How I test: 1) Configure slapd (server) and libnss-ldap/ldap-utils (client) Note: Ubuntu Server Guide is a godsend to a newbie. https://help.ubuntu.com/lts/serverguide/openldap-server.html
2) Configure slapd (server) to serve up desired /etc/hosts information Note: The Arch folks have some good examples of this: https://wiki.archlinux.org/index.php/LDAP_Hosts 3) Configure nsswitch to use ldap - Add 'ldap' to the 'hosts' entry in /etc/nsswitch NOTE: make sure to disable 'nscd'! 4) Test libldap-nss/ldap working as expected: $ getent hosts -Should see the hosts as entered into slapd added now 5) Now configure for StartTLS Again see Ubuntu documentation: https://help.ubuntu.com/lts/serverguide/openldap-server.html 6) Retest to make sure still working $getent hosts Note: You can verify that StartTLS is working by enabling logging on slapd and then, $ grep STARTTLS /var/log/syslog Note: log enabling for slapd: http://blog.suretecsystems.com/archives/163-OpenLDAP-Quick-Tips-Change-loglevels-on-the-fly!.html , i enabled 'all' You should see a STARTTLS connection every time you call 'getent hosts', if its working as expected. If you are hardcore, you can also configure the server to _only_ accept STARTTLS, but I'll leave that as an exercise for the reader. 7) Now you can test the bug! (Note: I modified the testcase provided to use getbyhostname) ubuntu@tldapclient:~$ ./testhosts.pl Parent! Parent wake! Done! ^^ Note the lack of "Child!", because the child has segfaulted. 8) With the fix: ubuntu@tldapclient:~$ ./testhosts.pl Parent! Child! Done! Parent wake! Done! ^^ Note the child survived. \o/ ** Attachment added: "testhosts.pl" https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1397250/+attachment/4764554/+files/testhosts.pl -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1397250 Title: SIGPIPE not caught in do_atfork_child() To manage notifications about this bug go to: https://bugs.launchpad.net/nss-ldap/+bug/1397250/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
