Quanah Gibson-Mount <quanah(a)stanford.edu> writes:
The libraries compiled against GnuTLS are:
:/usr/lib> ldd libldap.so.2.0.130
libgnutls.so.11 => /usr/lib/libgnutls.so.11 (0xa7e57000)
However, the Debian etch slapd and ldap utilities, such as ldapsearch,
don't use this library. It's only some other things that do so, such
as samba. slapd and ldap* use libldap[_r]-2.3 instead, which appears
to not be using gnutls.
The problem comes when the user ID running slapd, and the user ID
handling other things that load /usr/lib/libldap.so.* are the same,
whether that is root or the ldap user. As soon as both sets of
libraries get loaded into the same user space, problems ensue.
I stopped all services that were using libldap*, then started the
compiled slapd (with -u openldap anyway, and nothing else runs as that
user, though I'm not certain the libraries aren't opened before it
switches priviliges), and still I had the same symptom. (And my
compiled slapd is also believed to not use gnutls; it doesn't use
I therefore don't see any evidence that the problem is really
gnutls-related. That you can't reproduce it doesn't quite help,
you've compiled almost everything yourself.
You think I should also try to gradually compile things myself, trying
to locate which library causes the problem? Needless to say I'd
prefer a simpler investigation path, if one exists.
A debian bug reporting similar behaviour was filed two days ago:
. I'll add my