Bug 112882

Summary: programms which use nss_ldap are SIGPIPING
Product: [Fedora] Fedora Reporter: Georg Lutz <glist>
Component: nss_ldapAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: 1CC: k.georgiou, mattdm
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-10-25 19:15:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Georg Lutz 2004-01-05 10:44:17 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de-AT; rv:1.5) Gecko/20031207

Description of problem:
From http://bugzilla.padl.com/show_bug.cgi?id=154 :

---
Function _nss_ldap_enter (ldap_nss.c) blocks signal SIGPIPE by
sigprocmask. If between calls _nss_ldap_enter and _nss_ldap_leave the
program receives signal SIGPIPE after removal of the blocking in
_nss_ldap_leave this signal leads to abort program with the message
"Broken pipe". IMHO it is necessary to not block this signal, and to
ignore by sigaction(), as in cases when HAVE_SIGPROCMASK it is not
defined. For check I while commented a line "#define HAVE_SIGPROCMASK 1"
in config.h - the program works without aborts.
---

I observed this problem when I tried to compile courier:

http://www.mail-archive.com/courier-users%40lists.sourceforge.net/msg16399.html



Version-Release number of selected component (if applicable):
nss_ldap-207-3

How reproducible:
Always

Steps to Reproduce:
1. install and configure nss_ldap / authconfig to a ldap-server
2. type in bash: for seq in 1 2; do if test "`eval echo ~$USERID`" !=
~$USERID; then echo "123";fi;done'
3. ouput is:
   123
   Daten�bergabe unterbrochen (broken pipe)
    

Actual Results:  bash is terminating with SIGPIPE

Additional info:

I patched the source of the nss_ldap Source RPM.

I commented out everything in ldap_nss.c as when HAVE_SIGPROCMASK
would have been not defined. Then I rebuild and installed the patched
rpm and now I get no more SIGPIPE - errors.

But I am not sure if this patch breaks something else.
Comment 1 David Lehman 2004-11-10 16:05:25 UTC 
See also https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134567
Comment 2 Matthew Miller 2006-07-11 17:50:26 UTC 
Fedora Core 1 is maintained by the Fedora Legacy project for security updates
only. If this problem is a security issue, please reopen and reassign to the
Fedora Legacy product. If it is not a security issue and hasn't been resolved in
the current FC5 updates or in the FC6 test release, reopen and change the
version to match.

Thanks!

NOTE: Fedora Core 1 is reaching the final end of support even by the Legacy
project. After Fedora Core 6 Test 2 is released (currently scheduled for July
26th), there will be no more security updates for FC1. Please use these next two
weeks to upgrade any remaining FC1 systems to a current release.
Comment 3 John Thacker 2006-10-25 19:15:39 UTC 
Should be fixed now.  I know that it was fixed in RHEL a long time ago, and
there have been many versions of nss_ldap since this bug.