<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Hi,<br>
    <br>
    I was trying to log into sunjammer to help out samson with an email
    alias and failed to log in.<br>
    <br>
    <tt>$ ssh sunjammer.sugarlabs.org<br>
      Warning: Permanently added the RSA host key for IP address
      '208.118.235.53' to the list of known hosts.<br>
      Permission denied (publickey).<br>
      <br>
    </tt>Is this because of the LDAP database problem? I think you
    mentioned I needed a real user in sunjammer.<br>
    I'd like to help if you can help me access sunjammer again.<br>
    <br>
    Thanks in advance,<br>
    Sebastian<br>
    <br>
    <div class="moz-cite-prefix">On 04/04/16 10:31, Samuel Cantero
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAGA8R4mVP2=L-RxPV5jnP_BQFdt88=AxHDDKaq-EdMMpkmNWtQ@mail.gmail.com"
      type="cite">
      <div dir="ltr">I've applied a db_recovery:
        <div><br>
        </div>
        <div>
          <div>sunjammer:~# db_recover -v -h /var/lib/ldap</div>
          <div>BDB2526 Finding last valid log LSN: file: 1 offset 53062</div>
          <div>BDB1518 Recovery complete at Mon Apr  4 11:29:25 2016</div>
          <div>BDB1519 Maximum transaction ID 0 recovery checkpoint
            [1][53006]</div>
        </div>
        <div><br>
        </div>
        <div>As you can see the recovery has completed but I can't still
          remove the test user.</div>
        <div><br>
        </div>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Mon, Apr 4, 2016 at 11:22 AM, Samuel
          Cantero <span dir="ltr"><<a moz-do-not-send="true"
              href="mailto:scanterog@gmail.com" target="_blank">scanterog@gmail.com</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div dir="ltr">
              <div>I can't figure it out what is going on with our LDAP
                database. I can't delete the "test" user. I tried it
                with:</div>
              <div><br>
              </div>
              <div><font face="monospace, monospace">ldapdelete -x
                  "uid=test,ou=People,dc=sugarlabs,dc=org"</font><br>
              </div>
              <div><br>
              </div>
              <div>and also with ldapvi. None of them worked.</div>
              <div><br>
              </div>
              <div>If I start it in debug mode I can't find anything
                broken.</div>
              <div><br>
              </div>
              <div><span style="font-family:monospace"><span
                    style="color:rgb(0,0,0)">/usr/sbin/slapd -u openldap
                    -h ldapi:/// -d 256</span><br>
                </span></div>
              <div><span style="font-family:monospace"><span
                    style="color:rgb(0,0,0)"><br>
                  </span></span></div>
              <div><font face="arial, helvetica, sans-serif"
                  color="#000000">But If a try to re-index the db I've
                  got this:</font></div>
              <div><font face="monospace, monospace"><br>
                </font></div>
              <div>
                <div><font face="monospace, monospace">sunjammer:~#
                    slapindex </font></div>
                <div><font face="monospace, monospace"><br>
                  </font></div>
                <div><font face="monospace, monospace"> BDB0061 PANIC:
                    BDB0087 DB_RUNRECOVERY: Fatal error, run database
                    recovery</font></div>
                <div><font face="monospace, monospace">57028248
                    bdb(dc=sugarlabs,dc=org): BDB0060 PANIC: fatal
                    region error detected; run recovery</font></div>
                <div><font face="monospace, monospace">57028248
                    bdb_db_close: database "dc=sugarlabs,dc=org":
                    txn_checkpoint failed: BDB0087 DB_RUNRECOVERY: Fatal
                    error, run database recovery (-30973)</font></div>
              </div>
              <div><font face="monospace, monospace"><br>
                </font></div>
              <div><font face="arial, helvetica, sans-serif">I'll keep
                  you updated.</font></div>
            </div>
            <div class="HOEnZb">
              <div class="h5">
                <div class="gmail_extra"><br>
                  <div class="gmail_quote">On Mon, Apr 4, 2016 at 10:26
                    AM, Bernie Innocenti <span dir="ltr"><<a
                        moz-do-not-send="true"
