Downgrading nss_ldap "fixed" our su issue. Kent 2008/5/22 Kenton Brede <[EMAIL PROTECTED]>: > 2008/5/21 Stephen John Smoogen <[EMAIL PROTECTED]>: >> I am not sure exactly what has caused the change but bash is acting >> differently after updating to 5.2 >> >> For a local user with local password (root, joeblow) the user is able >> to login without any problems or errors. >> For a user that gets authenticated via ldap I am now getting a series >> of 'errors' and commands not working. >> >> -bash: [: =: unary operator expected >> -bash: [: -le: unary operator expected >> -bash: [: ==: unary operator expected >> >> the errors come when bash tries to run commands in /etc/profile and >> /etc/profile.d/* with $() or `` as in >> [ `/usr/bin/id -u`=0 ] and `/usr/bin/id -u` does not run. >> >> If I create a user locallly it runs ok. I looked in selinux logs to >> see if it was being stopped for some reason (nope). turned off selinux >> rebooted and still bash acted funny. >> >> the local user with /home/testluser works fine... but accounts not in >> /home are not workign for some reason.. /nfs/home for example. >> >> Downgrading to bash-3.1.16 removed the issue. > > We've got the same issue here on our servers. What's even worse su > appears to be broken. Our user accounts are all in LDAP but we can't > su to any of them now or to root. > > The only way anyone can log in locally *on console*, except root, is if nscd > is running. I created a local account on one of the boxes and I can't log > into > it on console either. > > Remotely via ssh we can log into the boxes with LDAP accounts or local user > accounts. We don't get the "bash: [: =: unary operator expected" error when > we use the local user account but we do get that error when we log in via the > LDAP accounts. Starting nscd stops the error. > > My issue is ATM trying to get su to work so we can do some work. No one > can su to root or any other user account. We could before the upgrade. > > What a mess. > Kent >
_______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
