- openldap-bugs - openldap.org

[Issue 6765] SASL support of "Verify Credentials" extop
by openldap-its＠openldap.org 17 Sep '24

17 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=6765 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Server-side support of |SASL support of "Verify |"Verify Credentials" extop |Credentials" extop -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6942] updateref config is inadequate
by openldap-its＠openldap.org 17 Sep '24

17 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=6942 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |ondra(a)mistotebe.net -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6531] Modify updateref to generate referrals on the backend
by openldap-its＠openldap.org 17 Sep '24

17 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=6531 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |ondra(a)mistotebe.net -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10217] New: autoca should support more key types
by openldap-its＠openldap.org 17 Sep '24

17 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=10217 Issue ID: 10217 Summary: autoca should support more key types Product: OpenLDAP Version: 2.6.7 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: enhancement Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Currently autoca only creates certificates using RSA keypairs. It should at least have an option to use Elliptic Curve keypairs. It probably also needs options to specify other signature algorithms other than the default of SHA256. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9813] New: Incompatibility between remoteauth and ppolicy overlays
by openldap-its＠openldap.org 17 Sep '24

17 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=9813 Issue ID: 9813 Summary: Incompatibility between remoteauth and ppolicy overlays Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: thierry.pubellier(a)paris.fr Target Milestone: --- Hi, We are planning to use OpenLDAP as a proxy for some users in our Active Directory servers, using remoteauth overlay. We want this OpenLDAP instance to also implement an account lockout policy, preventing the lockout on our internal Active Directory servers. But there seems to be an incompatibility between remoteauth and ppolicy overlays : remoteauth won't remote authenticate a user if local userPassword attribute exists, while ppolicy overlay needs this attribute. Could there be a configuration parameter in ppolicy to allow lockout checks/modifications (which seemed to be the default behavior of OpenLDAP before ITS#7089) ? I can provide a patch if allowed. Thanks by advance, Best regards, Thierry -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 8476] slapo-constraint: info per constraint_attribute
by openldap-its＠openldap.org 17 Sep '24

17 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=8476 --- Comment #2 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Seems like a good idea. For constraints where no custom message was provided, we could return the constraint number to provide a pointer to which constraint was triggered. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9652] New: Add "tee" capability to load balancer
by openldap-its＠openldap.org 17 Sep '24

17 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=9652 Issue ID: 9652 Summary: Add "tee" capability to load balancer Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: lloadd Assignee: bugs(a)openldap.org Reporter: mhardin(a)symas.com Target Milestone: --- This is a request for an enhancement that would add a "tee" or "fan-out" capability to load balancer, where received operations are sent to two or more destinations simultaneously. The primary goal or the enhancement is to make it possible to keep multiple independent and likely dissimilar directory systems in lock-step with each other over hours, days, or possibly even weeks. The enhancement would not necessarily need to include a mechanism for converging the target systems should they become out of sync. This is not intended to be a replication solution, rather it is viewed more as a "copy" solution intended to be used for specific short-term tasks that need multiple directory systems to be exactly synchronized but where replication is not desirable or even possible. At least two uses come to mind: 1. Test harnesses, evaluating side-by-side operation of separate directory systems over time 2. Directory system transition validation harnesses 3. (maybe) Part of a test harness to record or replay LDAP workloads * Other uses? -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9667] New: 2.6 to 2.7 upgrade documentation
by openldap-its＠openldap.org 17 Sep '24

17 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=9667 Issue ID: 9667 Summary: 2.6 to 2.7 upgrade documentation Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Need to document any upgrade information for going from 2.6 to 2.7 -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 6198] Authorization for extensions
by openldap-its＠openldap.org 12 Sep '24

12 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=6198 --- Comment #6 from Ondřej Kuzník <ondra(a)mistotebe.net> --- A few open questions I can't resolve yet: - Do we rely on OID macros from schema or let slap_control/load_extop2 register it? The suggestions above tend to prefer OID macros but they have to be defined in the schema (there's only one) and they're currently case-sensitive For controls: - Do we want to be able to use ACLs to turn non-critical controls to ignored? - Do we want to be able to use ACLs to refuse control combinations? - Apart from the 'to' clause, do we want it allowed in the 'by' clause as well (when would it be useful? There's control combinations, anything else?) I'll start with "no" to all 3 of the above for now. As for combination with other specifiers (especially for exops), ACL checks are issued with the operation and an entry right now, they do make sense in that scope so password modify/DDS refresh should be in the clear. Other extops are more of a problem: - whoami: technically there is a DN but it doesn't have to correspond to an entry - verify credentials: tricky, since it's processed as a bind - cancel: abandon can't be restricted, so probably the same - turn: no idea - ChainedRequest: even less of one Probably happy for those to be impossible to restrict in this way, at least for now. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9305] New: ldap_connect_to_host: Return code from getaddrinfo() discarded, troubleshooting difficult
by openldap-its＠openldap.org 10 Sep '24

