Bloglet: Tales from WTFLand – nginx-auth-ldap misconfig causes crash with no error logged

… other than the crash itself, of course :)

Will keep this one short and sweet (not my norm, I know). Just wanted to post it out there, as I didn’t find a hit despite some GoogleFu.

I was refactoring some Ansible automation, which involved using conditionals in my templates when LDAP was enabled or not. I missed a change and had this section in one of my .conf files:

 auth_ldap "Closed content";
 auth_ldap_servers {{ nginx_ldap.server }};

… but, the other conditionals were working properly, thus the config that would have the LDAP config referenced above was not present.

Turns out nginx-auth-ldap doesn’t handle this kind of screwup gracefully. Instead, this is all you get in /var/log/messages:

Mar 20 09:27:59 logging-01 systemd: Starting The nginx HTTP and reverse proxy server...
Mar 20 09:27:59 logging-01 kernel: nginx[427]: segfault at 8 ip 00007f68ff51ca3a sp 00007fffd67e5a30 error 4 in nginx[7f68ff457000+f8000]
Mar 20 09:27:59 logging-01 systemd: nginx.service: control process exited, code=killed status=11
Mar 20 09:27:59 logging-01 systemd: Failed to start The nginx HTTP and reverse proxy server.
Mar 20 09:27:59 logging-01 systemd: Unit nginx.service entered failed state.

Nothing is logged to /var/log/nginx/error.log (or any other nginx logs).

Anyway, hope that ends up saving someone from the couple of hours of head scratching I did last night trying to grok WTF happened here.