[Bug 1912256] Re: Missing channel binding prevents authentication to ActiveDirectory
I should maybe add the following detail: Channel binding, from all I can tell, is only available via TLS (even conceptually). That is, the issue mentioned in the bug report only happens when using ldaps. In certain cases, it is therefore possible to work around the lack of channel binding by _not using TLS_. Typically, you'll have to set minssf to >=1 if TLS is not used, due to security settings of the LDAP server (AD DC). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1912256 Title: Missing channel binding prevents authentication to ActiveDirectory To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1912256/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1912256] Re: Missing channel binding prevents authentication to ActiveDirectory
Might have been confusing to write # kinit $ export LDAPSASL_CBINDING=tls-endpoint Both are supposed to be called from the same user. I meant to imply that an existing, valid ticket in the current user's credential cache is required for krb5 authentication via SASL in the ldapwhoami step. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1912256 Title: Missing channel binding prevents authentication to ActiveDirectory To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1912256/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1912256] [NEW] Missing channel binding prevents authentication to ActiveDirectory
Public bug reported: > Are you uncertain if your issue is really a bug? Effect is an authentication error. Root case is a "missing feature" (see below) and requires updating dependencies, downporting. > If you are certain this is a bug please include the source package the bug is > in. It's in the interaction between three libraries: openldap, cyrus-sasl, krb5 > 1) The release of Ubuntu you are using, via 'lsb_release -rd' or System -> > About Ubuntu Broken in 18.04 and also in 20.10 (I guess it's also broken in anything inbetween) > 2) The version of the package you are using, via 'apt-cache policy pkgname' or by checking in Software Center libsasl2-modules-gssapi-mit: 2.1.27+dfsg-2ubuntu1 ldap-utils: 2.4.53+dfsg-1ubuntu1.2 libgssapi-krb5-2: 1.17-10ubuntu0.1 > 3) What you expected to happen # kinit $ export LDAPSASL_CBINDING=tls-endpoint $ ldapwhoami -O minssf=0,maxssf=0 -N -Y GSSAPI -H ldaps:// SASL/GSSAPI authentication started SASL username: SASL SSF: 0 u: > 4) What happened instead SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Invalid credentials (49) additional info: 80090346: LdapErr: DSID-0C090597, comment: AcceptSecurityContext error, data 80090346, v4563 --- Microsoft ActiveDirectory has "LDAP Channel Binding" and recommends activating this as a required feature. See https://access.redhat.com/articles/4661861 Authentication to any AD DC which has mandatory channel binding fails. Channel binding requires at least an update to cyrus-sasl, which is not in any release as far as I can see: https://github.com/cyrusimap/cyrus- sasl/commit/975edbb69070eba6b035f08776de771a129cfb57 It also needs this commit in openldap: https://git.openldap.org/openldap/openldap/-/commit/3cd50fa8b32a21040a9892e2a8a7a9dfc7541ce6 Which as far as I can tell is v2.5 (branch OPENLDAP_REL_ENG_2_5). RH also mentions it needs up-to-date krb5 libraries, but I can't tell what minimum version this needs. I can build all libraries from source, current master (except for krb5 where I've used 1.18.3) and can confirm that channel binding works when using those libraries. I'm not sure if Samba is affected, but at least adcli, ldap-utils, and I would guess by extension also SSSD and realmd. ** Affects: openldap (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1912256 Title: Missing channel binding prevents authentication to ActiveDirectory To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1912256/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1211511] Re: update-manager hides but wants to install ignored phased updates
I also still have this on 15.04. I have removed all non-Ubuntu repositories but to no avail. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1211511 Title: update-manager hides but wants to install ignored phased updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1211511/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 573853] Re: Cannot control squid Unknown instance
I have the very same behaviour. Using the modified post-stop script cures it a bit as it makes stop and start working again. However, reloading does NOT work. It seems, squid terminates somehow when a -HUP is received. -- Cannot control squid Unknown instance https://bugs.launchpad.net/bugs/573853 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 573853] Re: Cannot control squid Unknown instance
