Bug#798964: marked as done (slapd: since security upgrade writing ber in accesslog is broken)

Debian Bug Tracking System Thu, 27 Dec 2018 10:21:33 -0800

Your message dated Thu, 27 Dec 2018 10:18:45 -0800
with message-id <[email protected]>
and subject line Re: Bug#798964: slapd: since security upgrade writing ber in 
accesslog is broken
has caused the Debian Bug report #798964,
regarding slapd: since security upgrade writing ber in accesslog is broken
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
798964: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798964
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: slapd
Version: 2.4.31-2+deb7u1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

   * What led up to the situation?

upgraded slapd to the security release on wheezy

see log appended

Sep 14 16:28:25 agenor slapd[11359]: conn=1000 fd=25 ACCEPT from 
IP=172.20.51.10:51214 (IP=172.20.50.25:389)
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" method=128
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" mech=SIMPLE ssf=0
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=0 RESULT tag=97 err=0 
text=
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=1 SRCH 
base="cn=accesslog" scope=2 deref=0 
filter="(&(objectClass=auditWriteObject)(reqResult=0))"
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 op=1 SRCH attr=reqDN 
reqType reqMod reqNewRDN reqDeleteOldRDN reqNewSuperior entryCSN
Sep 14 16:28:25 agenor slapd[11359]: send_search_entry: conn 1000  ber 
write failed.
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 fd=25 closed (connection 
lost on write)
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 fd=25 ACCEPT from 
IP=172.20.51.15:50934 (IP=172.20.50.25:389)
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" method=128
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" mech=SIMPLE ssf=0
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=0 RESULT tag=97 err=0 
text=
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=1 SRCH 
base="cn=accesslog" scope=2 deref=0 
filter="(&(objectClass=auditWriteObject)(reqResult=0))"
Sep 14 16:29:05 agenor slapd[11359]: conn=1001 op=1 SRCH attr=reqDN 
reqType reqMod reqNewRDN reqDeleteOldRDN reqNewSuperior entryCSN
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 fd=26 ACCEPT from 
IP=172.20.51.10:51215 (IP=172.20.50.25:389)
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" method=128
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=0 BIND dn="cn=o3-
synchro,ou=dsa,dc=master,dc=fdi" mech=SIMPLE ssf=0
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=0 RESULT tag=97 err=0 
text=
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=1 SRCH 
base="cn=accesslog" scope=2 deref=0 
filter="(&(objectClass=auditWriteObject)(reqResult=0))"
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 op=1 SRCH attr=reqDN 
reqType reqMod reqNewRDN reqDeleteOldRDN reqNewSuperior entryCSN
Sep 14 16:29:25 agenor slapd[11359]: send_search_entry: conn 1002  ber 
write failed.
Sep 14 16:29:25 agenor slapd[11359]: conn=1002 fd=26 closed (connection 
lost on write)

Cheers

-- System Information:
Debian Release: 8.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
-- 
Benoit Mortier
CEO 
OpenSides "logiciels libres pour entreprises" : http://www.opensides.eu/
Promouvoir et défendre le Logiciel Libre http://www.april.org/
Main developper in FusionDirectory : http://www.fusiondirectory.org/
Official French representative for OPSI : http://opsi.org/

signature.asc
Description: This is a digitally signed message part.

--- End Message ---

--- Begin Message ---
Hi Benoit,

a recent thread on openldap-technical reminded me of this bug.

On Mon, Sep 14, 2015 at 04:37:11PM +0200, Benoit Mortier wrote:
Sep 14 16:28:25 agenor slapd[11359]: send_search_entry: conn 1000  ber write 
failed.
Sep 14 16:28:25 agenor slapd[11359]: conn=1000 fd=25 closed (connection lost on 
write)
http://www.openldap.org/lists/openldap-technical/201812/msg00054.html
http://www.openldap.org/lists/openldap-technical/201812/msg00055.html
I believe those messages make it clear that this is not a problem with the server, but only with clients that are closing their connections without unbinding first.
Since this bug has been tagged 'moreinfo' for three years I will close it now, you are of course welcome to reopen it if there is still an issue that needs to be addressed in the package.
thanks
Ryan
--- End Message ---

Bug#798964: marked as done (slapd: since security upgrade writing ber in accesslog is broken)

Reply via email to