[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: need help with solaris 8

To: "'Tarassov Vadim'" <Vadim.Tarassov@winterthur.ch>, "'Kurt D. Zeilenga'" <Kurt@OpenLDAP.org>, "'vadim tarassov'" <vadim.tarassov@swissonline.ch>, <pamldap@padl.com>
Subject: RE: need help with solaris 8
From: "Howard Chu" <hyc@highlandsun.com>
Date: Fri, 10 Jan 2003 09:28:51 -0800
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <DC7AAC9FAF16D711B8A7000629A81695676A3D@C010893.winterthur.ch>

This issue has already been addressed in the pamldap mailing list a couple
months ago.
You need to play with various linker switches to ensure that pam_ldap.so uses
the correct libraries. Patches were already submitted to make this happen,
but they may not have covered all build combinations (Sun CC, GNU CC, Sun LD,
GNU LD) so you should just go back to the list archives and work it out.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Tarassov Vadim

> Hallo everybody,
>
> it looks like following happens:
>
> we have following in pam.conf
>
> other   password sufficient      /usr/lib/security/$ISA/pam_ldap.so.1
> other   password sufficient      /usr/lib/security/$ISA/pam_unix.so.1
>
> imagine I start passwd and enter wrong password three times.
>
> passwd loads nss_ldap and afterwords pam_unix.so.1
>
> pam_unix.so.1 for whatsoever reason looks like this:
>
>  ldd /usr/lib/security/pam_unix.so.1
>        libc.so.1 =>     /usr/lib/libc.so.1
>        libpam.so.1 =>   /usr/lib/libpam.so.1
>        libnsl.so.1 =>   /usr/lib/libnsl.so.1
>        libcmd.so.1 =>   /usr/lib/libcmd.so.1
>        libmp.so.2 =>    /usr/lib/libmp.so.2
>        libsldap.so.1 =>         /usr/lib/libsldap.so.1
>        libdl.so.1 =>    /usr/lib/libdl.so.1
>        libldap.so.4 =>  /usr/lib/libldap.so.4
>        libdoor.so.1 =>  /usr/lib/libdoor.so.1
>        libsocket.so.1 =>        /usr/lib/libsocket.so.1
>        libresolv.so.2 =>        /usr/lib/libresolv.so.2
>        /usr/platform/SUNW,UltraAX-i2/lib/libc_psr.so.1
>
>
> please notice there
>
> libsldap.so.1 =>         /usr/lib/libsldap.so.1
>
> now
>
>  ldd /usr/lib/libsldap.so.1
>        libnsl.so.1 =>   /usr/lib/libnsl.so.1
>        libldap.so.4 =>  /usr/lib/libldap.so.4
>        libc.so.1 =>     /usr/lib/libc.so.1
>        libdoor.so.1 =>  /usr/lib/libdoor.so.1
>        libdl.so.1 =>    /usr/lib/libdl.so.1
>        libmp.so.2 =>    /usr/lib/libmp.so.2
>        libsocket.so.1 =>        /usr/lib/libsocket.so.1
>        libresolv.so.2 =>        /usr/lib/libresolv.so.2
>        /usr/platform/SUNW,UltraAX-i2/lib/libc_psr.so.1
>
> what happens for me looks like that due to pam_unix openldap
> library will be thrown away and substituted with the one from sun.
> What stepping through debugger shows is that ber_free
> function will have now (after pam_unix has been executed) six
> arguments instead of two from openldap:
>
> main(0x34800, 0xffbefc84, 0x34800, 0x34800, 0x0, 0x3225c)
>    0x14a7c(0x1, 0x1, 0xff326000, 0x0, 0x2, 0x0)
>    pam_end(0x359e0, 0x0, 0xff326000, 0x36c80, 0x36c80, 0x381db)
>    _pam_ldap_cleanup_session(pamh = 0x36c80, data = 0x35998,
> error_status = 0)
>    ldap_unbind(ld = 0x37bf8)
>    ldap_unbind_ext(ld = 0x37bf8, sctrls = (nil), cctrls = (nil))
>    ldap_ld_free(ld = 0x37bf8, close = 1, sctrls = (nil),
> cctrls = (nil))
>    ldap_free_connection(ld = 0x37bf8, lc = 0x37d48, force =
> 1, unbind = 1)
>    ldap_send_unbind(ld = 0x37bf8, sb = 0x364d8, sctrls =
> (nil), cctrls = (nil))
>   ber_flush(sb = 0x364d8, ber = 0x39da0, freeit = 1)
>    ber_free(0x39da0, 0x1, 0x7, 0x0, 0xff3e2660, 0xfef6c8e7)
>    free(0x20001, 0x0, 0x0, 0x0, 0x0, 0x0)
>    _free_unlocked(0x20001, 0xff13801c, 0x20001, 0xff13801c,
> 0x21a7c, 0xff0c2664)
>
> attempt to execute ber_free caused
>
> signal BUS (invalid address alignment) in _free_unlocked at 0xff0c26bc
> 0xff0c26bc: _free_unlocked+0x0040:      ld      [%i0 - 0x8], %o0
> Current function is ber_flush
> (dbx)
>
> Most probably my interpretation is wrong, but still why than
> passwd crashes?
>
> Do you have any suggestions?
>
> Thanx a lot in advance, vadim tarassov.
>
>
> -----Ursprüngliche Nachricht-----
> Von: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
> Gesendet: Mittwoch, 8. Januar 2003 22:55
> An: vadim tarassov
> Cc: openldap-software@OpenLDAP.org
> Betreff: Re: need help with solaris 8
>
>
> Sounds like something you should take to the pamldap@padl.com
> mailing list....
>
> Kurt
>
> At 01:11 PM 1/8/2003, vadim tarassov wrote:
> >Hallo everybody,
> >
> >it looks like I am not able to understand what's happening
> on solaris 8 with pam_ldap-157 and openldap 2.1.8 - 2.1.10.
> >We have compiled openldap with pam_ldap and nss_ldap using
> forte 6u2. Everything works almost as expected besides of the
> fact that passwd crashes badly when trying to change password
> for a user which is not defined in ldap, but is defined in
> files. pam_ldap does not find anything in ldap (which is OK),
> pam_unix does find, it changes password and afterwards
> everything crashes. dbx shows that crash happens in function
> ldap_unbind, which is called by
> >
> >static void
> >_pam_ldap_cleanup_session (pam_handle_t * pamh, void *data,
> int error_status)
> >
> >in pam_ldap.c
> >
> >truss shows that bus error happens when trying to write 7
> bytes to file descriptor which has been obtained by so_socket call.
> >
> >Is there anybody who can may point on what we are doing wrong?
> >
> >Thanx a lot in advance, vadim tarassov.
> >
> >
>
>
>

References:
- AW: need help with solaris 8
  - From: Tarassov Vadim <Vadim.Tarassov@winterthur.ch>

Prev by Date: ACL ressources
Next by Date: slapd not writing to replogfile
Index(es):
- Chronological
- Thread