem    REG      3,5  169720 46349
/lib/libresolv-2.1.3.so
startx  22825 henning  mem    REG      3,5  202847 46337
/usr/lib/libssl.so.0.9.6
startx  22825 henning  mem    REG      3,5  897407 46336
/usr/lib/libcrypto.so.0.9.6
startx  22825 henning  mem    REG      3,5   75131 46343
/lib/libdl-2.1.3.so

note libssl and libcrypto. When shutting down, the /usr filesystem stays
busy if /usr is
on a different FS than the root FS. So the machine does not shut down.

Reproducible: Always
Steps to Reproduce:
0. use LDAP for user information. Use secure LDAPv3 to query your server.
1. go to single user mode.
2. look at the pid of the initial shell
3. do "lsof -p <pid>"
4. look at the mapped libraries. libssl and libcrypto come from the /usr fs
	

Actual Results:  shutdown says "/usr busy", machine hangs, hard reboot
needed, sometimes FS  corruption occurs.

reboot needs fsck of /usr

Expected Results:  machine should unmount /usr, remount / read-only and
reboot

moving the libssl and libcrypto to /lib makes this working.
Comment 1 Nalin Dahyabhai 2001-07-03 15:24:57 EDT
This doesn't really solve the problem, since depending on how OpenLDAP was built,
you may need SASL modules which live in /usr/lib/sasl, but I'll move them in
openssl-0.9.6a-7 and later.

Note You need to log in before you can comment on or make changes to this bug.