Package: slapd
Version: 2.4.23-7
Severity: critical
Tags: squeeze
After upgrading our LDAP server from lenny (2.4.11) to squeeze (2.4.23), we
have found
that the slapd process frequently hangs when adding new objects to the LDAP
tree. The
server freezes and will not accept any new connections until it is forcibly
terminated
with kill -9 and then the slapd process restarted.
When the slapd process has hung, I see the following backtrace in gdb:
(gdb) bt full
#0 0x00007fa50aca8be5 in pthread_join (threadid=140346751547136,
thread_return=0x0) at pthread_join.c:89
__ignore = <value optimized out>
_tid = 10340
_buffer = {__routine = 0x7fa50aca8ab0 <cleanup>, __arg = 0x7fa506457d28,
__canceltype = 105216464, __prev = 0x0}
oldtype = 0
result = <value optimized out>
#1 0x000000000042d72c in slapd_daemon () at
/home/devel/openldap/trunk/servers/slapd/daemon.c:2842
listener_tid = 140346751547136
rc = 0
#2 0x000000000041ae6a in main (argc=9, argv=0x7fffd2f2e5b0) at
/home/devel/openldap/trunk/servers/slapd/main.c:961
i = 9
no_detach = 0
rc = -12
urls = 0x7df0c0 "ldap:/// ldapi:///"
username = 0x7df100 "root"
groupname = 0x7df0e0 "ldap"
sandbox = 0x0
syslogUser = 160
configfile = 0x7df120 "/etc/ldap/slapd.conf"
configdir = 0x0
serverName = <value optimized out>
scp = <value optimized out>
scp_entry = <value optimized out>
debug_unknowns = 0x0
syslog_unknowns = 0x0
slapd_pid_file_unlink = 1
slapd_args_file_unlink = 1
firstopt = <value optimized out>
__PRETTY_FUNCTION__ = "main"
(gdb)
This suggests that there may be some kind of thread locking issue occurring
which is
causing the main process to hang.
I have raised this with upstream here:
http://www.openldap.org/lists/openldap-technical/201103/msg00175.html
and confirmed that the same issue occurs on a vanilla build of 2.4.23. Further
testing
here shows that issue appears to be resolved in 2.4.24.
This is an extremely critical DOS issue and means that Squeeze's 2.4.23
packages are
unusable in a production environment.
-- System Information:
Debian Release: 6.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages slapd depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii coreutils 8.5-1 GNU core utilities
ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libdb4.8 4.8.30-2 Berkeley v4.8 Database Libraries [
ii libgnutls26 2.8.6-1 the GNU TLS library - runtime libr
ii libldap-2.4-2 2.4.23-7 OpenLDAP libraries
ii libltdl7 2.2.6b-2 A system independent dlopen wrappe
ii libperl5.10 5.10.1-17 shared Perl library
ii libsasl2-2 2.1.23.dfsg1-7 Cyrus SASL - authentication abstra
ii libslp1 1.2.1-7.8 OpenSLP libraries
ii libuuid1 2.17.2-9 Universally Unique ID library
ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip
ii perl [libmime-base64-pe 5.10.1-17 Larry Wall's Practical Extraction
ii psmisc 22.11-1 utilities that use the proc file s
ii unixodbc 2.2.14p2-1 ODBC tools libraries
Versions of packages slapd recommends:
ii libsasl2-modules 2.1.23.dfsg1-7 Cyrus SASL - pluggable authenticat
Versions of packages slapd suggests:
ii ldap-utils 2.4.23-7 OpenLDAP utilities
-- debconf information excluded
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
