Odd bash behaviour with 5.2 update

I am not sure exactly what has caused the change but bash is
acting
differently after updating to 5.2

For a local user with local password (root, joeblow) the
user is able
to login without any problems or errors.
For a user that gets authenticated via ldap I am now getting
a series
of 'errors' and commands not working.

-bash: [: =: unary operator expected
-bash: [: -le: unary operator expected
-bash: [: ==: unary operator expected

the errors come when bash tries to run commands in
/etc/profile and
/etc/profile.d/* with $() or `` as in
[ `/usr/bin/id -u`=0 ] and `/usr/bin/id -u` does not run.

If I create a user locallly it runs ok. I looked in selinux
logs to
see if it was being stopped for some reason (nope). turned
off selinux
rebooted and still bash acted funny.

the local user with /home/testluser works fine... but
accounts not in
/home are not workign for some reason.. /nfs/home for
example.

Downgrading to bash-3.1.16 removed the issue.

Is there something I missed obvious before I enter a
bugzilla on this?


-- 
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a
good deed
in a naughty world. = Shakespeare. "The Merchant of
Venice"

_______________________________________________
rhelv5-list mailing list
rhelv5-listredhat.com
h
ttps://www.redhat.com/mailman/listinfo/rhelv5-list

I saw something similar.  Running 'authconfig' with
appropriate arguments 
fixed the problem.  Doing so did not change
pam.d/system-auth-ac, but it 
did start up nscd, which was apparently not already
running.

(I did not check carefully enough to confirm that ncsd was
not running 
before I tried authconfig.  I'll watch that more closely on
the next 
upgrade I do.)

 	Cary Gray

On Wed, 21 May 2008, Stephen John Smoogen wrote:
> I am not sure exactly what has caused the change but
bash is acting
> differently after updating to 5.2
>
> For a local user with local password (root, joeblow)
the user is able
> to login without any problems or errors.
> For a user that gets authenticated via ldap I am now
getting a series
> of 'errors' and commands not working.
>
> -bash: [: =: unary operator expected
> -bash: [: -le: unary operator expected
> -bash: [: ==: unary operator expected
>
> the errors come when bash tries to run commands in
/etc/profile and
> /etc/profile.d/* with $() or `` as in
> [ `/usr/bin/id -u`=0 ] and `/usr/bin/id -u` does not
run.
>
> ...
>
> Downgrading to bash-3.1.16 removed the issue.
>
> Is there something I missed obvious before I enter a
bugzilla on this?

_______________________________________________
rhelv5-list mailing list
rhelv5-listredhat.com
h
ttps://www.redhat.com/mailman/listinfo/rhelv5-list

2008/5/21 Stephen John Smoogen <smoogegmail.com>:
> I am not sure exactly what has caused the change but
bash is acting
> differently after updating to 5.2
>
> For a local user with local password (root, joeblow)
the user is able
> to login without any problems or errors.
> For a user that gets authenticated via ldap I am now
getting a series
> of 'errors' and commands not working.
>
> -bash: [: =: unary operator expected
> -bash: [: -le: unary operator expected
> -bash: [: ==: unary operator expected
>
> the errors come when bash tries to run commands in
/etc/profile and
> /etc/profile.d/* with $() or `` as in
> [ `/usr/bin/id -u`=0 ] and `/usr/bin/id -u` does not
run.
>
> If I create a user locallly it runs ok. I looked in
selinux logs to
> see if it was being stopped for some reason (nope).
turned off selinux
> rebooted and still bash acted funny.
>
> the local user with /home/testluser works fine... but
accounts not in
> /home are not workign for some reason.. /nfs/home for
example.
>
> Downgrading to bash-3.1.16 removed the issue.

We've got the same issue here on our servers.  What's even
worse su
appears to be broken.  Our user accounts are all in LDAP but
we can't
su to any of them now or to root.

The only way anyone can log in locally *on console*, except
root, is if nscd
is running.  I created a local account on one of the boxes
and I can't log into
it on console either.

Remotely via ssh we can log into the boxes with LDAP
accounts or local user
accounts.  We don't get the "bash: [: =: unary operator
expected" error when
we use the local user account but we do get that error when
we log in via the
LDAP accounts.  Starting nscd stops the error.

My issue is ATM trying to get su to work so we can do some
work.  No one
can su to root or any other user account.  We could before
the upgrade.

