RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1536170 - FreeRADIUS 3.0.13 SQLite driver does not close file handler leading to crash
Summary: FreeRADIUS 3.0.13 SQLite driver does not close file handler leading to crash
Keywords:
Status: CLOSED INSUFFICIENT_DATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: freeradius
Version: 7.4
Hardware: x86_64
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Alex Scheel
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks: 1565579
TreeView+ depends on / blocked
 
Reported: 2018-01-18 19:08 UTC by brent s.
Modified: 2019-07-17 13:57 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1565579 (view as bug list)
Environment:
Last Closed: 2019-07-17 13:57:32 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
CentOS 14391 0 None None None 2018-01-18 19:08:50 UTC

Description brent s. 2018-01-18 19:08:50 UTC 
Description of problem:
The RPM of freeradius is affected by this bug:

https://github.com/FreeRADIUS/freeradius-server/issues/1879

Thu Jan 18 18:14:29 2018 : Info: rlm_sql (sql): Opening additional connection (56), 1 of 1 pending slots used
Thu Jan 18 18:14:29 2018 : Info: rlm_sql_sqlite: Opening SQLite database "/usr/local/[REDACTED]/radius.sqlite"
Thu Jan 18 18:14:29 2018 : Error: rlm_sql_sqlite: Error opening SQLite database "/usr/local/[REDACTED]/radius.sqlite": Code 0x000e (14): unable to open database file
Thu Jan 18 18:14:29 2018 : Error: rlm_sql (sql): Opening connection failed (56)
Thu Jan 18 18:14:29 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:31 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:33 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:34 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:35 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:37 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:39 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:41 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:43 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying
Thu Jan 18 18:14:45 2018 : Error: rlm_sql (sql): Last connection attempt failed, waiting 30 seconds before retrying


Notice reported version as well, "I noticed the issue on FreeRADIUS 3.0.x (git, 3.0.13 at the time of writing) and 3.0.12"

There were fixes pushed to address this. 35e03eabd768d7ce5c2e9048b3deba702ff89674 attempts to fix but introduced new issues, and I unfortunately don't have subsequent commit refs for the following fixes. However, it does seem to now be fixed.


Version-Release number of selected component (if applicable):
freeradius-3.0.13-8.el7_4.x86_64

How reproducible:
Sometimes

Steps to Reproduce:
1. Configure FreeRADIUS with sqlite3 connection
2. Wait (problem is intermittent)


Actual results:
FreeRADIUS spams above errors to /var/log/radius/radius.log and requires kill/restart of software to work correctly, on some hosts with the problem occurring 10 minutes later again

Expected results:
FreeRADIUS manages authentication properly


Additional info:
See above for GitHub issue
Comment 2 Nikolai Kondrashov 2018-01-19 07:42:24 UTC 
Thank you very much for the report, Brent! We will see if we can incorporate a fix for this into one of our future releases. If you're a Red Hat customer, please open an issue through support to speed this up.
Comment 3 brent s. 2018-01-19 07:48:54 UTC 
thanks, Nikolai! sadly, i'm one of the CentOS plebians, but this is unfortunately holding $dayjob back from moving from 6.x to 7.x. (and was a bit of a rude awakening for the dozen or so we had already moved over since it didn't exhibit immediately.)

is there a direct bounty route i can take or the like for expedition?

would the fix be released to the updates channel since it causes failure for the FR service, or would it have to wait for another point release for the distribution?
Comment 4 Nikolai Kondrashov 2018-01-22 16:29:40 UTC 
The minimal upstream fix of the crash is trivial, and has low impact. We will work on getting it into the nearest release possible.

However, the error message fix is more invasive and we would prefer not to include it.
Comment 13 Nikolai Kondrashov 2018-04-11 09:53:58 UTC 
Brent, unfortunately my initial analysis was incorrect. The issue you mention was fixed before v3.0.13 was released, and the fix is incorporated into the packages we ship in RHEL. So, you're seeing some other issue.

From the information you've given, I wasn't able to quickly find what exact issue that could be. If you have a fix you verified as working, please share it.

Otherwise fixing of this bug will be delayed, and I would ask you to please post more information which can help reproduce the bug, e.g. configuration files, specific requests to send to the server, etc. If you're a Red Hat customer, please open an issue with support, this will speed up the resolution.
Note You need to log in before you can comment on or make changes to this bug.