[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP + solaris8 + pam_ldap + passwd = segmentation fault



I don't know if this is a bug due to openldap, pam_ldap or others. Maybe
it is even through some misconfiguration of me. In short:

I run OpenLDAP v. 2.0.11 on a solaris 8 box. Every test works fine, I can
add/look up/... entries without problem. In the database,
passwd-information is included. I use this with pam_ldap v. 122 (on
another solaris8 box, I have also tried v. 124 with same result).
I have checked the run-time libraries, and as far as I understand, they
are the correct ones (ldd gives at hand that libldap.so.2 and liblber.so.2
are the ones from the openldap distribution).

I can use the pam_ldap-module for logging in using start_tls/ssl.
For example, the line in /etc/pam.conf just works as expected:
  rlogin  auth required /usr/lib/security/pam_ldap.so.1

will look up the user in OpenLDAP (I trace slapd with -d 9)
If I do, however, add
  other   password required       /usr/lib/security/pam_ldap.so.1
and try to use the passwd command, it will result in a exception fault.
(the use of ldappasswd works just as expected, and change the passwd
correctly)

A closer look (snoop, truss, debug messages, ...) gives at hand that the 
exception is within a call to the ldap_initialize() function. The same
call works fine when rlogin is calling pam_ldap. The contents of 
the parameters  (named session->conf->uri, &session->ld) are the same for
repeated calls via rlogin. The same is true for repeated passwd-tries, but
ld has a different value. The uri is the same, and expected value. For
example passwd: uri=ldap://ldap.it.uu.se/ ld=219520
        rlogin: uri=ldap://ldap.it.uu.se/ ld=176880

Any ideas? Is this a openldap-related bug or pam_ldap or have I just
misconfigured everything?

rgds / Hans F (frimmel@tdb.uu.se)