Bug 3523

Summary: "rpm --checksig" seg faults when run by non-root user with pgp 2.6.3 or 2.6.2
Product: [Retired] Red Hat Linux Reporter: alborchers
Component: rpmAssignee: Jay Turner <jturner>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0CC: srevivo
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-06-25 10:11:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description alborchers 1999-06-17 05:25:03 UTC 
"rpm --checksig" core dumps with a segmentation fault when
run by a non-root user with pgp 2.6.3 or 2.6.2.  When run by
root, or when run by a normal user but with "--nopgp", there
is no problem.  An strace ends like this

...
fcntl(3, F_GETFL)                       = 0 (flags O_RDONLY)
fstat(3, {st_mode=S_ISUID|S_ISVTX|0406, st_size=0, ...}) = 0
mmap(0, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40001000
_llseek(0x3, 0, 0, 0xbfff7a50, 0x1)     = -1 ESPIPE (Illegal
seek)
read(3, "\n\7Keyring file \'/home/borcher"..., 4096) = 274
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x40001000, 4096)                = 0
wait4(1027, [WIFEXITED(s) && WEXITSTATUS(s) == 1], 0, NULL)
= 1027
unlink("/var/tmp/rpmsihPzRUu")          = 0
--- SIGSEGV (Segmentation fault) ---
+++ killed by SIGSEGV +++

-- Al Borchers
   alborchers
Comment 1 Jeff Johnson 1999-06-17 15:06:59 UTC 
What does "rpm -q rpm" report?

------- Email Received From  Al Borchers <alborchers> 06/17/99 15:45 -------
Comment 2 Jeff Johnson 1999-06-17 20:23:59 UTC 
Do you have pgp5 installed?

Are your ~/.rpmmacros and/or PGP_* env variables different?

Could you also try rpm-3.0.1-12.6.0 from ftp.rpm.org? A couple
of signature (as well as other) problems are fixed there.
Comment 3 alborchers 1999-06-20 03:50:59 UTC 
Ah, yes, the .rpmmacro files are different on the two machines.  On
the machine where it does NOT core dump, there is NO .rpmmacro file.
On the machine where it DOES core dump, there is an .rpmmacro file
with this line

%_pgp_path /home/borchers/.pgp/pubring.pgp

This probably came from an earlier 5.2 installation.  When I removed
this file, I could do "rpm --checksig" as a non-root user.

Thanks,
-- Al

>"rpm -q rpm" reports rpm-3.0-6.0.
>
>Another comment: I tried "rpm --checksig ..." on another machine, as
a
>non-root user, also with RH 6.0 and it DID NOT core dump.  Doubled
>checked
>on my first machine, and it DID core dump.  The machines are
>different
>hardware, but very similar RH 6.0 installations.  Both have pgp
>2.6.3.
Comment 4 Jeff Johnson 1999-06-25 10:11:59 UTC 
*** This bug has been marked as a duplicate of 3720 ***