Bug 1031334
| Summary: | LMI_AccountProvider crash if user password is in /etc/passwd instead of /etc/shadow | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Klaus Kämpf <kkaempf> | ||||
| Component: | openlmi-providers | Assignee: | Tomáš Bžatek <tbzatek> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | rawhide | CC: | jsafrane, jsynacek, miminar, pschiffe, rnovacek, rrakus, tsmetana, vcrhonek | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | |||||||
| : | 1049499 (view as bug list) | Environment: | |||||
| Last Closed: | 2013-12-03 12:38:17 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 1049499 | ||||||
| Attachments: |
|
||||||
Thanks for the patch, good catch. I've committed slightly modified version upstream: https://git.fedorahosted.org/cgit/openlmi-providers.git/commit/?id=593292b27221d05d2d43485d8ac9d026cca8a7c2 FYI, pulling information from two independent files is always racy as they're modified separately and e.g. the account indication watcher is getting inotify events on both files. That means there's slight chance to hit the moment where both files are not fully updated yet and libuser reader may not provide all information we require. We're working on a workaround. |
Created attachment 825007 [details] Patch to fall back to /etc/passwd if /etc/shadow returns NULL password Description of problem: Enumeration of LMI_Account instances leads to a NULL pointer exceptiion Version-Release number of selected component (if applicable): How reproducible: Enumerate instances of LMI_Account Steps to Reproduce: 1. 2. 3. Actual results: sigsegv Expected results: List of user accounts Additional info: Adding debug prints lead to a user name which has no entry in /etc/shadow, leading to a NULL value returned from aux_lu_get_str(lue, LU_SHADOWPASSWORD)