                        href="mailto:bernie@codewiz.org" target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:bernie@codewiz.org">bernie@codewiz.org</a></a>></span>
                    wrote:<br>
                    <blockquote class="gmail_quote" style="margin:0 0 0
                      .8ex;border-left:1px #ccc solid;padding-left:1ex">On
                      04/04/16 09:40, Samuel Cantero wrote:<br>
                      > # test, People, <a moz-do-not-send="true"
                        href="http://sugarlabs.org" rel="noreferrer"
                        target="_blank">sugarlabs.org</a> <<a
                        moz-do-not-send="true"
                        href="http://sugarlabs.org" rel="noreferrer"
                        target="_blank"><a class="moz-txt-link-freetext" href="http://sugarlabs.org">http://sugarlabs.org</a></a>><br>
                      > dn: uid=test,ou=People,dc=sugarlabs,dc=org<br>
                      > uid: test<br>
                      > cn: Test<br>
                      > sn: Test<br>
                      > objectClass: person<br>
                      > objectClass: organizationalPerson<br>
                      > objectClass: inetOrgPerson<br>
                      > *mail: <a moz-do-not-send="true"
                        href="mailto:als-at@yandex.ru" target="_blank">als-at@yandex.ru</a>
                      <mailto:<a moz-do-not-send="true"
                        href="mailto:als-at@yandex.ru" target="_blank">als-at@yandex.ru</a>>*<br>
                      > displayName: Test<br>
                      <br>
                      No shell? Odd. And no entry in the lastlog either.<br>
                      <br>
                      From the record ID in ldap, it looks like the user
                      has been there fore a<br>
                      long time.<br>
                      <br>
                      Moreover, the wtmp and btmp files show signs of
                      having been tampered<br>
                      with (note the dates):<br>
                      <br>
                      sunjammer:/var/log# ll wtmp*<br>
                      -rw-rw-r-- 1 root utmp 375K Apr 4 10:19 wtmp<br>
                      -rw-rw-r-- 1 root root 617K Jun 1 2015
                      wtmp-20141201<br>
                      -rw-rw-r-- 1 root root 1023K Jun 1 2015
                      wtmp-20150601<br>
                      -rw-rw-r-- 1 root utmp 29K Dec 31 19:07
                      wtmp-20160101.xz<br>
                      sunjammer:/var/log# ll btmp*<br>
                      -rw-rw---- 1 root utmp 7.2M Apr  4 08:29 btmp<br>
                      -rw-rw---- 1 root utmp   32 Sep  1  2014
                      btmp-20141001.xz<br>
                      -rw-rw---- 1 root utmp   32 Oct  1  2014
                      btmp-20141101.xz<br>
                      -rw-rw---- 1 root utmp   32 Nov  1  2014
                      btmp-20141201.xz<br>
                      -rw-rw---- 1 root utmp   32 Dec  1  2014
                      btmp-20150101.xz<br>
                      -rw-rw---- 1 root utmp   32 Jan  1  2015
                      btmp-20150201.xz<br>
                      -rw-rw---- 1 root utmp   32 Feb  1  2015
                      btmp-20150301.xz<br>
                      -rw-rw---- 1 root utmp   32 Mar  1  2015
                      btmp-20150401.xz<br>
                      -rw-rw---- 1 root utmp   32 Apr  1  2015
                      btmp-20150501.xz<br>
                      -rw-rw---- 1 root utmp   32 May  1  2015
                      btmp-20150601.xz<br>
                      -rw-rw---- 1 root utmp   32 Jun  1  2015
                      btmp-20160101.xz<br>
                      <span><font color="#888888"><br>
                          <br>
                          --<br>
                           _ // Bernie Innocenti<br>
                           \X/  <a moz-do-not-send="true"
                            href="http://codewiz.org" rel="noreferrer"
                            target="_blank">http://codewiz.org</a><br>
                        </font></span></blockquote>
                  </div>
                  <br>
                </div>
              </div>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Systems mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Systems@lists.sugarlabs.org">Systems@lists.sugarlabs.org</a>
<a class="moz-txt-link-freetext" href="http://lists.sugarlabs.org/listinfo/systems">http://lists.sugarlabs.org/listinfo/systems</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>