[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd seg faults when 'ppolicy_default' is enabled

R.B. wrote: 
Hi;

Updating to the latest 2.3.39 fixed whatever was causing this seg fault.

For the record, that was ITS#4848. 

Thanks,

Rafael


On Dec 10, 2007 2:31 PM, R. B. <allegatis@gmail.com> wrote: 
Hi;

I'm in the process of configuring ppolicy for OpenLDAP using Buchan's
RPMs and it seems that after adding my policy and enabling it in my
slapd.conf file, slapd seg faults (see output below). If I uncomment
the 'ppolicy_default' line, the server starts fine and continues to
serve.

Help?

Thank you!

Rafael


OS: RHEL4
OpenLDAP: 2.3.38 - buchan's RPMs for RHEL4

Output:
########
-bash-3.00# slapd2.3 -u ldap -g ldap -l LOCAL0 -s 0 -f etc/slapd.conf
-h ldap:/// -d 1
@(#) $OpenLDAP: slapd 2.3.38 (Aug 23 2007 12:54:24) $
        bgmilne@build.telkomsa.net:/home/bgmilne/rpm/BUILD/openldap-2.3.38/servers/slapd
daemon_init: listen on ldap:///
daemon_init: 1 listeners to open...
ldap_url_parse_ext(ldap:///)
daemon: listener initialized ldap:///
daemon_init: 2 listeners opened
slapd2.3 init: initiated server.
slap_sasl_init: initialized!
bdb_back_initialize: initialize BDB backend
bdb_back_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)
hdb_back_initialize: initialize HDB backend
hdb_back_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)
bdb_db_init: Initializing BDB database
dnPrettyNormal: <dc=swa,dc=com>
<<< dnPrettyNormal: <dc=swa,dc=com>, <dc=swa,dc=com>
dnPrettyNormal: <cn=Manager,dc=swa,dc=com>
<<< dnPrettyNormal: <cn=Manager,dc=swa,dc=com>, <cn=manager,dc=swa,dc=com>
dnPrettyNormal: <cn=swaPasswordPolicy,ou=Policies,dc=swa,dc=com> 
<<< dnPrettyNormal: <cn=swaPasswordPolicy,ou=Policies,dc=swa,dc=com>,
<cn=swapasswordpolicy,ou=policies,dc=swa,dc=com>
==> ppolicy_cf_default
==> ppolicy_cf_default add
dnNormalize: <cn=Subschema> 
Segmentation fault
########

slapd.conf:
########
include /usr/share/openldap2.3/schema/core.schema
include /usr/share/openldap2.3/schema/cosine.schema
include /usr/share/openldap2.3/schema/inetorgperson.schema
include /usr/share/openldap2.3/schema/nis.schema
include /usr/share/openldap2.3/schema/misc.schema
include /usr/share/openldap2.3/schema/corba.schema
include /usr/share/openldap2.3/schema/openldap.schema
include /usr/share/openldap2.3/schema/ppolicy.schema

access to attrs=shadowLastChange,userPassword
        by self write
        by anonymous auth
        by * none

access to *
        by * read

pidfile         /cluster/agis-ldap/ldap-master/var/run/slapd.pid
argsfile        /cluster/agis-ldap/ldap-master/var/run/slapd.args

modulepath      /usr/lib/openldap2.3

moduleload     ppolicy.la

loglevel 1

database        bdb
suffix          "dc=swa,dc=com"
rootdn          "cn=Manager,dc=swa,dc=com"

rootpw    {SSHA}xxxxx

directory       /cluster/agis-ldap/ldap-master/var/lib/ldap

overlay ppolicy
ppolicy_default "cn=swaPasswordPolicy,ou=Policies,dc=swa,dc=com"
ppolicy_use_lockout

cachesize 100000
idlcachesize 100000

checkpoint 256 5

index   objectClass                                             eq
index   ou,cn,mail,givenname                                    eq,subinitial
index   uidNumber,gidNumber,memberUid,loginShell                eq
index   uid                                                     eq,subinitial
########




--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP     http://www.openldap.org/project/