Bug 1467808

libnss_files-2.17.so is in glibc. Please run "rpm -q glibc" and "rpm -V glibc" and report the outputs from those (the latter should not output anything).

Also make sure you are running the latest kernel, kernel-3.10.0-514.26.2.el7.x86_64. If this problem is related to the stack clash vulnerability, 3.10.0-514.26.2 was the first kernel to have the proper fix.

glibc version:  glibc-2.17-157.el7_3.4.x86_64
rpm -V glibc gives no output
(In reply to Anssi Johansson from comment #1)
> libnss_files-2.17.so is in glibc. Please run "rpm -q glibc" and "rpm -V
> glibc" and report the outputs from those (the latter should not output
> anything).

[root@virt3 ~]# rpm -q glibc
glibc-2.17-157.el7_3.4.x86_64
[root@virt3 ~]# rpm -V glibc
[root@virt3 ~]# 

No output from the last command.

> Also make sure you are running the latest kernel,
> kernel-3.10.0-514.26.2.el7.x86_64. If this problem is related to the stack
> clash vulnerability, 3.10.0-514.26.2 was the first kernel to have the proper
> fix.

I have installed the latest kernel:

[root@virt3 ~]# uname -r
3.10.0-514.26.2.el7.x86_64

Still, when starting nrpe, I get the same segfault.

I'm unable to reproduce the problem myself. If you can, it would help if you could set up a 2nd fresh installation of CentOS and test the steps to reproduce on that system.

I am also unable to reproduce this bug on 2 different EL7 systems using RHEL and CentOS. However I did find a similar bug being seen by people who are using Centreon 

https://github.com/NagiosEnterprises/nagioscore/issues/59 

Are there any extra variables set for these systems?

> Are there any extra variables set for these systems?

No, not that I know.
But I discovered that when I install nrpe and don't change the config file, nrpe just starts. But what I did was take the config file from nrpe 2.17 and use it for  nrpe 3.1.1 wich seems to trigger the segfault.

Let me examine the config file to see what line(s) cause the segfault.

(In reply to Jurgen Goedbloed from comment #5)

> Let me examine the config file to see what line(s) cause the segfault.

OK I got it. Leaving out the nrpe_user line in nrpe.cfg triggers a segfault.
In version 2.17 this was no problem.

Is this related to the RPM package or a bug in nrpe itself?

This looks to be a problem in nrpe itself vs with the package.

OK I have been able to replicate this on EL7 but it does not happen on Fedora 25. 

Starting program: /sbin/nrpe -d -f -c /etc/nagios/nrpe.cfg
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff533bed8 in _nss_files_getpwnam_r (name=0x0, result=0x7ffff735c260 <resbuf.9824>, buffer=0x62d930 "root", buflen=1024, errnop=0x7ffff7fea7c0)
    at nss_files/files-pwd.c:32
32	DB_LOOKUP (pwnam, '.', 0, ("%s", name),
(gdb) where
#0  0x00007ffff533bed8 in _nss_files_getpwnam_r (name=0x0, result=0x7ffff735c260 <resbuf.9824>, buffer=0x62d930 "root", buflen=1024, errnop=0x7ffff7fea7c0)
    at nss_files/files-pwd.c:32
#1  0x00007ffff705c7dd in __getpwnam_r (name=name@entry=0x0, resbuf=resbuf@entry=0x7ffff735c260 <resbuf.9824>, buffer=0x62d930 "root", buflen=1024, 
    result=result@entry=0x7fffffffd960) at ../nss/getXXbyYY_r.c:266
#2  0x00007ffff705c17f in getpwnam (name=name@entry=0x0) at ../nss/getXXbyYY.c:116
#3  0x00000000004093a2 in clean_environ (keep_env_vars=<optimized out>, nrpe_user=0x0) at ./utils.c:327
#4  0x0000000000407567 in set_stdio_sigs () at ./nrpe.c:652
#5  0x0000000000408479 in run_src () at ./nrpe.c:577
#6  0x0000000000403bf5 in main (argc=5, argv=0x7fffffffe3e8) at ./nrpe.c:203

Problem is here: 

        pw = (struct passwd *)getpwnam(nrpe_user);
        if (pw == NULL) {
                char    *end = NULL;
                uid_t   uid = strtol(nrpe_user, &end, 10);
                if (uid > 0)
                        pw = (struct passwd *)getpwuid(uid);
                if (pw == NULL || *end != '\0')
                        return OK;
        }

https://github.com/NagiosEnterprises/nrpe/issues/146

Thanks for the catch on this.

nrpe-3.1.1-4.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f8ea02db72

The build 3.1.1-4 backports a fix from upstream. It seemed to work for me but I would like extra testing (EPEL-7 package is building) I expect it will show up in epel-testing this weekend.

nrpe-3.1.1-4.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-86db243830

nrpe-3.1.1-4.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f8ea02db72

nrpe-3.1.1-6.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-9d9d9c0909

nrpe-3.1.1-6.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec253d8f54

nrpe-3.1.1-6.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-18adf0fe26

nrpe-3.1.1-6.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-1f50be4847

nrpe-3.1.1-6.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.

nrpe-3.1.1-6.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.

nrpe-3.2.0-6.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-030b96c51c

nrpe-3.2.0-6.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-bb989d629b

nrpe-3.2.0-6.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-030b96c51c

nrpe-3.2.0-6.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.

nrpe-3.2.0-6.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.