10 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=9305 Issue ID: 9305 Summary: ldap_connect_to_host: Return code from getaddrinfo() discarded, troubleshooting difficult Product: OpenLDAP Version: 2.4.46 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: minfrin(a)sharp.fm Target Milestone: --- When the ldap_connect_to_host() function sees a failure from getaddrinfo(), the meaningless return code -1 is returned. This makes troubleshooting difficult on a webserver, where the low level printf debugging is not practical. (gdb) step ldap_connect_to_host (ld=ld@entry=0x7fffc4002e10, sb=0x7fffc400b240, proto=1, srv=srv@entry=0x7fffc400b2f0, async=async@entry=0) at os-ip.c:543 543 { (gdb) next 546 ber_socket_t s = AC_SOCKET_INVALID; (gdb) 562 if ( srv->lud_host == NULL || *srv->lud_host == 0 ) { (gdb) 568 port = srv->lud_port; (gdb) 570 if( !port ) { (gdb) 578 switch(proto) { (gdb) 580 osip_debug( ld, (gdb) warning: Source file is more recent than executable. 71 return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest)); (gdb) 598 hints.ai_flags = AI_ADDRCONFIG; (gdb) 601 hints.ai_socktype = socktype; (gdb) 602 snprintf(serv, sizeof serv, "%d", port ); (gdb) 605 LDAP_MUTEX_LOCK(&ldap_int_resolv_mutex); (gdb) 607 err = getaddrinfo( host, serv, &hints, &res ); (gdb) 609 LDAP_MUTEX_UNLOCK(&ldap_int_resolv_mutex); (gdb) 611 if ( err != 0 ) { (gdb) 612 osip_debug(ld, "ldap_connect_to_host: getaddrinfo failed: %s\n", (gdb) print host $3 = <optimized out> (gdb) print serv $4 = "636\000\000\000" (gdb) next 614 return -1; (gdb) The ldap_connect_to_host() function needs to return proper error codes. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 8905] Client side debug log should include timestamps
by openldap-its＠openldap.org 10 Sep '24

10 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=8905 Howard Chu <hyc(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |gnoe(a)symas.com -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7982] Add tls cipher suite, protocol to ldapsearch debug logging
by openldap-its＠openldap.org 10 Sep '24

10 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=7982 Howard Chu <hyc(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |ondra(a)mistotebe.net -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9398] New: Stale accesslog cookie due to unclean shutdown
by openldap-its＠openldap.org 10 Sep '24

10 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=9398 Issue ID: 9398 Summary: Stale accesslog cookie due to unclean shutdown Product: OpenLDAP Version: 2.4.56 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- If slapd terminates uncleanly, a checkpoint will be lost on the accesslog db. Depending on the syncprov overlay checkpoint settings (usually no checkpointing is enabled on the accesslog db) this can cause the system to refuse engage in replication at startup. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Bug 9225] New: back-mdb: Add support for PREPARE/2-phase commit
by openldap-its＠openldap.org 10 Sep '24

10 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=9225 Bug ID: 9225 Summary: back-mdb: Add support for PREPARE/2-phase commit Product: OpenLDAP Version: 2.4.50 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Add support for PREPARE/2-phase commit in back-mdb -- You are receiving this mail because: You are on the CC list for the bug.

1 9

[Issue 8943] back-mdb: speed up parallel add/delete
by openldap-its＠openldap.org 10 Sep '24

10 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=8943 Howard Chu <hyc(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |SUSPENDED --- Comment #6 from Howard Chu <hyc(a)openldap.org> --- One major problem here is that overlays assume they all execute in the same thread for the duration of an operation. Putting the response in the worker thread would break overlay response callbacks. It would be quite a lot of refactoring to make overlays thread-independent, and that's not going to happen soon. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10255] New: OpenLDAP should leak the SSL ctx and not try to free it in an atexit() handler
by openldap-its＠openldap.org 03 Sep '24

03 Sep '24

https://bugs.openldap.org/show_bug.cgi?id=10255 Issue ID: 10255 Summary: OpenLDAP should leak the SSL ctx and not try to free it in an atexit() handler Product: OpenLDAP Version: 2.6.7 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: simon.pichugin(a)gmail.com Target Milestone: --- As mentioned in the subject, OpenLDAP incorrectly handles OpenSSL in its destructor. Сomprehensive information can be found here (along with a possible solution): https://github.com/openssl/openssl/issues/25294 -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9796] New: Deprecate GnuTLS support
by openldap-its＠openldap.org 20 Aug '24

