RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1030163 - gdm fails to answer XDMCP queries when DNS is not configured
Summary: gdm fails to answer XDMCP queries when DNS is not configured
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: gdm
Version: 6.4
Hardware: All
OS: Linux
unspecified
high
Target Milestone: rc
: ---
Assignee: Ray Strode [halfline]
QA Contact: Desktop QE
URL:
Whiteboard:
Depends On:
Blocks: 1286631
TreeView+ depends on / blocked
 
Reported: 2013-11-14 04:09 UTC by Ben Stanley
Modified: 2019-07-11 07:48 UTC (History)
4 users (show)

Fixed In Version: gdm-2.30.4-63.el6
Doc Type: Bug Fix
Doc Text:
Cause: errors in debug logging code make daemon go into infinite loop when debugging is enabled and DNS is misconfigured. Consequence: XDMCP doesn't work, or works sporadically when debug mode is enabled. debug code prints NULL instead of remote server host in failure scenarios. Fix: change debug code to not call itself and to not nullify/leak hostname. Result: daemon doesn't lock up anymore and prints more intelligible error messages.
Clone Of:
: 1286631 (view as bug list)
Environment:
Last Closed: 2014-10-14 08:20:34 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Article) 1498203 0 None None None Never
Red Hat Product Errata RHBA-2014:1591 0 normal SHIPPED_LIVE gdm bug fix update 2014-10-14 01:27:05 UTC

Description Ben Stanley 2013-11-14 04:09:37 UTC 
Description of problem:
gdm-binary does not respond to QUERY or connection requests when reverse host lookup is misconfigured, and also when DNS is misconfigured. Error messages are not helpful.

Version-Release number of selected component (if applicable):
2.30.4-33.el6_2

How reproducible:
Always

Steps to Reproduce:
1. Install a clean system, hostname "test-gdm". Include GNOME Desktop.
2. Turn off SELinux
Edit /etc/selinux/config
Change SELINUX=enforcing to SELINUX=disabled
reboot
verify:
getenforce
-> Disabled
3. Disable firewall
    service iptables stop
    chkconfig iptables off
verify:
    iptables -L
tables should be empty.
4. Enable XDMCP
Edit the file /etc/gdm/custom.conf
Insert line "Enabled=true" in the [xdmcp] section.
Insert line "Enabled=true" in the [debug] section - we will need it later.
5. Re-start XDMCP
    telinit 4
    telinit 5
(May need to fiddle with virtual terminals CTRL-ALT-F1 etc if working on the console)
6. Verify
Inspect /var/log/messages for GdmXdmcpDisplayFactory: Starting to listen on XDMCP port
7. Log packets on test-gdm machine (as root):
    tcpdump -i any "udp and port 177"
Leave this running in a window somewhere.
7. Connect:
From another machine:
    Xnest :1 -query test-gdm
Should display gdm login.
Also note the output of tcpdump indicates a two-way conversation.
8. Break it: destroy DNS configuration
Edit /etc/resolv.conf
Comment out whatever nameserver line is there
Insert a new nameserver line pointing to a non-existent machine
e.g
nameserver 192.168.200.200
7. Re-start XDMCP
    telinit 4
    telinit 5
8. Connect:
From another machine:
    Xnest :1 -query test-gdm
Shows only black screen
Also note the output of tcpdump indicates incoming packets only. There are no replies.

The log file displays
Nov 13 14:16:54 test-gdm gdm-binary[20376]: DEBUG(+): GdmXdmcpDisplayFactory: decode_packet: GIOCondition 1
Nov 13 14:16:54 test-gdm gdm-binary[20376]: DEBUG(+): Address family:2 (inet) hostname:(null) host:(null) port:(null) local:1 loopback:1
Nov 13 14:16:54 test-gdm gdm-binary[20376]: DEBUG(+): Address family:2 (inet) hostname:(null) host:(null) port:(null) local:0 loopback:0
Nov 13 14:17:04 test-gdm gdm-binary[20376]: WARNING: Unable to lookup hostname: Temporary failure in name resolution
Nov 13 14:17:04 test-gdm gdm-binary[20376]: DEBUG(+): Address family:2 (inet) hostname:(null) host:(null) port:(null) local:1 loopback:1
Nov 13 14:17:04 test-gdm gdm-binary[20376]: DEBUG(+): Address family:2 (inet) hostname:(null) host:(null) port:(null) local:0 loopback:0
Nov 13 14:17:14 test-gdm gdm-binary[20376]: WARNING: Unable to lookup hostname: Temporary failure in name resolution


The log output may be found in /var/log/messages
(or /var/log/gdm/gdm-binary for gdm 2.30.4-34)
The problem is that the name lookup fails, and reverse lookup also fails, and gdm gets caught in a recursive mess trying to look up the names for the debug messages.

Additional info:
There is a non-terminating mutually recursive set of functions in common/gdm-address.c . The recursion takes the following form:
lookup failure in gdm_address_get_hostname
     -> calls _gdm_address_debug
     -> calls gdm_address_is_local
     -> calls gdm_address_peek_local_list
     -> calls add_local_siocgifconf
     -> calls gdm_address_debug
     -> calls gdm_address_get_hostname

Even if the recursion is broken (the best place seems to be to remove gdm_address_debug call from add_local_siocgifconf), gdm-binary still fails to respond to XDMCP requests when the DNS is broken.

It would be helpful if the debug log indicated what lookup failed. The log includes lines like
Unable to lookup hostname: Temporary failure in name resolution
but these lines are then followed by non-informative nonsense. It would be better if the software printed what it did know (without failing or delaying further) in this case!

Related problems are found when the DNS is mis-configured for reverse lookups.
Comment 2 RHEL Program Management 2013-11-17 08:34:51 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 3 Ray Strode [halfline] 2014-04-03 13:12:42 UTC 
devack+
Comment 12 Marcel Wysocki 2014-07-22 12:22:22 UTC 
+1
Comment 19 errata-xmlrpc 2014-10-14 08:20:34 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1591.html
Note You need to log in before you can comment on or make changes to this bug.