389-ds-base ver. 2.2.2 missing PBKDF2_SHA256 hash schema support

  • Open
  • quality assurance status badge
Details
One participant
  • Giovanni Biscuolo
Owner
unassigned
Submitted by
Giovanni Biscuolo
Severity
normal

Debbugs page

Giovanni Biscuolo wrote 1 months ago
(address . bug-guix@gnu.org)
87wmdsq3fi.fsf@xelera.eu
Hello,

Executive summary: the plugin "/lib/dirsrv/plugins/libpwdchan-plugin.so"
is missing in
"/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/"

I'm trying to setup a directory-server-service on Guix System using this
service definition in my operating-system:

Toggle snippet (9 lines)
(service directory-server-service-type
(directory-server-instance-configuration
(slapd
(slapd-configuration
(root-password "{PBKDF2_SHA256}AAAgANjxkt+wBF[...]")))))


I'm using a PBKDF2_SHA256 sheme password (trimmed above) since AFAIU
it's more secure against brute force attacks; I generated the hash with
this command:

Toggle snippet (5 lines)
pwdhash -s PBKDF2_SHA256 <password>


Please also consider that PBKDF2_SHA256 is the scheme used in the
example configuration of the Guix manual:

After reconfiguring Guix System if I try to start the service I get:

Toggle snippet (9 lines)
g@pistache ~$ sudo herd start directory-server-localhost
Password:
PID file '/run/dirsrv/slapd-localhost.pid' did not show up; terminating process 15747.
Service directory-server-localhost could not be started.
herd: error: failed to start service directory-server-localhost


This is what I get in the log file
/var/log/dirsrv/slapd-localhost/errors:

Toggle snippet (16 lines)
[14/Feb/2025:09:36:48.609619909 +0100] - ERR - symload_report_error - Netscape Portable Runtime error -5977: /gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so: cannot open shared object file: No such file or directory
[14/Feb/2025:09:36:48.634703449 +0100] - ERR - symload_report_error - Could not open library "/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so" for plugin PBKDF2
[14/Feb/2025:09:36:48.668040691 +0100] - ERR - plugin_setup - "PBKDF2" plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:09:36:48.693696064 +0100] - ERR - symload_report_error - Netscape Portable Runtime error -5977: /gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so: cannot open shared object file: No such file or directory
[14/Feb/2025:09:36:48.718060230 +0100] - ERR - symload_report_error - Could not open library "/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so" for plugin PBKDF2-SHA1
[14/Feb/2025:09:36:48.743072672 +0100] - ERR - plugin_setup - "PBKDF2-SHA1" plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:09:36:48.769131704 +0100] - ERR - symload_report_error - Netscape Portable Runtime error -5977: /gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so: cannot open shared object file: No such file or directory
[14/Feb/2025:09:36:48.793075389 +0100] - ERR - symload_report_error - Could not open library "/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so" for plugin PBKDF2-SHA256
[14/Feb/2025:09:36:48.818071205 +0100] - ERR - plugin_setup - "PBKDF2-SHA256" plugin in library "libpwdchan-plugin" not initialized and ignored
[14/Feb/2025:09:36:48.844240257 +0100] - ERR - symload_report_error - Netscape Portable Runtime error -5977: /gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so: cannot open shared object file: No such file or directory
[14/Feb/2025:09:36:48.868061742 +0100] - ERR - symload_report_error - Could not open library "/gnu/store/rngdj26hcc22iwfllfpxkjyzpkc3mxnn-389-ds-base-2.2.2/lib/dirsrv/plugins/libpwdchan-plugin.so" for plugin PBKDF2-SHA512
[14/Feb/2025:09:36:48.893072834 +0100] - ERR - plugin_setup - "PBKDF2-SHA512" plugin in library "libpwdchan-plugin" not initialized and ignored


Thank you! Gio'

--
Giovanni Biscuolo

Xelera IT Infrastructures
-----BEGIN PGP SIGNATURE-----

iQJABAEBCgAqFiEERcxjuFJYydVfNLI5030Op87MORIFAmevDSEMHGdAeGVsZXJh
LmV1AAoJENN9DqfOzDkSypcP/0gS51560FpHjxtjhfYrlIj6VQOB+X2bInhQH8Q9
B4wLH9w7DYIJZjRxEEo0RlAGdr2Pdfg5q0kRWX+6PRMOePpebNxHbkC2ryew+OCe
PjfghEEIHwUY2IZYHJevNs3aWw5AXRrI+J+waBMSknnxBMGt+s6owCnvNX7wgul5
v5CI4yNSCkHUmB10YYj6ZrC6wPolSLpveLmw/Kki3w6vziq0Kv1rHokqeEXa6kI9
cjp9UmVTmU3h7mQe1eQ/+v6UoYfgoquDiLw9KaFWZx57lRj6W2iwpRH6Jala3fPo
kDdhRbaUoxBkUumn87ZH2iRQuYgctoLZgWdgc9VWobApw2hLUQB7/vmGsmL5RRy6
5tFDhxq1vlc5Tux9BD0/gLuXXew8ADvlN+QpsiL414pZj545Knlh/YOAmELJI0TP
VQ+Hsiv5uz3f1CalBhwIQ1TUEjHSwSAgaJTS8s6hTL210xFlq2Qb2cVHRRRGMG9n
vfHeJaEzlRjJbrcHVcdfqQBr0Ib3NHmWNs5F9LeZGW3X91rFTfAOhqfpRFGDpxiK
hkngKo+EjP+JCz+59c9E7cTX+2s9ML3cKB4ecl5mRNUq3qHZyQrt/uTVpdpPFjEE
tl2O4BaG8bIdrOUI1uGczHse6LUA7C+VxcL2JduOeE6y6RYy9MKO7PcSubCMfJjC
2HsD
=moqc
-----END PGP SIGNATURE-----

?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 76280@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 76280
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help