Bug 842304
Summary: | useradd segfault | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Alex Sersen <asersen> |
Component: | shadow-utils | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.3 | CC: | ohudlick, pkis, pvrabec, udtduetl |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-01-28 16:36:04 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 947775, 947782, 1159825 |
Description
Alex Sersen
2012-07-23 12:23:36 UTC
Version of package # rpm -qa shadow-utils shadow-utils-4.1.4.2-13.el6.x86_64 Hi, I'm unable to reproduce this behavior. Is this happening only when adding user named test_asd? Is you RAM ok? Aren't /etc/passwd and /etc/shadow files corrupted? Could you please provide more information? 1. /etc/login.defs if not default 2. /etc/libuser.conf if not default 3. /etc/default/useradd if not default 4. md5sum `which useradd` 5. pwck -r 6. some logs when this happens would be helpful (if available) Thanks, Milan Bartos From the strace it looks like the /etc/shadow file is severely corrupted. Probably the useradd code that handles reading it is not fully safe. However as the /etc/shadow should not be writable by anyone else than root (and setuid helpers) the segfault is probably not a security issue. What would be more interesting to find out why the file is corrupted. This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux. Development Management has reviewed and declined this request. You may appeal this decision by reopening this request. |