Actions
Bug #24228
closedRGW fails to start on Fedora 28 from default configuration
% Done:
0%
Source:
Community (user)
Tags:
Backport:
mimic luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
The default configuration for rgw_ldap_secret seems to be set to /etc/openldap/secret, which on my system is empty:
- ceph-conf -D | grep ldap
rgw_ldap_binddn = uid=admin,cn=users,dc=example,dc=com
rgw_ldap_dnattr = uid
rgw_ldap_searchdn = cn=users,cn=accounts,dc=example,dc=com
rgw_ldap_searchfilter =
rgw_ldap_secret = /etc/openldap/secret
rgw_ldap_uri = ldaps://<ldap.your.domain>
rgw_s3_auth_use_ldap = false
- cat /etc/openldap/secret
cat: /etc/openldap/secret: No such file or directory
The code assumes that if it is set, the named file has content. Since it doesn’t, safe_read_file() asserts.
I set it to nothing (rgw_ldap_secret = ) in my configuration, and everything seems happy.
std::string parse_rgw_ldap_bindpw(CephContext* ctx)
{
string ldap_bindpw;
string ldap_secret = ctx->_conf->rgw_ldap_secret;
if (ldap_secret.empty()) {
ldout(ctx, 10)
<< func << " LDAP auth no rgw_ldap_secret file found in conf"
<< dendl;
} else {
char bindpw[1024];
memset(bindpw, 0, 1024);
int pwlen = safe_read_file("" /* base */, ldap_secret.c_str(),
bindpw, 1023);
if (pwlen) {
ldap_bindpw = bindpw;
boost::algorithm::trim(ldap_bindpw);
if (ldap_bindpw.back() == '\n')
ldap_bindpw.pop_back();
}
}
return ldap_bindpw;
}
Actions