Bug 987536
| Summary: | sssd_be segfaults on sudo usage | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | mleary |
| Component: | sssd | Assignee: | Jakub Hrozek <jhrozek> |
| Status: | CLOSED DUPLICATE | QA Contact: | Kaushik Banerjee <kbanerje> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.4 | CC: | grajaiya, jgalipea, lslebodn, mleary, okos, pbrezina |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-08-08 08:18:18 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
mleary
2013-07-23 15:30:27 UTC
Thank you very much for the bug report. We are not currently aware of any sssd_be crash related to sudo. Feel free to send the corefile to my address (jhrozek) and copy Pavel Brezina (pbrezina). Also would you mind attaching the logs when you send the core file? To generate the logs, put "debug_level=10" into the [sudo] and [domain] sections of the sssd.conf, restart the sssd, re-run the crasher case and then attach the contents of /var/log/sssd/ Thank you! Hi, thank you for the corefile. Unfortunately, it is not clear why SSSD gets to the state where it crashes. Can you also send us the logs and possibly sssd.conf please? Is this always reproducible or does this happen only sporadically? Hi, any luck getting the log files Pavel requested? Since you were able to reproduce the problem in-house, the log files would be a great help for us.. Sorry, I'll email the log entries today. This does happen sporadically, I'd say maybe 10% of the time we run sudo. I should also mention we are not using SSSD for our sudo database, we are using the standard sudoers file. However there are groups in sudoers that come from ldap via SSSD. (In reply to mleary from comment #6) > Sorry, I'll email the log entries today. This does happen sporadically, I'd > say maybe 10% of the time we run sudo. Right, according to Pavel's investigation of the core file, the bug is actually a use-after-free problem, so chances are that the contents of the memory are still available despite beeing freed most of the time. > I should also mention we are not > using SSSD for our sudo database, we are using the standard sudoers file. > However there are groups in sudoers that come from ldap via SSSD. Yep, the crash seems to have happened in the nested group processing. Thanks for the logs, either me or Pavel would take a look.. Hello Mark, we believe we found the culprit. There was a use-after-free situation in one of the less probable branches of the nested group processing. I built test packages which are the same as the 6.4 ones, just with the additional fix on top. Can you try them out if you have a moment? The builds are here: http://jhrozek.fedorapeople.org/sssd-test-builds/sssd-nested-group-crash/ btw this is most likely the same issue as the one tracked in #963235 Marking this bug as duplicate of #963235 as that one has more complete information. *** This bug has been marked as a duplicate of bug 963235 *** |