Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1290689 - util-linux: /bin/login does not retry getpwnam_r with larger buffers, leading to login failure
util-linux: /bin/login does not retry getpwnam_r with larger buffers, leading...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: util-linux (Show other bugs)
7.2
x86_64 Linux
high Severity high
: rc
: ---
Assigned To: Karel Zak
qe-baseos-daemons
:
Depends On:
Blocks: 1203710 1289485 1313485
  Show dependency treegraph
 
Reported: 2015-12-11 03:05 EST by kyoneyama
Modified: 2016-11-03 17:25 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-03 17:25:37 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:2605 normal SHIPPED_LIVE Low: util-linux security, bug fix, and enhancement update 2016-11-03 08:13:26 EDT

  None (edit)
Description kyoneyama 2015-12-11 03:05:12 EST 
Description of problem:

On RHEL7.2, if the line in "/etc/passwd" is 1023 or more characters(includes EOL code), the user cannot log in.


Version-Release number of selected component (if applicable):

- Red Hat Enterprise Linux 7.2
- glibc-2.17-106.el7_2.1

How reproducible:

Always


Steps to Reproduce:

1. Create text file to fill comment field.

   # for i in {1..97}; do echo -n "1234567890" ; done > list.txt
   # echo -n 1234 >> list.txt
   # wc list.txt
      0   1 975 list.txt 

2. Add new user adding -c option.

   # useradd -c `cat list.txt` testuser1

3. Check a result of `getent passwd`.

  # getent passwd testuser1
  testuser1:x:1001:1001:12345678901234567890(..snip..)12345678901234:/home/testuser1:/bin/bash
  
  # getent passwd testuser1 | wc -c
  1023
  
4. Check whether the user can log in.
Comment 1 Florian Weimer 2015-12-11 04:43:44 EST 
How is this related to bug 1206462?

I cannot reproduce this.  I have this line in /etc/passwd:

testuser1:x:1001:1001:12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234:/home/testuser1:/bin/bash

And:

$ getent passwd testuser1 | wc -c
1023

And the user is able to log in after setting a password (with OpenSSH password authentication).
Comment 3 Florian Weimer 2015-12-11 05:46:19 EST 
My guess is that the customer tries to log on over a TTY or via telnetd.  In this case, the system log should contain an error message like this one:

Dec 11 05:35:09 localhost login[28294]: Invalid user name "testuser1" in main:1229. Abort

This refers to login-utils/login.c in util-linux.  The error reflects a failure of the get_passwd_entry function, which does this:

	struct passwd *res = NULL;
	size_t sz = 16384;
	int x;

	if (!pwdbuf || !username)
		return NULL;

#ifdef _SC_GETPW_R_SIZE_MAX
	{
		long xsz = sysconf(_SC_GETPW_R_SIZE_MAX);
		if (xsz > 0)
			sz = (size_t) xsz;
	}
#endif
	*pwdbuf = xrealloc(*pwdbuf, sz);

	x = getpwnam_r(username, pwd, *pwdbuf, sz, &res);

_SC_GETPW_R_SIZE_MAX is misnamed, it is a recommended starting value, not an upper bound.  But the code in util-linux does not retry with a larger buffer, as it is reqired.  See the getpwnam_r manual page for details.
Comment 4 kyoneyama 2015-12-15 00:50:13 EST 
> _SC_GETPW_R_SIZE_MAX is misnamed, it is a recommended starting value, not an upper bound.  

Your guess might be right.


  $ cat /etc/redhat-release 
  Red Hat Enterprise Linux Server release 7.2 (Maipo)

  $ rpm -q glibc
  glibc-2.17-106.el7_2.1.x86_64

  $ cat test_sysconf.c
 
  #include<stdio.h>
  #include<unistd.h>
  
  int main(){
    size_t sz = 16384;
    long xsz = sysconf(_SC_GETPW_R_SIZE_MAX);
    if(xsz > 0){
      sz = (size_t)xsz;
    }
    printf("%d %d\n", sz, xsz );
    return 0;
  }

  $ gcc -o test_sysconf test_sysconf.c
  $  ./test_sysconf
  1024 1024
Comment 5 Karel Zak 2015-12-15 06:10:14 EST 
Please, fix getpwnam man page, because EXAMPLE section suggests SC_GETPW_R_SIZE_MAX as optimal buffer size...
Comment 6 Karel Zak 2015-12-15 06:36:25 EST 
Fixed by upstream commit f7ac9e71b18fa7314151f2ab65ee0bdd2ea89c07.

The patch hardcodes 16K buffer size, not sure if we have something more elegant...
Comment 7 Florian Weimer 2016-01-04 06:03:32 EST 
(In reply to Karel Zak from comment #6)
> Fixed by upstream commit f7ac9e71b18fa7314151f2ab65ee0bdd2ea89c07.
> 
> The patch hardcodes 16K buffer size, not sure if we have something more
> elegant...

The recommended way is to keep retrying with a larger buffer size, doubling it every time.  The API is somewhat on the bizarre side, but it's how it was standardized in POSIX.
Comment 9 Mike McCune 2016-03-28 18:54:17 EDT 
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions
Comment 13 errata-xmlrpc 2016-11-03 17:25:37 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2605.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.