Does anybody have Tripwire and LDAP authentication working under Red Hat 8.0? As soon as we enable LDAP authentication Tripwire porks itself with a "Software interrupt forced exit: Segmentation Fault."
If we remove the ldap stuff out of /etc/nsswitch.conf Tripwire will start to work again. If I do a strace one can see Tripwire open the /etc/nsswitch.conf file when it tries to (I think) to resolve the gid number to name. In other words when it goes out to the LDAP server it porks itself.
Bugzilla has an open bug for Red Hat 7.3 and it is till broke on Red Hat 8.0. I have Tripwire and LDAP working on 7.1 and 7.2 boxes.
Can anybody help or have any work arounds short of replacing the /etc/nsswitch.conf file everytime before I run tripwire?
Note that NIS has the same problem.
Removing all NIS access from /etc/nsswitch.conf "fixes" things here also.
You might try removing the user (u) and group (g) attributes from the properties you're scanning for. You will forfeit knowlege if the owner or group name of a given file changes, but the upside is that it will again work perfectly with LDAP.
I just recently migrated my server to LDAP authenticatin (on Redhat 7.3, tripwire version 2.3.1-10 according to the RPM currently installed) and have now encountered this problem. Has there been any progress on fixing this? It seems that "turning off user and group attributes" is a move towards less security which is NOT why I run Tripwire in the first place....:)
Log in to post a comment.