Bug 1025723 - gnome-keyring: does not properly kill gnome-keyring-daemon before exit, race condition causes pam umount fail
Summary: gnome-keyring: does not properly kill gnome-keyring-daemon before exit, race ...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1025724 1030671
Blocks: 1025725
TreeView+ depends on / blocked
 
Reported: 2013-11-01 11:38 UTC by Ratul Gupta
Modified: 2019-09-29 13:09 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-03-03 18:55:39 UTC
Embargoed:

Attachments (Terms of Use)

Description Ratul Gupta 2013-11-01 11:38:42 UTC 
Gnome-keyring is found to have a flaw, where an encrypted disk fails to unmount even after logging out using the pam-mount, and as it's in the background, the user won't be aware of this.

The issue is that in pam/gkr-pam-module.c stop_daemon() sends SIGTERM to the gnome-keyring-daemon process instead of SIGKILL i.e. just requesting shutdown and ensuring the process is killed. This means that when pam_gnome_keyring.so returns from pam_close_session() the daemon is sometimes still running (race condition). Since the daemon has an open socket in the users home directory, pam_mount's umount call will fail. It was found that gnome-keyring-daemon has an open socket at in ~/.cache/keyring-xxxxxx/control, which is started at login.

This issue was reported to be successful under lightdm and XFCE, but should also affect other systems that use pam-gnome-keyring and pam-mount together.

A workaround is posted to replace SIGTERM with SIGKILL in the source. You may want to use SIGTERM/sleep/if(alive) SIGKILL to give the daemon a chance to exit properly.

References:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728312
https://bugzilla.gnome.org/show_bug.cgi?id=711222
http://sourceforge.net/p/pam-mount/mailman/message/31580148/
Comment 1 Ratul Gupta 2013-11-01 11:40:05 UTC 
Created gnome-keyring tracking bugs for this issue:

Affects: fedora-all [bug 1025724]
Comment 3 Stef Walter 2013-12-10 19:47:39 UTC 
When you see this condition, could you do a backtrace of all threads in the gnome-keyring-daemon? gnome-keyring-daemon should exit on SIGTERM. If it doesn't, then that's the bug.
Comment 5 Matthias Clasen 2014-01-27 18:40:09 UTC 
Is there somebody else who can answer Stef's question ?
Comment 6 Vincent Danen 2014-02-06 04:17:33 UTC 
I've not reproduced this and the individual who filed the bug is no longer with Red Hat.

Unfortunately, I am unable to test this being relatively unfamiliar with the program.  I would have hoped that upstream would have looked into this a bit, but it seems like their bug has not progressed.

Maybe the owner of this package could take some time and look at it?  I'm not sure whether this was actually ever tested, or was simply reported this way.

As an aside, nothing has moved on the Debian report so maybe this is a bogus report?  I'm not sure if anyone has reproduced it or not.
Comment 7 Stef Walter 2014-03-06 17:46:32 UTC 
Related bug: https://bugzilla.gnome.org/show_bug.cgi?id=708765

Not sure it's the same issue. Patched upstream.
Note You need to log in before you can comment on or make changes to this bug.