[Issue 9656] slapd crashes when ppm settings don't exist in the schema

30 Aug 2021


      https://bugs.openldap.org/show_bug.cgi?id=9656
--- Comment #10 from ktmdms@gmail.com ktmdms@gmail.com ---
slapd.conf:
loglevel 0xffff
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/openldap.schema
include         /usr/local/etc/openldap/schema/sudo.schema
include         /usr/local/etc/openldap/schema/openssh-lpk-openldap.schema
allow bind_v2
pidfile         /usr/local/var/run/slapd.pid
argsfile        /usr/local/var/run/slapd.args
modulepath      /usr/local/libexec/openldap
moduleload syncprov.la
moduleload accesslog.la
moduleload pw-sha2.la
serverID 1
password-hash   {SHA512}
TLSCACertificateFile  /etc/pki/CA/certs/CAcert.pem
TLSCertificateFile  /etc/pki/CA/certs/newldap0.mgt.cert.pem
TLSCertificateKeyFile /etc/pki/CA/private/newldap0.mgt.key.pem
TLSVerifyClient demand
access to dn.base="" by * read
access to attrs=userPassword,shadowLastChange
access to *
database config
rootdn "cn=admin,cn=config"
rootpw {SHA512}<obfuscated>
access to attrs=userPassword,shadowLastChange
access to *
database monitor
access to *     
database        mdb
maxsize         1073741824              
suffix          "dc=lecpq,dc=com"    
rootdn          "cn=Manager,dc=lecpq,dc=com"
rootpw          {SHA512}<obfuscated>    
directory       /usr/local/var/openldap-data
index objectClass                       eq,pres
index sudoUser                       eq
index sudoHost                       eq
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 500
access to attrs=userPassword,shadowLastChange
access to *
overlay ppolicy
ppolicy_default "cn=DefaultPassword,ou=Policies,dc=lecpq,dc=com"
ppolicy_use_lockout
checkpoint      10240 720
policy in schema:
dn: cn=DefaultPassword,ou=Policies,dc=lecpq,dc=com
cn: DefaultPassword
objectClass: top
objectClass: device
objectClass: pwdPolicy
objectClass: pwdPolicyChecker
pwdAttribute: userPassword
pwdCheckQuality: 2
pwdExpireWarning: 604800
pwdGraceAuthNLimit: 0
pwdLockout: TRUE
pwdLockoutDuration: 300
pwdMaxFailure: 5
pwdFailureCountInterval: 0
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: TRUE
structuralObjectClass: device
entryUUID: cdc64442-6617-1035-98aa-075e3d1a7c2f
creatorsName: cn=Manager,dc=lecpq,dc=com
createTimestamp: 20160212210326Z
pwdMinAge: 86400
pwdMaxAge: 5184000
pwdMinLength: 15
pwdInHistory: 4
pwdCheckModule: ppm.so
entryCSN: 20210830143808.705188Z#000000#001#000000
modifiersName: cn=Manager,dc=lecpq,dc=com
modifyTimestamp: 20210830143808Z
This is the setup that failed.  adding the full path to pwdCheckModule and the
attribute pwdCheckModuleArg (populated) caused it to work.
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 9656] slapd crashes when ppm settings don't exist in the schema