pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/42380: nss_ldap + pam_ldap + sshd = hang, *unless* you type the wrong password first

>Number:         42380
>Category:       pkg
>Synopsis:       nss_ldap + pam_ldap + sshd = hang, *unless* you type the wrong 
>password first
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Nov 26 07:10:00 +0000 2009
>Originator:     Konrad Schroder
>Release:        5.0_STABLE
University of Washington
NetBSD 5.0_STABLE NetBSD 5.0_STABLE (XEN3_DOMU) #1: Wed Nov 25 
12:51:22 PST 2009 

I've been debugging a curious problem with an LDAP-enabled system: LDAP users 
are correctly authenticated by PAM, but after they are authenticated the child 
process of sshd hangs forever.  This does *not* happen, however, if they first 
mistype their password.  After typing their password a second time they are 
logged in without difficulty.
Follow the steps outlined on  Try to log in, as a 
user defined in LDAP, using ssh.
The only thing I've found that worked, curiously, was to disable 
pthread_at_fork in the nss_ldap package.  I can't tell you why that would 
possibly do anything (I ran across it on the web, and tried it only out of 
desperation) but I can provide a crude patch that fixes the problem neatly on 
my systems:

Index: patches/patch-ah
RCS file: patches/patch-ah
diff -N patches/patch-ah
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-ah    26 Nov 2009 06:53:26 -0000
@@ -0,0 +1,11 @@
+--- ldap-nss.c.old     2009-11-25 22:47:25.000000000 -0800
++++ ldap-nss.c 2009-11-25 22:48:35.000000000 -0800
+@@ -23,6 +23,8 @@
+ #include "config.h"
+ #include <port_before.h>
+ #endif

Home | Main Index | Thread Index | Old Index