20 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=9796 Issue ID: 9796 Summary: Deprecate GnuTLS support Product: OpenLDAP Version: 2.6.1 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Support for GnuTLS was added specifically for the Debian (and thus Ubuntu) due to the license objections at the time that the Debian project had for the OpenSSL license. Since that time, Debian has reclassified OpenSSL as a core library and the OpenSSL project has resolved the original complaint by licensing OpenSSL 3 and later under the Apache License v2. Thus there is no longer a reason to maintain support for GnuTLS and given the long standing concerns over the security and quality of the GnuTLS bridge in addition to the extra cost of maintaining that code, it should be marked as deprecated and removed in a future release. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 10252] New: Unable to fetch groups and users at duo admin panel for enabling MFA for Ldap users
by openldap-its＠openldap.org 14 Aug '24

14 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=10252 Issue ID: 10252 Summary: Unable to fetch groups and users at duo admin panel for enabling MFA for Ldap users Product: OpenLDAP Version: 2.5.18 Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ajay41.kumar(a)airtel.com Target Milestone: --- Hi Team, I got stuck at configuring openldap server with member of overlay for groups with below requirement.We are trying to enable Multifactor authentication using duo auth proxy & duo admin panel configuration for ldap users. Ldap server is getting synced successfully with Duo admin portal but groups and users details not fetching at duo admin portal. Duo support team mentioned to change ldap configuration as mention article. Can someone help me, How i can make these changes. https://duo.my.site.com/s/article/4529?language=en_US -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10251] New: wrong type passed to getsockname
by openldap-its＠openldap.org 13 Aug '24

13 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=10251 Issue ID: 10251 Summary: wrong type passed to getsockname Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- New compilers don't allow passing sockaddr_storage * to getsockname() so clients/tools/common.c no longer compiles. Fix is coming. -- You are receiving this mail because: You are on the CC list for the issue.

1 1

[Issue 10250] New: syncrepl_diff_entry assumes attributes come in the same order
by openldap-its＠openldap.org 13 Aug '24

13 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=10250 Issue ID: 10250 Summary: syncrepl_diff_entry assumes attributes come in the same order Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- When trying to diff an entry, syncrepl_diff_entry explicitly assumes attribute come in the same order. That's not always the case and could cause it to report a spurious rewrite of the attribute. Normally this is ok, unless the rewrite itself (not) occurring has other side-effects, when it could cause issues. (e.g. a DB with memberof inconsistencies being mysteriously repaired in some scenarios, which is how it was found). -- You are receiving this mail because: You are on the CC list for the issue.

1 1

[Issue 10244] New: Fix pointer type
by openldap-its＠openldap.org 10 Aug '24

10 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=10244 Issue ID: 10244 Summary: Fix pointer type Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: zanaviska(a)tutanota.com Target Milestone: --- Created attachment 1026 --> https://bugs.openldap.org/attachment.cgi?id=1026&action=edit passed temprorary variable Hi I am trying to add MINGW support for another project, But each time I get an error ``` mdb.c:3921:76: error: passing argument 3 of 'GetOverlappedResult' from incompatible pointer type [-Wincompatible-pointer-types] note: expected 'LPDWORD' {aka 'long unsigned int *'} but argument is of type 'ssize_t *' {aka 'long long int *'} ``` So I came up with a fix for your software, with I attach in attachment -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10243] New: Looking to get account on OpenLDAP Gitlab
by openldap-its＠openldap.org 06 Aug '24

06 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=10243 Issue ID: 10243 Summary: Looking to get account on OpenLDAP Gitlab Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: ak.openldap(a)anroet.com Target Milestone: --- I'm trying to open an account on Gitlab. The purpose for having an account on gitlab is so that I can start the process of building a docker image for use in our Production K8s environment. Currently, I can only find docker images for version 2.4 and the admission controllers in out production k8s clusters isn't having none of that. I'm attempting to create an account using the following email address: ak.openldap(a)anroet.com -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10246] New: Impossible to add integerOrderingMatch ordering rule for integer syntax attribute
by openldap-its＠openldap.org 02 Aug '24

