<div dir="ltr">Can't check it now, but maybe the ldap db is corrupted and the service stopped working. We do have a backup anyway. When I get time again I will dig into it. <div class="gmail_extra"><br></div><div class="gmail_extra">I'm scared anyway cause apparently someone tampered our wtmp and btmp. </div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Apr 4, 2016 at 2:22 PM, Sebastian Silva <span dir="ltr"><<a href="mailto:sebastian@fuentelibre.org" target="_blank">sebastian@fuentelibre.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    Thank you! I'm in.<div><div class="h5"><br>
    <br>
    <div>On 04/04/16 13:25, Samuel Cantero
      wrote:<br>
    </div>
    <blockquote type="cite">
      <div dir="ltr">Please, try again.</div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Mon, Apr 4, 2016 at 2:18 PM,
          Sebastian Silva <span dir="ltr"><<a href="mailto:sebastian@fuentelibre.org" target="_blank">sebastian@fuentelibre.org</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
            <div bgcolor="#FFFFFF" text="#000000"> Hi,<br>
              <br>
              I was trying to log into sunjammer to help out samson with
              an email alias and failed to log in.<br>
              <br>
              <tt>$ ssh <a href="http://sunjammer.sugarlabs.org" target="_blank">sunjammer.sugarlabs.org</a><br>
                Warning: Permanently added the RSA host key for IP
                address '208.118.235.53' to the list of known hosts.<br>
                Permission denied (publickey).<br>
                <br>
              </tt>Is this because of the LDAP database problem? I think
              you mentioned I needed a real user in sunjammer.<br>
              I'd like to help if you can help me access sunjammer
              again.<br>
              <br>
              Thanks in advance,<br>
              Sebastian
              <div>
                <div><br>
                  <br>
                  <div>On 04/04/16 10:31, Samuel Cantero wrote:<br>
                  </div>
                </div>
              </div>
              <blockquote type="cite">
                <div>
                  <div>
                    <div dir="ltr">I've applied a db_recovery:
                      <div><br>
                      </div>
                      <div>
                        <div>sunjammer:~# db_recover -v -h /var/lib/ldap</div>
                        <div>BDB2526 Finding last valid log LSN: file: 1
                          offset 53062</div>
                        <div>BDB1518 Recovery complete at Mon Apr  4
                          11:29:25 2016</div>
                        <div>BDB1519 Maximum transaction ID 0 recovery
                          checkpoint [1][53006]</div>
                      </div>
                      <div><br>
                      </div>
                      <div>As you can see the recovery has completed but
                        I can't still remove the test user.</div>
                      <div><br>
                      </div>
                    </div>
                    <div class="gmail_extra"><br>
                      <div class="gmail_quote">On Mon, Apr 4, 2016 at
                        11:22 AM, Samuel Cantero <span dir="ltr"><<a href="mailto:scanterog@gmail.com" target="_blank"></a><a href="mailto:scanterog@gmail.com" target="_blank">scanterog@gmail.com</a>></span>
                        wrote:<br>
                        <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
                          <div dir="ltr">
                            <div>I can't figure it out what is going on
                              with our LDAP database. I can't delete the
                              "test" user. I tried it with:</div>
                            <div><br>
                            </div>
                            <div><font face="monospace, monospace">ldapdelete
                                -x
                                "uid=test,ou=People,dc=sugarlabs,dc=org"</font><br>
                            </div>
                            <div><br>
                            </div>
                            <div>and also with ldapvi. None of them
                              worked.</div>
                            <div><br>
                            </div>
                            <div>If I start it in debug mode I can't
                              find anything broken.</div>
                            <div><br>
                            </div>
                            <div><span style="font-family:monospace"><span style="color:rgb(0,0,0)">/usr/sbin/slapd
                                  -u openldap -h ldapi:/// -d 256</span><br>
                              </span></div>
                            <div><span style="font-family:monospace"><span style="color:rgb(0,0,0)"><br>
                                </span></span></div>
                            <div><font face="arial, helvetica,
                                sans-serif" color="#000000">But If a try
                                to re-index the db I've got this:</font></div>
                            <div><font face="monospace, monospace"><br>
                              </font></div>
                            <div>
                              <div><font face="monospace, monospace">sunjammer:~#

                                  slapindex </font></div>
                              <div><font face="monospace, monospace"><br>
                                </font></div>
                              <div><font face="monospace, monospace"> BDB0061
                                  PANIC: BDB0087 DB_RUNRECOVERY: Fatal
                                  error, run database recovery</font></div>
                              <div><font face="monospace, monospace">57028248

                                  bdb(dc=sugarlabs,dc=org): BDB0060
                                  PANIC: fatal region error detected;
                                  run recovery</font></div>
                              <div><font face="monospace, monospace">57028248

