[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4306) bad ACL syntax in modification to olcAccess attribute crashes slapd

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#4306) bad ACL syntax in modification to olcAccess attribute crashes slapd
From: erici@motown.cc.utexas.edu
Date: Fri, 6 Jan 2006 04:00:48 GMT

I'll set up another test server with 2.3.15 and see what I can do for you.
gdb doesn't like the 64-bit code, though, so we get to play with Sun Forte
tools...

Incidentally, the LDIF that broke things was something like
olcAccess: {2}to * by dn.base="something" =w
 by blah blah

where I had neglected to put white space after the '=w' so the entry would
have been parsed as being
olcAccess: {2}to * by dn.base="something" =wby blah blah

Hopefully I can provide more specific info by tomorrow and I'll post back
to the list.

On Thu, 5 Jan 2006, Kurt D. Zeilenga wrote:

>At 11:02 AM 1/5/2006, erici@motown.cc.utexas.edu wrote:
>>Full_Name: Eric Irrgang
>>Version: 2.3.14
>>OS: Solaris 9
>>URL:
>>Submission from: (NULL) (128.83.217.14)
>>
>>
>>slapd crashes quietly and abruptly when an invalid ACL is added via cn=config.
>>An ACL that would normally prevent server startup due to syntax errors will
>>cause the OL 2.3.14 to crash when added via ldapmodify to "dn:
>>olcDatabase={1}bdb,cn=config".
>
>And a core stack backtrace (gdb 'bt') as well.
>
>Also, as 2.3.15 includes some fixes in the area of ACLs, as
>well as a Solaris-specific crasher, you should attempt to
>duplicate the problem in 2.3.15.
>
>Kurt
>

-- 
Eric Irrgang - UT Austin ITS Unix Systems - (512)475-9342

Prev by Date: RE: (ITS#4308) poor performance under load
Next by Date: Re: (ITS#4305) BDB-recovery generates bdb cache files with wrong ownership
Index(es):
- Chronological
- Thread