Description of problem: The systems in my environment are currently not stable, due to some ldap bugs, which are occasionally crashing various services on our clients. I believe that I'm hitting this bug: http://www.openldap.org/its/index.cgi/Incoming?id=5525;page=1;statetype=1 Which was fixed in openldap 2.4.10 . I noticed that the error for ber_flush2 is being reported in /usr/lib/libnss_ldap-259.so, which is provided by nss_ldap and NOT the openldap package. It appears all of these symbols are also in the nss library as well, when I strings the binary. This would mean that nss_ldap is using an old version of openldap. It has not been updated. After doing a backtrace on one of the services' core files (automount) I saw: (gdb) bt full #0 0x0012e416 in __kernel_vsyscall () No symbol table info available. #1 0x00185660 in raise () from /lib/libc.so.6 No symbol table info available. #2 0x00187028 in abort () from /lib/libc.so.6 No symbol table info available. #3 0x0017e57e in __assert_fail () from /lib/libc.so.6 No symbol table info available. #4 0x004fb28a in ber_flush2 () from /usr/lib/libnss_ldap-259.so No symbol table info available. #5 0x004e1729 in ldap_int_flush_request () from /usr/lib/libnss_ldap-259.so No symbol table info available. #6 0x004e1b1f in ldap_send_server_request () from /usr/lib/libnss_ldap-259.so No symbol table info available. #7 0x004e1d02 in ldap_send_initial_request () from /usr/lib/libnss_ldap-259.so No symbol table info available. #8 0x004d5166 in ldap_search () from /usr/lib/libnss_ldap-259.so No symbol table info available. #9 0x004d52f8 in ldap_search_st () from /usr/lib/libnss_ldap-259.so No symbol table info available. #10 0x004c655b in do_search_s (base=0x50ea00 "dc=csc,dc=calpoly,dc=edu", scope=2, filter=0xb7d6884c "(&(objectClass=user)(uidNumber=2049992))", attrs=0x50f6e0, sizelimit=1, res=0xb7d69094) at ldap-nss.c:2739 rc = 0 tv = {tv_sec = 120, tv_usec = 0} tvp = (struct timeval *) 0x6 #11 0x004c5798 in do_with_reconnect (base=0x50ea00 "dc=csc,dc=calpoly,dc=edu", scope=2, filter=0xb7d6884c "(&(objectClass=user)(uidNumber=2049992))", attrs=0x50f6e0, sizelimit=1, private=0xb7d69094, search_func=0x4c64d0 <do_search_s>) at ldap-nss.c:2630 tries = 0 backoff = 0 hard = 1 start_uri = 0 log = 1 stat = NSS_STATUS_SUCCESS maxtries = 7 __PRETTY_FUNCTION__ = "do_with_reconnect" #12 0x004c62be in _nss_ldap_search_s (args=0xb7d690e0, filterprot=0x515ea0 "(&(objectClass=user)(uidNumber=%d))", sel=LM_PASSWD, user_attrs=0x0, sizelimit=1, res=0xb7d69094) at ldap-nss.c:3154 sdBase = "\210;0�@\021,\000\001\000\000\000\220�6�\004\237\034\000\220�6�pJ\000\000\230?5�\214\214ַF�\034\000@\021,\000\230?5�\004\237\034\000@\021,\000\004\000\000\000�\214ַ�\214ַ��+\000@\021,\000\210;0�X\2021�@\021,\000\002\000\000\000\210;0�\200;0�,�P\000\bF4�\bF4��\214ַ��+\000@\021,\000\bF4�\004\237\034\000F�\034\000@\021,\000\bF4�\000F4���+\000@\021,\000X\2021�\004\237\034\000@\021,\000\005\000\000\000\030�6�P\2021�\200\2304�\020\000\000\000\000\000\000\000H\2011�@\021,\000"... base = 0x50ea00 "dc=csc,dc=calpoly,dc=edu" filterBuf = "(&(objectClass=user)(uidNumber=2049992))\000jec\003\000\000\000����\000\000\000\000oup)\a\001P\000X\216ַX\216ַ*)))\000\000\000\000L{\023\000�O\024\000\200 ,\000\000\000\000\000\001\000\000\000\001\000\000\000\r\000\000\000p\021,\000p\021,\000\030;0��\210ַ$gL\000\r\000\000\000 �P\000\000\000\000\000\000\000\000\000�fL\000,�P\000�\210ַ��+\000\b(0��hO\000\030\211ַU�\034\000h\213ַ��O\000g\211ַ\230;0�\001\000\000\000��O\000"... dynamicFilterBuf = 0x0 attrs = (const char **) 0x50f6e0 filter = 0xb7d6884c "(&(objectClass=user)(uidNumber=2049992))" scope = 2 stat = <value optimized out> sd = (ldap_service_search_descriptor_t *) 0x50ea20 #13 0x004c6a87 in _nss_ldap_getbyname (args=0xb7d690e0, result=0xb7d691f4, buffer=0xb8318450 "jetty", buflen=1024, errnop=0xb7d6ab58, filterprot=0x515ea0 "(&(objectClass=user)(uidNumber=%d))", sel=LM_PASSWD, parser=0x4c6cd0 <_nss_ldap_parse_pw>) at ldap-nss.c:3501 stat = <value optimized out> ctx = {ec_state = {ls_type = 0, ls_retry = 1878086, ls_info = {ls_key = 0x2c1140 "", ls_index = 2888000}}, ec_msgid = -1, ec_res = 0x0, ec_sd = 0xb7d69128, ec_cookie = 0x0} #14 0x004c7140 in _nss_ldap_getpwuid_r (uid=2049992, result=0xb7d691f4, buffer=0xb8318450 "jetty", buflen=1024, errnop=0xb7d6ab58) at ldap-pwd.c:263 a = {la_type = LA_TYPE_NUMBER, la_arg1 = {la_string = 0x1f47c8 "w\213E\030�", la_number = 2049992, la_triple = {host = 0x1f47c8 "w\213E\030�", user = 0xb82edf38 "", domain = 0x2942ce "getpwuid_r"}, la_string_list = 0x1f47c8}, la_arg2 = {la_string = 0x0}, la_base = 0x0} #15 0x001f49c2 in getpwuid_r@@GLIBC_2.1.2 () from /lib/libc.so.6 No symbol table info available. #16 0xb7fa696d in do_mount_indirect (arg=0xb8303c08) at indirect.c:746 mt = {mutex = {__data = {__lock = 0, __count = 0, __owner = 0, __kind = 0, __nusers = 0, {__spins = 0, __list = {__next = 0x0}}}, __size = '\0' <repeats 23 times>, __align = 0}, cond = {__data = {__lock = 0, __futex = 1, __total_seq = 1, __wakeup_seq = 0, __woken_seq = 0, __mutex = 0xb7fd0768, __nwaiters = 2, __broadcast_seq = 0}, __size = "\000\000\000\000\001\000\000\000\001", '\0' <repeats 23 times>, "h\a��\002\000\000\000\000\000\000\000\000\000\000", __align = 4294967296}, signaled = 0, ap = 0xb83026b8, status = 0, type = 0, ioctlfd = 0, mc = 0x0, name = ".hidden", '\0' <repeats 247 times>, dev = 23, len = 7, uid = 2049992, gid = 350, wait_queue_token = 6} ap = (struct autofs_point *) 0xb83026b8 buf = "/home/.hidden\000049992", '\0' <repeats 3894 times>, "\232\231f�\002����\034\000\t\000\000\000��ַ\b\021��\000\000\000\000\000\000\000\000��ַ", '\0' <repeats 12 times>, "\001\000\000\000\027\000\000\000\000\000\000\000\211\f#\000�\002��|[��x\021,\000\030\000\000\000\003\000\000\000\000\000\000\000\210�ַ��\023\000\004\000\000\000�\f��\a\000\000\000\224�ַ\004\000\000\000�A\000\000\003", '\0' <repeats 32 times>, "\004\000\000\000\000\000\000\216g\023\000\025��H�BM\001���H\000\000\000\000[��H" st = {st_dev = 0, __pad1 = 0, __st_ino = 0, st_mode = 0, st_nlink = 0, st_uid = 0, st_gid = 0, st_rdev = 0, __pad2 = 0, st_size = 0, st_blksize = 0, st_blocks = 0, st_atim = {tv_sec = 0, tv_nsec = 0}, st_mtim = {tv_sec = 0, tv_nsec = 0}, st_ctim = {tv_sec = 0, tv_nsec = 0}, st_ino = 0} pw = {pw_name = 0xb8318450 "jetty", pw_passwd = 0xb8318456 "x", pw_uid = 495, pw_gid = 487, pw_gecos = 0xb8318460 "", pw_dir = 0xb8318461 "/usr/share/jetty", pw_shell = 0xb8318472 "/bin/sh"} ppw = (struct passwd *) 0xb7d691f4 gr = {gr_name = 0xb831a87c "8\025,", gr_passwd = 0xb831a886 "1�gmedbery", gr_gid = 350, gr_mem = 0xb831d2ec} pgr = <value optimized out> gr_tmp = <value optimized out> len = <value optimized out> tmplen = <value optimized out> grplen = <value optimized out> status = 0 state = 0 __FUNCTION__ = "do_mount_indirect" [root@grape cores]# rpm -q nss_ldap nss_ldap-259-3.fc9.i386 [root@grape cores]# rpm -q openldap openldap-2.4.10-1.fc9.i386
hmm, I would say so, line 116 from nss_ldap.spec So, really, there should have been a new relase of this after openldap was patched. (or changed to use dynamic linking) make %{?_smp_mflags} LIBS="-Wl,-Bstatic -lldap -llber
Static linking is needed in order to work around certain other problems, though FWIW I dislike it. I'll push a rebuild into updates-testing today.
nss_ldap-259-3.fc9.2 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/nss_ldap-259-3.fc9.2
nss_ldap-259-3.fc9.2 has been pushed to the Fedora 9 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update nss_ldap'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-8471
nss_ldap-259-3.fc9.2 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.