Bug 541819

Summary: yast2-ldap-server: segfault while loading kerberos.ldif as schema file
Product: [openSUSE] openSUSE 11.2 Reporter: Michael Calmer <mc>
Component: YaST2Assignee: Ralf Haferkamp <ralf>
Status: RESOLVED FIXED QA Contact: Jiri Srain <jsrain>
Severity: Normal    
Priority: P3 - Medium    
Version: Milestone 7   
Target Milestone: Milestone 8   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: Development Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 542165    
Attachments: Simple schema to LDIF tool

Description Michael Calmer 2009-09-24 15:24:19 UTC 
- Create a new ldap server and try to load the kerberos schema file
- I selected the kerberos.ldif
=> # yast2 ldap-server
YaST got signal 11 at YCP file ldap-server/tree_structure.ycp:234
/sbin/yast2: line 454: 13904 Segmentation fault      $ybindir/y2base $module "$@" "$SELECTED_GUI" $Y2_GEOMETRY $Y2UI_ARGS

(Loading kerberos.schema works, but I think loading the ldif should display an error and should not end up in the segfault)

y2log does not say much about this error:

2009-09-24 17:17:08 <1> vigor10(13904) [YCP] ldap-server/tree_structure.ycp:218 current_item is 'schema'
2009-09-24 17:17:48 <1> vigor10(13904) [agent-slapdconfig] SlapdConfigAgent.cc(Write):128 Path .schema.addFromLdif Length 2
2009-09-24 17:17:48 <1> vigor10(13904) [agent-slapdconfig] SlapdConfigAgent.cc(Write):142 Schema Write
2009-09-24 17:17:48 <1> vigor10(13904) [agent-slapdconfig] SlapdConfigAgent.cc(WriteSchema):1432 Path .addFromLdif Length 1
2009-09-24 17:17:48 <1> vigor10(13904) [agent-slapdconfig] SlapdConfigAgent.cc(WriteSchema):1434 WriteSchema
2009-09-24 17:17:48 <1> vigor10(13904) [agent-slapdconfig] SlapdConfigAgent.cc(WriteSchema):1443 adding Ldif File: /usr/share/doc/packages/krb5/kerberos.ldif
2009-09-24 17:17:48 <1> vigor10(13904) [agent-slapdconfig] SlapdConfigAgent.cc(WriteSchema):1459 adding <cn=schema> to SchemaList
2009-09-24 17:17:48 <1> vigor10(13904) [libslapdconfig] slapd-config.cpp(OlcSchemaConfig):1280 OlcSchemaConfig::OlcSchemaConfig(const LDAPEntry &e) : OlcConf
igEntry(e)


/var/log/messages say:

Sep 24 17:17:48 vigor10 kernel: [ 4709.727176] y2base[13904]: segfault at 8 ip 00007f39af54efd0 sp 00007fff1a7d3d68 error 4 in libldapcpp.so.1.0.2[7f39af51b000+3f000]
Sep 24 17:17:48 vigor10 slapd[13706]: connection_read(14): no connection!
Sep 24 17:17:48 vigor10 slapd[13706]: connection_read(14): no connection!
Sep 24 17:18:37 vigor10 slapd[13706]: connection_read(14): no connection!
Sep 24 17:18:37 vigor10 slapd[13706]: connection_read(14): no connection!
Comment 1 Ralf Haferkamp 2009-09-24 15:44:34 UTC 
Ugh, the kerberos.ldif from krb5-plugin-kdb-ldap is actually meant to be loaded into eDir it doesn't work for OpenLDAP. I agree though, that yast2-ldap-server shouldn't crash on it :).

As a workaround you can you kerberos.schema. yast2-ldap-server converts that on the fly to ldif and should load it successfully. We should probably have a kerberos-openldap.ldif as well and preferably rename kerberos.ldif to kerberos-edir.ldif to make the problem more obvious.
Comment 2 Ralf Haferkamp 2009-09-25 14:16:37 UTC 
Submitted fixed yast2-ldap-server and ldapcpplib to Factory. Created a clone of this report as a reminder for SLE11-SP1.
Comment 3 Michael Calmer 2009-09-28 08:12:30 UTC 
(In reply to comment #1)
> We should probably have a
> kerberos-openldap.ldif as well and preferably rename kerberos.ldif to
> kerberos-edir.ldif to make the problem more obvious.

Is there a simple way to create a kerberos-openldap.ldif from kerberos.schema.
Than I can put a generation command it into the spec file.
Comment 4 Ralf Haferkamp 2009-09-28 13:06:28 UTC 
Created attachment 320093 [details]
Simple schema to LDIF tool

I'll add the attached script the openldap2-client package. Usage:

/usr/sbin/schema2ldif <schemafile>

the LDIF is printed to stdout.
Comment 5 Ralf Haferkamp 2009-09-28 14:10:42 UTC 
Package submitted to factory. Contains a slightly enhanced version of the above script that should preserve comment lines.

I guess it's best to open a separate request for krb-plugin-kdb-ldap to make use of the tool, I'll take care of that.
Comment 6 Ralf Haferkamp 2009-09-28 16:19:05 UTC 
Using perl was a bad idea actually, converted the script to awk. Usage is the same.
Comment 7 Bernhard Wiedemann 2016-04-15 09:55:02 UTC 
This is an autogenerated message for OBS integration:
This bug (541819) was mentioned in
https://build.opensuse.org/request/show/21096 Factory / ldapcpplib
https://build.opensuse.org/request/show/21249 Factory / openldap2