Description of problem: when glibc tries to load nss libraries in a chroot environment where those libraries don't exist, the library segfaults. this is showing up when running an rsync server that has chroot enabled (default), files owned by non root (otherwise getpwuid isn't called), and a remote client that enables -o (to preserve ownership). Version-Release number of selected component (if applicable): glibc-2.3.4-2 How reproducible: every time. Steps to Reproduce: 1. chroot 2. call getpwuid 3. Actual results: segfault Expected results: getpwuid should return null to indicate that it can't map the uid. Additional info: c code to exhibit problem (must be run as root for chroot to work): #include <sys/types.h> #include <pwd.h> main() { struct passwd *p; chroot("/tmp"); chdir("/"); p = getpwuid(666); if (p) { printf("%s\n", p->pw_name); } exit(0); } strace of invocation: execve("./test", ["./test"], [/* 37 vars */]) = 0 uname({sys="Linux", node="jupiter.spiretech.com", ...}) = 0 brk(0) = 0xa03e000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=115297, ...}) = 0 old_mmap(NULL, 115297, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7fe3000 close(3) = 0 open("/lib/tls/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 ov\000"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1212936, ...}) = 0 old_mmap(0x752000, 1215644, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x752000 old_mmap(0x875000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x123000) = 0x875000 old_mmap(0x879000, 7324, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x879000 close(3) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fe2000 mprotect(0x875000, 4096, PROT_READ) = 0 mprotect(0x74a000, 4096, PROT_READ) = 0 set_thread_area({entry_number:-1 -> 6, base_addr:0xb7fe2940, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 munmap(0xb7fe3000, 115297) = 0 chroot("/tmp") = 0 chdir("/") = 0 brk(0) = 0xa03e000 brk(0xa05f000) = 0xa05f000 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) close(3) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) close(3) = 0 open("/etc/nsswitch.conf", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = -1 ENOENT (No such file or directory) open("/lib/tls/i686/sse2/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls/i686/sse2", 0xbff98984) = -1 ENOENT (No such file or directory) open("/lib/tls/i686/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls/i686", 0xbff98984) = -1 ENOENT (No such file or directory) open("/lib/tls/sse2/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls/sse2", 0xbff98984) = -1 ENOENT (No such file or directory) open("/lib/tls/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/tls", 0xbff98984) = -1 ENOENT (No such file or directory) open("/lib/i686/sse2/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i686/sse2", 0xbff98984) = -1 ENOENT (No such file or directory) open("/lib/i686/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/i686", 0xbff98984) = -1 ENOENT (No such file or directory) open("/lib/sse2/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib/sse2", 0xbff98984) = -1 ENOENT (No such file or directory) open("/lib/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/lib", 0xbff98984) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/i686/sse2/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls/i686/sse2", 0xbff98984) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/i686/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls/i686", 0xbff98984) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/sse2/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls/sse2", 0xbff98984) = -1 ENOENT (No such file or directory) open("/usr/lib/tls/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/tls", 0xbff98984) = -1 ENOENT (No such file or directory) open("/usr/lib/i686/sse2/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i686/sse2", 0xbff98984) = -1 ENOENT (No such file or directory) open("/usr/lib/i686/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/i686", 0xbff98984) = -1 ENOENT (No such file or directory) open("/usr/lib/sse2/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib/sse2", 0xbff98984) = -1 ENOENT (No such file or directory) open("/usr/lib/libnss_compat.so.2", O_RDONLY) = -1 ENOENT (No such file or directory) stat64("/usr/lib", 0xbff98984) = -1 ENOENT (No such file or directory) --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV (core dumped) +++
This is already fixed in glibc-2.3.4-2.4 and onwards. Current RHEL4 U1 candidate glibc is 2.3.4-2.7.