Ticket #1383 (closed defect: fixed)

Opened 22 months ago

Last modified 22 months ago

sssd_nss segfaults performing netgroup lookups without a specified domain

Reported by: sgallagh Owned by: sgallagh
Priority: blocker Milestone: SSSD 1.9.0 beta 3
Component: NSS Version: master
Keywords: Regression Cc:
Blocked By: Blocking:
Tests Updated: no Coverity Bug:
Patch Submitted: yes Red Hat Bugzilla: 833789
Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:

Description

https://bugzilla.redhat.com/show_bug.cgi?id=833789 (Fedora)

Description of problem:


Version-Release number of selected component (if applicable):
sssd-1.8.93-0.20120618T1837Zgitbb79e75.fc17.x86_64

How reproducible:
Always

Steps to Reproduce: (Not sure if this is related, but the case where crash was
detected is)

1. # ipa sudorule-show sudorule1 --all --raw
  dn: ipauniqueid=8d023938-bac0-11e1-b429-525400951069,cn=sudorules,cn=sudo,dc=
testrelm,dc=com
  cn: sudorule1
  ipaenabledflag: TRUE
  memberhost: cn=hostgrp1,cn=hostgroups,cn=accounts,dc=testrelm,dc=com
  memberuser: uid=user1,cn=users,cn=accounts,dc=testrelm,dc=com
  ipauniqueid: 8d023938-bac0-11e1-b429-525400951069
  objectclass: ipaassociation
  objectclass: ipasudorule

2. # ldapsearch -LLL -Y GSSAPI -b ou=SUDOers,dc=testrelm,dc=com
SASL/GSSAPI authentication started
SASL username: admin@TESTRELM.COM
SASL SSF: 56
SASL data security layer installed.
dn: ou=sudoers,dc=testrelm,dc=com
objectClass: extensibleObject
ou: sudoers

dn: cn=sudorule1,ou=sudoers,dc=testrelm,dc=com
objectClass: sudoRole
sudoUser: user1
sudoHost: +hostgrp1
cn: sudorule1

3. [root@dhcp201-207 ~]#  ssh -o StrictHostKeyChecking=no -l user1
dhcp201-207.testrelm.com
user1@dhcp201-207.testrelm.com's password:
Last login: Wed Jun 20 07:06:09 2012 from dhcp201-207.testrelm.com
-sh-4.2$

4. -sh-4.2$ sudo -l


Actual results:
/var/log/messages:
Jun 20 07:06:17 dhcp201-207 kernel: [1039881.361685] sssd_nss[20374]: segfault
at 20 ip 0000003af5e89d8d sp 00007fff523572d8 e
rror 4 in libc-2.15.so[3af5e00000+1ac000]
Jun 20 07:06:17 dhcp201-207 abrtd: Directory 'ccpp-2012-06-20-07:06:17-20374'
creation detected
Jun 20 07:06:17 dhcp201-207 abrt[20454]: Saved core dump of pid 20374
(/usr/libexec/sssd/sssd_nss) to /var/spool/abrt/ccpp-201
2-06-20-07:06:17-20374 (1142784 bytes)
Jun 20 07:06:17 dhcp201-207 sssd[nss]: Starting up



Expected results: No crash detected.


Additional info:

relevant sssd.conf:
--8<--
[domain/testrelm.com]

cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = testrelm.com
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = dhcp201-207.testrelm.com
chpass_provider = ipa
ipa_server = dhcp201-207.testrelm.com
ldap_tls_cacert = /etc/ipa/ca.crt
[sssd]
services = nss, pam, ssh
config_file_version = 2

domains = testrelm.com
-->8--

sudo debug:
-sh-4.2$ sudo -l
LDAP Config Summary
===================
uri              ldap://dhcp201-207.testrelm.com
ldap_version     3
sudoers_base     ou=SUDOers,dc=testrelm,dc=com
binddn           uid=sudo,cn=sysaccounts,cn=etc,dc=testrelm,dc=com
bindpw           bind123
bind_timelimit   5
timelimit        15
ssl              no
tls_checkpeer    (yes)
tls_cacertfile   /etc/ipa/ca.crt
tls_cacertdir    /etc/ipa
===================
sudo: ldap_initialize(ld, ldap://dhcp201-207.testrelm.com)
sudo: ldap_set_option: debug -> 0
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_set_option: tls_checkpeer -> 1
sudo: ldap_set_option: tls_cacertfile -> /etc/ipa/ca.crt
sudo: ldap_set_option: tls_cacert -> /etc/ipa/ca.crt
sudo: ldap_set_option: tls_cacertdir -> /etc/ipa
sudo: ldap_set_option: timelimit -> 15
sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 5)
sudo: ldap_sasl_bind_s() ok
sudo: Looking for cn=defaults: cn=defaults
sudo: no default options found in ou=SUDOers,dc=testrelm,dc=com
sudo: ldap search '(|(sudoUser=user1)(sudoUser=%user1)(sudoUser=ALL))'
sudo: searching from base 'ou=SUDOers,dc=testrelm,dc=com'
sudo: adding search result
sudo: ldap sudoHost '+hostgrp1' ... not
sudo: result now has 0 entries
sudo: ldap search '(sudoUser=+*)'
sudo: searching from base 'ou=SUDOers,dc=testrelm,dc=com'
sudo: adding search result
sudo: result now has 0 entries
sudo: sorting remaining 0 entries
sudo: perform search for pwflag 52
sudo: done with LDAP searches
sudo: user_matches=1
sudo: host_matches=0
sudo: sudo_ldap_lookup(52)=0x42
[sudo] password for user1:

Attachments

sssd_nss_backtrace_2012-06-20 (4.8 KB) - added by sgallagh 22 months ago.
Backtrace

Change History

Changed 22 months ago by sgallagh

Backtrace

comment:1 Changed 22 months ago by sgallagh

  • Patch Submitted set
  • Tests Updated unset
  • Priority changed from major to blocker
  • Keywords Regression added
  • Status changed from new to assigned
  • Milestone changed from NEEDS_TRIAGE to SSSD 1.9.0 beta 3
  • tests set to 0
  • upgrade set to 0
  • Owner changed from somebody to sgallagh

comment:2 Changed 22 months ago by shanks

Don't think this is related to sudo since the same crash is detected while doing a "getent netgroup hostgrp1"

comment:3 Changed 22 months ago by sgallagh

  • Summary changed from sssd_nss segfaults when sudo operation is performed. to sssd_nss segfaults performing netgroup lookups without a specified domain

You are correct, Shanks. It was due to the recent patches to the name/domain parsing. A patch is on the sssd-devel list now.

comment:4 Changed 22 months ago by sgallagh

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.