I've noticed that when I load a host that uses an LDAP authentication prompt, other nginx workers suddenly crash.
Steps to reproduce:
Install Passenger 5.0.14-5.0.18
Compile nginx 1.6-1.9.4 with nginx-auth-ldap
Configure LDAP block in nginx.conf
Use the auth_ldap directive to protect a Rails application under Passenger
Upon loading the application, workers will begin segfaulting
Attempted mitigations:
Downgrading nginx
Downgrading passenger
Trying different versions of the nginx-auth-ldap code
Running slapd in extremely verbose mode to look for any issues
Running error checking and recovery on the LDAP database
The only way I stopped these crashes was to remove all auth_ldap directives from my configuration, which would seem to narrow things down to a poor interaction amongst nginx, nginx-auth-ldap, and Passenger.
The logs look like this:
kernel: nginx[8775]: segfault at 20 ip 000000000041110a sp 00007ffddf01dc30 error 4 in nginx[400000+190000]
kernel: nginx[8319]: segfault at 0 ip 0000000000485c81 sp 00007ffddf01fd60 error 6 in nginx[400000+190000]
slapd[12476]: connection_input: conn=1002 deferring operation: binding
or previously
kernel: nginx[13327]: segfault at 20 ip 000000000041110a sp 00007ffdc60b9f10 error 4 in nginx[400000+18f000]
slapd[3374]: connection_input: conn=29454 deferring operation: binding
slapd[3374]: connection_input: conn=29454 deferring operation: binding
slapd[3374]: connection_input: conn=29454 deferring operation: binding
kernel: traps: nginx[13329] general protection ip:485c81 sp:7ffdc60bc090 error:0 in nginx[400000+18f000]
Nginx meanwhile, just records:
[alert] 15548#0: worker process 4210 exited on signal 11
[alert] 15548#0: worker process 4162 exited on signal 11
[alert] 15548#0: worker process 4215 exited on signal 11
[alert] 15548#0: worker process 4224 exited on signal 11
[alert] 15548#0: worker process 4160 exited on signal 11
Looking at #33, it appears this might be related. It seems to the LDAP server doesn't respond immediately for whatever reason (deferring an operation, going offline,etc), nginx-auth-ldap crashes, taking nginx workers with it.
I've noticed that when I load a host that uses an LDAP authentication prompt, other nginx workers suddenly crash.
Steps to reproduce:
Attempted mitigations:
The only way I stopped these crashes was to remove all auth_ldap directives from my configuration, which would seem to narrow things down to a poor interaction amongst nginx, nginx-auth-ldap, and Passenger.
The logs look like this:
or previously
Nginx meanwhile, just records:
Looking at #33, it appears this might be related. It seems to the LDAP server doesn't respond immediately for whatever reason (deferring an operation, going offline,etc), nginx-auth-ldap crashes, taking nginx workers with it.