[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5979) ppolicy & access log crashes server

To: openldap-its@OpenLDAP.org
Subject: (ITS#5979) ppolicy & access log crashes server
From: pgiesin@gmail.com
Date: Fri, 27 Feb 2009 19:39:15 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Peter Giesin
Version: 2.4.13
OS: Red Hat 5.2
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (24.187.213.234)


Enabled both accesslog and ppolicy overlays (configurations included below). All
attempts to bind with an invalid password causes the server to crash and
database to be corrupted. If you disable either of the overlays or just the
"logold" setting of the accesslog the behavior is no longer noticed.

overlay ppolicy
ppolicy_default cn=Standard,ou=Policies,dc=amwater,dc=com
ppolicy_use_lockout TRUE
ppolicy_hash_cleartext TRUE

overlay accesslog
logdb cn=log
logops all
logold (objectclass=*)
logpurge 5+00:00 1+00:00
logsuccess TRUE

dn: cn=Standard,ou=Policies,dc=amwater,dc=com
cn: Standard
description: Standard password policy.
pwdAttribute: 2.5.4.35
pwdMinAge: 60
# 30 days: 60 sec * 60 min * 24 hr * 30 days
pwdMaxAge: 2592000
pwdCheckQuality: 1
pwdMinLength: 7
# Warn three days in advance
pwdExpireWarning: 259200
pwdGraceAuthNLimit: 3
pwdLockout: TRUE
pwdLockoutDuration: 1200
pwdMaxFailure: 3
pwdFailureCountInterval: 1200
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: TRUE
objectclass: device
objectclass: pwdPolicy

Prev by Date: Re: (ITS#5856) adauth overlay contribution
Next by Date: RE: (ITS#5919) URI syntaxe (ldap:///dc=my%2cdc=domaine)
Index(es):
- Chronological
- Thread