Bug 1043557

Summary: nscd segfaults when running sudo with netgroup caching enabled.
Product: Red Hat Enterprise Linux 6 Reporter: hgraham
Component: glibcAssignee: Siddhesh Poyarekar <spoyarek>
Status: CLOSED ERRATA QA Contact: Arjun Shankar <ashankar>
Severity: high Docs Contact:
Priority: high    
Version: 6.5CC: aglotov, alanm, ashankar, bhubbard, codonell, cwfox, dkochuka, fweimer, hgraham, jherrman, jkurik, law, mfranc, mnewsome, mschuppe, m.weiser, pablo.iranzo, pfrankli, spoyarek
Target Milestone: rcKeywords: Reopened, ZStream
Target Release: 6.6   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: glibc-2.12-1.133.el6 Doc Type: Bug Fix
Doc Text:
Due to problems with buffer extension and reallocation, the nscd daemon terminated unexpectedly with a segmentation fault when processing long netgroup entries. With this update, the handling of long netgroup entries has been corrected and nscd no longer crashes in the described scenario.
 Story Points: ---
Clone Of:
: 1138520 (view as bug list) Environment:
Last Closed: 2014-10-14 04:42:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 994246, 1023566, 1054846, 1056252, 1087789    

Description hgraham 2013-12-16 16:09:26 UTC 
Description of problem:
After upgrading to RHEL6.5 nscd segfaults when a user runs sudo. It appears the problem is due to netgroup caching by nscd. The netgroups are stored in LDAP.

Version-Release number of selected component (if applicable):
nscd-2.12-1.132.el6.x86_64

How reproducible:
I haven't reproduced, but this is happening on multiple servers for the customer

Steps to Reproduce:
1. Need to use sudo with nscd netgroup caching and netgroups stored in LDAP

Actual results:
nscd segfaults when running sudo

Dec 13 08:54:28 server kernel: nscd[11646]: segfault at 7fffe54ed000 ip 00007ffff6e32aab sp 00007fffe54e98e8 error 6 in libc-2.12.so[7ffff6da9000+18b000]

Expected results:
nscd doesn't segfault when running sudo


Additional info:
possible workaround may be to disable netgroup caching by nscd
Comment 20 Carlos O'Donell 2013-12-20 19:04:58 UTC 
The solution in this case is to upgrade nss nss-tools and nss-sysinit. NSS is used by glibc for hashing functions and there are bugs in nss* that impact glibc and nscd.
Comment 65 Siddhesh Poyarekar 2014-04-15 14:15:18 UTC 
*** Bug 1087838 has been marked as a duplicate of this bug. ***
Comment 67 errata-xmlrpc 2014-10-14 04:42:37 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-1391.html