What a mess.
Kent

_______________________________________________
rhelv5-list mailing list
rhelv5-listredhat.com
h
ttps://www.redhat.com/mailman/listinfo/rhelv5-list

Downgrading nss_ldap "fixed" our su issue.
Kent

2008/5/22 Kenton Brede <kbredegmail.com>:
> 2008/5/21 Stephen John Smoogen <smoogegmail.com>:
>> I am not sure exactly what has caused the change
but bash is acting
>> differently after updating to 5.2
>>
>> For a local user with local password (root,
joeblow) the user is able
>> to login without any problems or errors.
>> For a user that gets authenticated via ldap I am
now getting a series
>> of 'errors' and commands not working.
>>
>> -bash: [: =: unary operator expected
>> -bash: [: -le: unary operator expected
>> -bash: [: ==: unary operator expected
>>
>> the errors come when bash tries to run commands in
/etc/profile and
>> /etc/profile.d/* with $() or `` as in
>> [ `/usr/bin/id -u`=0 ] and `/usr/bin/id -u` does
not run.
>>
>> If I create a user locallly it runs ok. I looked in
selinux logs to
>> see if it was being stopped for some reason (nope).
turned off selinux
>> rebooted and still bash acted funny.
>>
>> the local user with /home/testluser works fine...
but accounts not in
>> /home are not workign for some reason.. /nfs/home
for example.
>>
>> Downgrading to bash-3.1.16 removed the issue.
>
> We've got the same issue here on our servers.  What's
even worse su
> appears to be broken.  Our user accounts are all in
LDAP but we can't
> su to any of them now or to root.
>
> The only way anyone can log in locally *on console*,
except root, is if nscd
> is running.  I created a local account on one of the
boxes and I can't log into
> it on console either.
>
> Remotely via ssh we can log into the boxes with LDAP
accounts or local user
> accounts.  We don't get the "bash: [: =: unary
operator expected" error when
> we use the local user account but we do get that error
when we log in via the
> LDAP accounts.  Starting nscd stops the error.
>
> My issue is ATM trying to get su to work so we can do
some work.  No one
> can su to root or any other user account.  We could
before the upgrade.
>
> What a mess.
> Kent
>

_______________________________________________
rhelv5-list mailing list
rhelv5-listredhat.com
h
ttps://www.redhat.com/mailman/listinfo/rhelv5-list

Some time past I saw /usr/bin/id behaving odd or even
segfault'ing while
querying information about specific LDAP users. The issue
occurred only
for those user accounts, which were a second time member (in
group map)
of their default unix group (in passwd map).

On systems not being affected by that bug(?) /usr/bin/id
should list the
group membership twice.

It's just a guess - I don't even remember which distribution
I saw that
issue, maybe an early RHEL4 release.

 -Rene


Stephen John Smoogen wrote:
> I am not sure exactly what has caused the change but
bash is acting
> differently after updating to 5.2
> 
> For a local user with local password (root, joeblow)
the user is able
> to login without any problems or errors.
> For a user that gets authenticated via ldap I am now
getting a series
> of 'errors' and commands not working.
> 
> -bash: [: =: unary operator expected
> -bash: [: -le: unary operator expected
> -bash: [: ==: unary operator expected
> 
> the errors come when bash tries to run commands in
/etc/profile and
> /etc/profile.d/* with $() or `` as in
> [ `/usr/bin/id -u`=0 ] and `/usr/bin/id -u` does not
run.
> 
> If I create a user locallly it runs ok. I looked in
selinux logs to
> see if it was being stopped for some reason (nope).
turned off selinux
> rebooted and still bash acted funny.
> 
> the local user with /home/testluser works fine... but
accounts not in
> /home are not workign for some reason.. /nfs/home for
example.
> 
> Downgrading to bash-3.1.16 removed the issue.
> 
> Is there something I missed obvious before I enter a
bugzilla on this?
> 

-- 
Rene Grabner
Systems Engineer              AMD Saxony LLC & Co. KG
phone: (+49 351) 277-6838     Dresden Design Center
fax:   (+49 351) 277-96838    M/S I21-DC

_______________________________________________
rhelv5-list mailing list
rhelv5-listredhat.com
h
ttps://www.redhat.com/mailman/listinfo/rhelv5-list

On Fri, May 23, 2008 at 10:03 AM, solarflow99
<solarflow99gmail.com> wrote:
>
>
> On 5/23/08, Rene Grabner <rene.grabneramd.com> wrote:
>>
>> Some time past I saw /usr/bin/id behaving odd or
even segfault'ing while
>> querying information about specific LDAP users. The
issue occurred only
>> for those user accounts, which were a second time
member (in group map)
>> of their default unix group (in passwd map).
>>
>> On systems not being affected by that bug(?)
/usr/bin/id should list the
>> group membership twice.
>>
>> It's just a guess - I don't even remember which
distribution I saw that
>> issue, maybe an early RHEL4 release.
>
>
> I just checked, and the id command is ok, I don;t see
anything wrong.
>

The issue is not with the ID command.. it is with all
sub-shells
forked via $(). The issue looks to be with nss_ldap and ssl
queries to
LDAP servers. Your setup may not use SSL or is using it in a
good
way.. which would be useful for others.


-- 
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a
good deed
in a naughty world. = Shakespeare. "The Merchant of
Venice"

_______________________________________________
rhelv5-list mailing list
rhelv5-listredhat.com
h
ttps://www.redhat.com/mailman/listinfo/rhelv5-list