Bug 1881377 - pam_wrapper can't handle large PID numbers and fails to cleanup
Summary: pam_wrapper can't handle large PID numbers and fails to cleanup
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: pam_wrapper
Version: 35
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Andreas Schneider
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-09-22 10:13 UTC by Anderson Sasaki
Modified: 2021-09-15 08:58 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug


Attachments (Terms of Use)

Description Anderson Sasaki 2020-09-22 10:13:28 UTC
Description of problem:
When running libssh tests that use pam_wrapper multiple times, I see the directories created for pam_wrapper being left behind and a log entry similar to:

PWRAP_ERROR[<unknown> (262920)] - pwrap_clean_stale_dirs: Failed to parse pid, buf=262360

Investigating the code, it seems pam_wrapper do not expect large PID numbers. The following check in the pwrap_clean_stale_dirs() function is probably the culprit:

tmp = strtol(buf, NULL, 10);
if (tmp == 0 || tmp > 0xFFFF || errno == ERANGE) {
	PWRAP_LOG(PWRAP_LOG_ERROR,
		  "Failed to parse pid, buf=%s",
		  buf);
	return;
}

As it can be seen in the log entry before, the read PID was 262360 which is larger than 0xFFFF (65535).

Version-Release number of selected component (if applicable):
pam_wrapper-1.1.3-1.fc32

How reproducible:
always

Steps to Reproduce:
1. Run the torture_auth test case from libssh upstream test suite
2. Check the /tmp, e.g. ls /tmp

Actual results:
A large number of pam.* directories are left behind after the test finishes

Expected results:
No pam.* directories are left behind after the test finishes.

Additional info:
This makes the libssh upstream test suite to fail

Comment 1 Anderson Sasaki 2020-09-22 14:46:59 UTC
For the record, this is related with relatively recent change on systemd, which allows huge PID numbers. In my local machine, I see these lines in /usr/lib/sysctl.d/50-pid-max.conf:

# Bump the numeric PID range to its maximum of 2^22 (from the in-kernel default
# of 2^16), to make PID collisions less likely.
kernel.pid_max = 4194304

Comment 2 Fedora Program Management 2021-04-29 16:38:22 UTC
This message is a reminder that Fedora 32 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora 32 on 2021-05-25.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
Fedora 'version' of '32'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 32 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

Comment 3 Ben Cotton 2021-08-10 12:48:35 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 35 development cycle.
Changing version to 35.

Comment 4 Jakub Jelen 2021-09-15 08:58:13 UTC
For the record, this was fixed in upstream

https://gitlab.com/cwrap/pam_wrapper/-/merge_requests/13

I also filled a PR to fix this in Fedora before we will have an upstream release:

https://src.fedoraproject.org/rpms/pam_wrapper/pull-request/3


Note You need to log in before you can comment on or make changes to this bug.