I have the very same behaviour. Using the modified post-stop script cures it a bit as it makes stop and start working again. However, reloading does NOT work. It seems, squid terminates somehow when a -HUP is received. -- Cannot control squid Unknown instance https://bugs.launchpad.net/bugs/573853 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 232241] Re: vdr-sxfe segmentation fault on key press
Javier Jardón schrieb: Thank you for taking the time to report this bug and helping to make Ubuntu better. You reported this bug a while ago and there hasn't been any activity in it recently. We were wondering is this still an issue for you? Can you try with latest Ubuntu release? Thanks in advance. Hi, i have switched to another repository for these packages and I am sorry, but I can't test with the Ubuntu packages any longer. Best regards, Robert -- vdr-sxfe segmentation fault on key press https://bugs.launchpad.net/bugs/232241 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 197400] Re: vdr-sxfe crashed with SIGSEGV in dbus_g_proxy_call()
Still, neither running it as root nor unsetting any env var cures my problem. I have opened another bug #232241 as this one here could be a different problem. I have also attached more information to the other bug. If someone wants to look into that and needs more information ... I do anything to help to fix this bug. It keeps me away from upgrading six machines. -- vdr-sxfe crashed with SIGSEGV in dbus_g_proxy_call() https://bugs.launchpad.net/bugs/197400 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 232241] Re: vdr-sxfe segmentation fault on key press
Is there anything I can do to have some body look after that? This bug prevents a lot of machine upgrades here at my end for me and friends. Unfortunately, I cannot fix the bug myself and I would really appreciate if somebody could look into that? -- vdr-sxfe segmentation fault on key press https://bugs.launchpad.net/bugs/232241 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 232241] Re: vdr-sxfe segmentation fault on key press
It seems to crash here, but now I am lost. 1146 LOGDBG(Keypress: %s %s %s %s, (gdb) s 1148 if(input) { (gdb) s 1150if(input_vdr-f.input_control) { (gdb) s 1151 input_vdr-f.input_control(input, map, key, repeat, release); (gdb) s Program received signal SIGSEGV, Segmentation fault. 0x0035 in ?? () list Can someone help? -- vdr-sxfe segmentation fault on key press https://bugs.launchpad.net/bugs/232241 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 197400] Re: vdr-sxfe crashed with SIGSEGV in dbus_g_proxy_call()
I have tested both, neither removing the environment variable nor running vdr-sxfe as root cures my problem. Whenever I press a key, the thing dies. -- vdr-sxfe crashed with SIGSEGV in dbus_g_proxy_call() https://bugs.launchpad.net/bugs/197400 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 232241] [NEW] vdr-sxfe segmentation fault on key press
Public bug reported: Binary package hint: vdr-plugin-xineliboutput Using vdr-sxfe on 8.04 causes a segmentation fault whenever one presses any key other than ESC. I have reproduced this on five different machines. Some were newly installed Ubuntu 8.04 some were upgraded from 7.x. This seems not to be related to bug 197400. ** Affects: vdr-plugin-xineliboutput (Ubuntu) Importance: Undecided Status: New -- vdr-sxfe segmentation fault on key press https://bugs.launchpad.net/bugs/232241 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 232241] Re: vdr-sxfe segmentation fault on key press
Here is a backtrace of the bug ** Attachment added: gdb-vdr-sxfe.txt http://launchpadlibrarian.net/14624153/gdb-vdr-sxfe.txt -- vdr-sxfe segmentation fault on key press https://bugs.launchpad.net/bugs/232241 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 197400] Re: vdr-sxfe crashed with SIGSEGV in dbus_g_proxy_call()
I have done some further tests yesterday. As of my 04/28 posting, I only have segmentation faults whenever I press a key. I can have the frontend running fine as long as I don't touch the keyboard. So again my question, am I seeing a different bug than what this one relates to? However, I also noticed that the sound goes away every now and then. It is neither reproducable nor does it appear at a certain time. Switching channels within VDR brings the sound back. Though only for some time. -- vdr-sxfe crashed with SIGSEGV in dbus_g_proxy_call() https://bugs.launchpad.net/bugs/197400 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 197400] Re: vdr-sxfe crashed with SIGSEGV in dbus_g_proxy_call()
I am seeing a segmentation fault whenever I press a key on the keyboard, but that occurs no matter whether I am a user or root. Anybody else seeing this? Is this another bug that should be filed? -- vdr-sxfe crashed with SIGSEGV in dbus_g_proxy_call() https://bugs.launchpad.net/bugs/197400 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs