[Bug 619780] New: pam_mount + sshd => segfaults
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c0 Summary: pam_mount + sshd => segfaults Classification: openSUSE Product: openSUSE 11.3 Version: RC 2 Platform: i586 OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: opensuse@der-he.de QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.2.4) Gecko/20100611 SUSE/3.6.4-3.2 Firefox/3.6.4 I'm pam_mount for mounting LUKS partitions with user login. "auth optional pam_mount.so" in /etc/pam.d/common-auth "session optional pam_mount.so" in /etc/pam.d/common-session Everything works fine except ssh logins. Every login to ssh quits with: "Write failed: Broken pipe" sshd crashes with SIGSEGV while trying to strlen() an non-existent string. Same problem as here: http://bugs.gentoo.org/show_bug.cgi?id=302964 I've applied the mentioned Patch and everything is working now. It's fixed upstream, but I think there's a Version Freeze on 11.3 so it's not possible to use a newer version. Some developer should attach the patch. btw: This patch is only a workaround! It prevents sshd of crashing, but AFAIK mounting doesn't work either this way. I have to "su - user" to mount encrypted partition after ssh-login. Reproducible: Always Steps to Reproduce: 1. install pam_mount 2. configure system to mount LUKS partition with user login 3. ssh user@localhost Actual Results: login via ssh not working Expected Results: sshd should not crash PATCH: --- pam_mount-1.34/src/pam_mount.c 2010-04-08 01:37:42.000000000 +0200 +++ pam_mount-1.34-patched//src/pam_mount.c 2010-07-04 14:07:46.000000000 +0200 @@ -462,7 +462,9 @@ static char *grab_authtok(pam_handle_t * ret = pam_set_data(pamh, "pam_mount_system_authtok", authtok, clean_system_authtok); if (ret == PAM_SUCCESS) { - if (mlock(authtok, strlen(authtok) + 1) < 0) + if (authtok == NULL) + w4rn("authtok is NULL in session code\n"); + else if (mlock(authtok, strlen(authtok) + 1) < 0) w4rn("mlock authtok: %s\n", strerror(errno)); } else { l0g("error trying to save authtok for session code\n"); -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c yang xiaoyu <xyyang@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |xyyang@novell.com AssignedTo|bnc-team-screening@forge.pr |mc@novell.com |ovo.novell.com | -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c1 Michael Heide <opensuse@der-he.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |opensuse@der-he.de Version|RC 2 |Final --- Comment #1 from Michael Heide <opensuse@der-he.de> 2010-07-21 14:55:24 UTC --- The bug is also in 11.3 final. I've built my own patched pam_mount-1.34-2.4.i586.rpm with success. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c2 Michael Calmer <mc@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium Status|NEW |NEEDINFO InfoProvider| |maintenance@opensuse.org --- Comment #2 from Michael Calmer <mc@novell.com> 2010-07-26 09:08:49 UTC --- @maintenance: update? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c3 --- Comment #3 from Marcus Meissner <meissner@novell.com> 2010-07-26 12:45:10 UTC --- looks good to me. +1 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c4 Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |maint:running:34781:moderat | |e --- Comment #4 from Swamp Workflow Management <swamp@suse.com> 2010-07-26 15:23:35 UTC --- The SWAMPID for this issue is 34781. This issue was rated as moderate. Please submit fixed packages until 2010-08-09. Also create a patchinfo file using this link: https://swamp.suse.de/webswamp/wf/34781 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c5 Christian Dengler <cdengler@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |cdengler@novell.com InfoProvider|maintenance@opensuse.org | --- Comment #5 from Christian Dengler <cdengler@novell.com> 2010-07-26 15:25:13 UTC --- ok, update process started. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c6 Michael Calmer <mc@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED Target Milestone|--- |Final --- Comment #6 from Michael Calmer <mc@novell.com> 2010-07-26 16:05:42 UTC --- package and patchinfo submitted -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c7 Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:34781:moderat |maint:running:34781:moderat |e |e maint:released:11.3:34793 --- Comment #7 from Swamp Workflow Management <swamp@suse.com> 2010-08-05 11:02:39 UTC --- Update released for: pam_mount, pam_mount-debuginfo, pam_mount-debugsource Products: openSUSE 11.3 (debug, i586, x86_64) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c Swamp Workflow Management <swamp@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:34781:moderat |maint:released:11.3:34793 |e maint:released:11.3:34793 | -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=619780 https://bugzilla.novell.com/show_bug.cgi?id=619780#c8 Michael Heide <opensuse@der-he.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | --- Comment #8 from Michael Heide <opensuse@der-he.de> 2010-12-12 11:29:46 UTC --- I Updated to pam_mount-1.34-3.2.1 (from SuSE repository) and still it's not possible to log in. "Write failed: Broken pipe" The patch seems to be some kind of "included" now. There's a line "Patch2: fix-segfault.dif" in the pam_mount.spec where fix-segfault.dif includes something which looks alike the patch above. I do not know why but anyhow it seems to not get applied (I don't know the SuSE/rpm build system so I cannot find out my self). I patched the sources manually and everything works again. (pam_mount-1.34.tar.bz2: untar; patch; tar -> rpmbuild) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=619780 https://bugzilla.novell.com/show_bug.cgi?id=619780#c9 --- Comment #9 from Christian Dengler <cdengler@novell.com> 2010-12-13 14:40:44 UTC --- After a short looking on it. I think the patch is not applied correctly. I think we need "%patch2 -p0" instead of "%patch2 -p1". Michael, should I start a new update for it? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=619780 https://bugzilla.novell.com/show_bug.cgi?id=619780#c10 Michael Calmer <mc@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh@medozas.de --- Comment #10 from Michael Calmer <mc@novell.com> 2011-01-10 11:38:06 UTC --- -p1 is fully correct. Christian: do we have the last buildlog somewhere? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=619780 https://bugzilla.novell.com/show_bug.cgi?id=619780#c11 --- Comment #11 from Christian Dengler <cdengler@novell.com> 2011-01-10 15:09:47 UTC --- Only from the last build in update-test: https://build.opensuse.org/package/live_build_log?arch=i586&package=pam_mount&project=openSUSE%3A11.3%3AUpdate%3ATest&repository=standard -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=619780 https://bugzilla.novell.com/show_bug.cgi?id=619780#c12 --- Comment #12 from Michael Calmer <mc@novell.com> 2011-01-10 15:24:09 UTC --- The patch was applied without any problems. So this should be a different issue. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=619780 http://bugzilla.novell.com/show_bug.cgi?id=619780#c14 --- Comment #14 from Bernhard Wiedemann <bwiedemann@suse.com> --- This is an autogenerated message for OBS integration: This bug (619780) was mentioned in https://build.opensuse.org/request/show/44000 11.3:Test / pam_mount -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com