Red Hat Bugzilla – Bug 1290689
util-linux: /bin/login does not retry getpwnam_r with larger buffers, leading to login failure
Last modified: 2016-11-03 17:25:37 EDT
Description of problem: On RHEL7.2, if the line in "/etc/passwd" is 1023 or more characters(includes EOL code), the user cannot log in. Version-Release number of selected component (if applicable): - Red Hat Enterprise Linux 7.2 - glibc-2.17-106.el7_2.1 How reproducible: Always Steps to Reproduce: 1. Create text file to fill comment field. # for i in {1..97}; do echo -n "1234567890" ; done > list.txt # echo -n 1234 >> list.txt # wc list.txt 0 1 975 list.txt 2. Add new user adding -c option. # useradd -c `cat list.txt` testuser1 3. Check a result of `getent passwd`. # getent passwd testuser1 testuser1:x:1001:1001:12345678901234567890(..snip..)12345678901234:/home/testuser1:/bin/bash # getent passwd testuser1 | wc -c 1023 4. Check whether the user can log in.
How is this related to bug 1206462? I cannot reproduce this. I have this line in /etc/passwd: testuser1:x:1001:1001:12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234:/home/testuser1:/bin/bash And: $ getent passwd testuser1 | wc -c 1023 And the user is able to log in after setting a password (with OpenSSH password authentication).
My guess is that the customer tries to log on over a TTY or via telnetd. In this case, the system log should contain an error message like this one: Dec 11 05:35:09 localhost login[28294]: Invalid user name "testuser1" in main:1229. Abort This refers to login-utils/login.c in util-linux. The error reflects a failure of the get_passwd_entry function, which does this: struct passwd *res = NULL; size_t sz = 16384; int x; if (!pwdbuf || !username) return NULL; #ifdef _SC_GETPW_R_SIZE_MAX { long xsz = sysconf(_SC_GETPW_R_SIZE_MAX); if (xsz > 0) sz = (size_t) xsz; } #endif *pwdbuf = xrealloc(*pwdbuf, sz); x = getpwnam_r(username, pwd, *pwdbuf, sz, &res); _SC_GETPW_R_SIZE_MAX is misnamed, it is a recommended starting value, not an upper bound. But the code in util-linux does not retry with a larger buffer, as it is reqired. See the getpwnam_r manual page for details.
> _SC_GETPW_R_SIZE_MAX is misnamed, it is a recommended starting value, not an upper bound. Your guess might be right. $ cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.2 (Maipo) $ rpm -q glibc glibc-2.17-106.el7_2.1.x86_64 $ cat test_sysconf.c #include<stdio.h> #include<unistd.h> int main(){ size_t sz = 16384; long xsz = sysconf(_SC_GETPW_R_SIZE_MAX); if(xsz > 0){ sz = (size_t)xsz; } printf("%d %d\n", sz, xsz ); return 0; } $ gcc -o test_sysconf test_sysconf.c $ ./test_sysconf 1024 1024
Please, fix getpwnam man page, because EXAMPLE section suggests SC_GETPW_R_SIZE_MAX as optimal buffer size...
Fixed by upstream commit f7ac9e71b18fa7314151f2ab65ee0bdd2ea89c07. The patch hardcodes 16K buffer size, not sure if we have something more elegant...
(In reply to Karel Zak from comment #6) > Fixed by upstream commit f7ac9e71b18fa7314151f2ab65ee0bdd2ea89c07. > > The patch hardcodes 16K buffer size, not sure if we have something more > elegant... The recommended way is to keep retrying with a larger buffer size, doubling it every time. The API is somewhat on the bizarre side, but it's how it was standardized in POSIX.
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2605.html