02 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=10246 Issue ID: 10246 Summary: Impossible to add integerOrderingMatch ordering rule for integer syntax attribute Product: OpenLDAP Version: 2.5.18 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: thierryblaise(a)hotmail.com Target Milestone: --- Hi everyone, As I don't know anymore where to search, I'm trying here: I added a custom objectClass to my v2.5.18 openLDAP deployment schema, and in that schema, there's an attribute of type integer that I need to be able to search for with filter "<=" and ">=". To that end, and to my knowledge and following documentation (https://www.openldap.org/doc/admin25/schema.html#Attribute%20Type%20Specifi…), I need to declare an ordering matching rule in attribute definition of the schema. However, when I do that with the following olcAttributeTypes definition : olcAttributeTypes: ( 1.3.6.1.4.1.xxx.x.x.xxx NAME 'last-modified' DESC 'Object Last Modified Time' ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) and try to import the ldif containing this definition, the following error appears: modifying entry "cn={5}clients,cn=schema,cn=config" ldap_modify: Other (e.g., implementation specific) error (80) additional info: olcAttributeTypes: AttributeType inappropriate matching rule: "integerOrderingMatch" I tried with all documented OrderingMatch rules in case, but same error modulo name of OrderingMatch rule. Basic schemas only have been imported (core, nis, cosine, inetOrgPerson) Any idea what I do wrong? -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 10245] New: mdb_env_set_maxdbs signature appears incorrect
by openldap-its＠openldap.org 31 Jul '24

31 Jul '24

https://bugs.openldap.org/show_bug.cgi?id=10245 Issue ID: 10245 Summary: mdb_env_set_maxdbs signature appears incorrect Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: bchik(a)meta.com Target Milestone: --- The current signature for mdb_env_set_maxdbs: int mdb_env_set_maxdbs(MDB_env *env, MDB_dbi dbs); The documentation says the second parameter is intended to be the maximum number of databases, however, the parameter is typed as a DB handle. This appears to work because MDB_dbi is typedef'd to an unsigned int. I believe the intended signature would be: int mdb_env_set_maxdbs(MDB_env *env, unsigned int dbs); -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10241] New: Crash in mdb_page_search_root()
by openldap-its＠openldap.org 22 Jul '24

22 Jul '24

https://bugs.openldap.org/show_bug.cgi?id=10241 Issue ID: 10241 Summary: Crash in mdb_page_search_root() Product: LMDB Version: 0.9.24 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: david.komarek(a)whalebone.io Target Milestone: --- Hello, The LMDB is crashing in mdb_page_search_root() on following instruction `0x7f85221479d2 movzwl 0xa(%rdx),%eax`. This instruction corresponds to following line in source code - https://github.com/LMDB/lmdb/blob/LMDB_0.9.24/libraries/liblmdb/mdb.c#L5485 (while access mp_flags in MDB_page structure) Here is callstack as generated by core dump (without symbols as we're using package from Ubuntu repositories) ``` Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f85221479d2 in ?? () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0 No symbol table info available. #1 0x00007f8522147d15 in ?? () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0 No symbol table info available. #2 0x00007f8522148432 in ?? () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0 No symbol table info available. #3 0x00007f8522148a70 in mdb_get () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0 No symbol table info available. ``` Translation ``` #0 mdb_page_search_root() #1 mdb_page_search() #2 mdb_cursor_set() #3 mdb_get() ``` Registers in time of crash: ``` rax 0x2 2 rbx 0x7ffcd8d2a100 140723946168576 rcx 0x3 3 rdx 0x7f825baf7000 140197860700160 rsi 0x1000 4096 rdi 0x7f851c00f4d0 140209677202640 rbp 0x0 0x0 rsp 0x7ffcd8d29e40 0x7ffcd8d29e40 r8 0x7ffcd8d29e50 140723946167888 r9 0x7f851c00f5b8 140209677202872 r10 0x7f851c003090 140209677152400 r11 0x2ce33e6c02ce33e7 3234497591006606311 r12 0x0 0 r13 0x7ffcd8d2a510 140723946169616 r14 0x79 121 r15 0x7f851c003098 140209677152408 rip 0x7f85221479d2 0x7f85221479d2 eflags 0x10246 [ PF ZF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 k0 0x40 64 k1 0xfffff0f0 4294963440 k2 0xff01 65281 k3 0xffffffff 4294967295 k4 0xffffffff 4294967295 k5 0xffffffff 4294967295 k6 0xffffffff 4294967295 k7 0x0 0 ``` Our setup is following: We have single process (running in separate container) which reads and writes to LMDB. It opens environment with following flags MDB_NORDAHEAD|MDB_WRITEMAP|MDB_NOTLS|MDB_NOSYNC. The environment contain several DBs. All DBIs are open with MDB_CREATE flag. Transactions are open without flags. On the other hand we have several processes running in the single container, which are only allowed read (these processes crash). The environment is open with following flags MDB_NORDAHEAD|MDB_WRITEMAP|MDB_NOTLS|MDB_RDONLY. All DBIs are open without flags. Transactions are open with MDB_RDONLY flag. Could you please investigate it? If you will need some other artifacts or comments, please let me know. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs