This still occurs with with ubuntu 19.04. This also may be a potential resource leak/security problem. It looks like each authentication creates a new entry in processe's maps file that looks like this:
/usr/lib/x86_64-linux-gnu/krb5/plugins/authdata/sssd_pac_plugin.so After running for some time slapd processes gets many of those: cat /proc/877/maps | grep sssd_pac_plugin.so | wc -l 3381 I guess at some point it will run out of resources and crash. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1702801 Title: Apparmor complaints about sssd_pac_plugin.so in dmesg Status in openldap package in Ubuntu: New Bug description: I have slapd running and use krb authentication. Every time someone authenticates on a box connected to slapd/krb I get a few lines like this in server logs: audit: type=1400 audit(1499390102.162:5253): apparmor="DENIED" operation="file_mmap" profile="/usr/sbin/slapd" name="/usr/lib/x86_64 -linux-gnu/krb5/plugins/authdata/sssd_pac_plugin.so" pid=2513 comm="slapd" requested_mask="m" denied_mask="m" fsuid=107 ouid=0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1702801/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
