[tech] Mussel auth down?
Matt Johnston
matt at ucc.asn.au
Wed Aug 1 15:38:45 WST 2007
On Wed, Aug 01, 2007 at 03:10:06PM +0800, David Adam wrote:
> On Wed, 1 Aug 2007, James Cox wrote:
> > I'm not sure if this is happening on the internal network or just the SNAP
> > interface (10.11.0.13 routes to mussel if you didn't know) but SSH
> > connections are no progressing path the username entering stage.
>
> LDAP crashed at some stage, preventing user (and root, blech) logins to
> mussel and other machines - [MSH] thought 5pm yesterday, but I was using
> it fine at 1am today.
...
> Probably need to investigate:
> - why LDAP didn't failover to Martello
Yeah, might have actually been at ~1:25am that it died, when
mail stopped flowing. It's meant to failover to martello,
though it seems there is a bug in libsasl that we're
hitting - the combination of TLS encryption and failovers
hits
cyrus.c:468: ldap_int_sasl_open: Assertion `lc->lconn_sasl_ctx == ((void *)0)' failed.
(saw that both on mussel and mooneye).
http://lists.debian.org/debian-devel/2005/04/msg00782.html
sounds like the same thing.
I'm not really sure how ldap linking works - libpam-ldap is
linking against libldap-2.1.30 (via libldap_r.so.2), but
libldap 2.2 and 2.3 are in debian stable too.
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332693
sounds like maybe ldap in debian isn't maintained much?) It
looks like there's been some changes to cyrus.c in those
releases that might fix things?
Matt
More information about the tech
mailing list