Bug 38410 - openssl libs should be placed in /lib or you can't use LDAP services for UID/GID
Summary: openssl libs should be placed in /lib or you can't use LDAP services for UID/GID
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: openssl
Version: 7.1
Hardware: i386
OS: Linux
medium
high
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-04-30 17:01 UTC by Henning Schmiedehausen
Modified: 2008-05-01 15:38 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 2001-04-30 17:01:31 UTC


Attachments (Terms of Use)

Description Henning Schmiedehausen 2001-04-30 17:01:28 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-1t i686)


I use LDAP for User information, mounts and everything else. I use the
nss_ldap switch
to get the information from a central ldap server and I use secure LDAPv3
connections.
If you do so, you can't cleanly shutdown, because the last running bash
(which shuts the system down) has the following files mapped:

(this is from a RH 6.2 system with enhancements but applies the same to RH
7.1)

startx  22825 henning  cwd    DIR      0,6   16384   250
/mnt/home.net/henning (shirley:/mnt/raid1/home/henning)
startx  22825 henning  rtd    DIR      3,5    4096     2 /
startx  22825 henning  txt    REG      3,5  310640 87892 /bin/bash
startx  22825 henning  mem    REG      3,5  340771 46284 /lib/ld-2.1.3.so
startx  22825 henning  mem    REG      3,5   12224 43938
/lib/libtermcap.so.2.0.8
startx  22825 henning  mem    REG      3,5 4101836 46339 /lib/libc-2.1.3.so
startx  22825 henning  mem    REG      3,5  246652 46347
/lib/libnss_files-2.1.3.so
startx  22825 henning  mem    REG      3,5   58060 46269
/lib/libnss_ldap-2.1.3.so
startx  22825 henning  mem    REG      3,5  183752 46275
/lib/libldap.so.2.0.5
startx  22825 henning  mem    REG      3,5   44550 46272
/lib/liblber.so.2.0.5
startx  22825 henning  mem    REG      3,5  370141 46345
/lib/libnsl-2.1.3.so
startx  22825 henning  mem    REG      3,5  169720 46349
/lib/libresolv-2.1.3.so
startx  22825 henning  mem    REG      3,5  202847 46337
/usr/lib/libssl.so.0.9.6
startx  22825 henning  mem    REG      3,5  897407 46336
/usr/lib/libcrypto.so.0.9.6
startx  22825 henning  mem    REG      3,5   75131 46343
/lib/libdl-2.1.3.so

note libssl and libcrypto. When shutting down, the /usr filesystem stays
busy if /usr is
on a different FS than the root FS. So the machine does not shut down.

Reproducible: Always
Steps to Reproduce:
0. use LDAP for user information. Use secure LDAPv3 to query your server.
1. go to single user mode.
2. look at the pid of the initial shell
3. do "lsof -p <pid>"
4. look at the mapped libraries. libssl and libcrypto come from the /usr fs
	

Actual Results:  shutdown says "/usr busy", machine hangs, hard reboot
needed, sometimes FS  corruption occurs.

reboot needs fsck of /usr

Expected Results:  machine should unmount /usr, remount / read-only and
reboot

moving the libssl and libcrypto to /lib makes this working.

Comment 1 Nalin Dahyabhai 2001-07-03 19:24:57 UTC
This doesn't really solve the problem, since depending on how OpenLDAP was built,
you may need SASL modules which live in /usr/lib/sasl, but I'll move them in
openssl-0.9.6a-7 and later.


Note You need to log in before you can comment on or make changes to this bug.