On 12/01/12 16:14, Pat Riehecky wrote:
>
> I'm curious if the package from 6.2 (currently in the 6rolling tree -
> version 2.4.23-20.el6) will perform better. The segfault you've reported
> seems to indicate something kerberos related. There was a Critical
> kerberos security update for 6 which you've got installed, I'm wondering
> if the openldap packages from 6.2, which were built against a newer
> kerberos library (but not the security update as that didn't exist at
> the time) show the problem. Perhaps the newer build will resolve this
> for you.
>
> If you can try the 2.4.23-20.el6 packages and let me know if those also
> exhibit the problem, that would be great.
>

OK, right, thanks for clarifying. I will try that once I've got all my 
systems reverted and working again - unfortunately reverting openldap 
breaks the latest sssd packages, so they have to also be reverted, and 
to revert those to the previous version you need to delete the sssd 
cache. So, I'm losing hair today :).

> I'm still somewhat curious on the 6.0 vs 6.1 difference here. I've heard
> no reports of a problem with the 2.4.23-15.el6 ldap packages on 6.1, and
> they've had them since the release. That's why they were chosen to fix
> the IPA dependency issue. Does anyone else out there see this same
> problem? Perhaps it is somehow local to the environment.

Well, it probably will only manifest when autofs is getting automount 
information from an LDAP server requiring kerberos authentication, I'm 
guessing.

Incidentally, do you guys use something like the tmverifyrpms[1] script 
to verify your RPMS against those from TUV?

J

[1] http://mirror.centos.org/centos/4/build/distro/tmverifyrpms