                                  bdb_db_close: database
                                  "dc=sugarlabs,dc=org": txn_checkpoint
                                  failed: BDB0087 DB_RUNRECOVERY: Fatal
                                  error, run database recovery (-30973)</font></div>
                            </div>
                            <div><font face="monospace, monospace"><br>
                              </font></div>
                            <div><font face="arial, helvetica,
                                sans-serif">I'll keep you updated.</font></div>
                          </div>
                          <div>
                            <div>
                              <div class="gmail_extra"><br>
                                <div class="gmail_quote">On Mon, Apr 4,
                                  2016 at 10:26 AM, Bernie Innocenti <span dir="ltr"><<a href="mailto:bernie@codewiz.org" target="_blank"></a><a href="mailto:bernie@codewiz.org" target="_blank">bernie@codewiz.org</a>></span>
                                  wrote:<br>
                                  <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">On 04/04/16
                                    09:40, Samuel Cantero wrote:<br>
                                    > # test, People, <a href="http://sugarlabs.org" rel="noreferrer" target="_blank">sugarlabs.org</a>
                                    <<a href="http://sugarlabs.org" target="_blank">http://sugarlabs.org</a>><br>
                                    > dn:
                                    uid=test,ou=People,dc=sugarlabs,dc=org<br>
                                    > uid: test<br>
                                    > cn: Test<br>
                                    > sn: Test<br>
                                    > objectClass: person<br>
                                    > objectClass:
                                    organizationalPerson<br>
                                    > objectClass: inetOrgPerson<br>
                                    > *mail: <a href="mailto:als-at@yandex.ru" target="_blank"></a><a href="mailto:als-at@yandex.ru" target="_blank">als-at@yandex.ru</a>
                                    <mailto:<a href="mailto:als-at@yandex.ru" target="_blank">als-at@yandex.ru</a>>*<br>
                                    > displayName: Test<br>
                                    <br>
                                    No shell? Odd. And no entry in the
                                    lastlog either.<br>
                                    <br>
                                    From the record ID in ldap, it looks
                                    like the user has been there fore a<br>
                                    long time.<br>
                                    <br>
                                    Moreover, the wtmp and btmp files
                                    show signs of having been tampered<br>
                                    with (note the dates):<br>
                                    <br>
                                    sunjammer:/var/log# ll wtmp*<br>
                                    -rw-rw-r-- 1 root utmp 375K Apr 4
                                    10:19 wtmp<br>
                                    -rw-rw-r-- 1 root root 617K Jun 1
                                    2015 wtmp-20141201<br>
                                    -rw-rw-r-- 1 root root 1023K Jun 1
                                    2015 wtmp-20150601<br>
                                    -rw-rw-r-- 1 root utmp 29K Dec 31
                                    19:07 wtmp-20160101.xz<br>
                                    sunjammer:/var/log# ll btmp*<br>
                                    -rw-rw---- 1 root utmp 7.2M Apr  4
                                    08:29 btmp<br>
                                    -rw-rw---- 1 root utmp   32 Sep  1 
                                    2014 btmp-20141001.xz<br>
                                    -rw-rw---- 1 root utmp   32 Oct  1 
                                    2014 btmp-20141101.xz<br>
                                    -rw-rw---- 1 root utmp   32 Nov  1 
                                    2014 btmp-20141201.xz<br>
                                    -rw-rw---- 1 root utmp   32 Dec  1 
                                    2014 btmp-20150101.xz<br>
                                    -rw-rw---- 1 root utmp   32 Jan  1 
                                    2015 btmp-20150201.xz<br>
                                    -rw-rw---- 1 root utmp   32 Feb  1 
                                    2015 btmp-20150301.xz<br>
                                    -rw-rw---- 1 root utmp   32 Mar  1 
                                    2015 btmp-20150401.xz<br>
                                    -rw-rw---- 1 root utmp   32 Apr  1 
                                    2015 btmp-20150501.xz<br>
                                    -rw-rw---- 1 root utmp   32 May  1 
                                    2015 btmp-20150601.xz<br>
                                    -rw-rw---- 1 root utmp   32 Jun  1 
                                    2015 btmp-20160101.xz<br>
                                    <span><font color="#888888"><br>
                                        <br>
                                        --<br>
                                         _ // Bernie Innocenti<br>
                                         \X/  <a href="http://codewiz.org" rel="noreferrer" target="_blank">http://codewiz.org</a><br>
                                      </font></span></blockquote>
                                </div>
                                <br>
                              </div>
                            </div>
                          </div>
                        </blockquote>
                      </div>
                      <br>
                    </div>
                    <br>
                    <fieldset></fieldset>
                    <br>
                  </div>
                </div>
                <pre>_______________________________________________
Systems mailing list
<a href="mailto:Systems@lists.sugarlabs.org" target="_blank">Systems@lists.sugarlabs.org</a>
<a href="http://lists.sugarlabs.org/listinfo/systems" target="_blank">http://lists.sugarlabs.org/listinfo/systems</a>
</pre>
              </blockquote>
              <br>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <br>
  </div></div></div>

</blockquote></div><br></div></div>