yum update broke ldap

D.P. · 22 Oct 2015 at 17:20

This is on centos 2.6.32

We ad a disaster earlier in the week (/var got wiped

). We kind of hacked things back together and I think /var/lib was copied form some other distro... anyway, I went to do a yum update because everything was very old. The update went fine but now there are ldap issues and I can ssh in or use sudo.
Luckily I have an open ssh connection.

This is the error

Code:

sudo ls
sudo: ldap_sasl_bind_s(): Can't contact LDAP server
[sudo] password for USER:

But it never accepts the password.

The ldap service is running :

Code:

$ ps uax | grep ldap
ldap      2030  0.0  0.0 945048 49248 ?        Ssl  Sep16   5:07 /usr/sbin/slapd -h  ldap:/// ldaps:/// -u ldap

Beyond that I have no idea about ldap so I';m pretty stuck. Some point later the sys admin will find out and get pee'd:

Hoping I can fix the mess I created.

memyselfandi · 22 Oct 2015 at 21:37

With that kernel version that looks like it would be CentOS 6?

If so and you have done a general yum update then I suggest rolling back the sudo package to the version prior to that release end-of-July till mid-August (can't remember the exact date). This changed some things to do with the way sudo handled groups and this seems to have caused issues with sudo and LDAP (I've actually been speaking to Red Hat on this recently to do with some LDAP stuff I was looking at on RHEL 6). Going to the version prior to this release and sudo for LDAP users works again, re-applying it and it fails again with no meaningful error other than not accepting the password.

D.P. · 23 Oct 2015 at 00:38

Thanks. Yes it is CentsOs 6

I gave up eventually and told the sys admin, he's been struggling for hours. I will pass on the information.

yum update broke ldap

D.P.

D.P.

memyselfandi

memyselfandi

D.P.

D.P.