Bug 19923 - nss_ldap has a bug that can deadlock a machine
Summary: nss_ldap has a bug that can deadlock a machine
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: nss_ldap
Version: 7.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Aaron Brown
URL: http://bugzilla.padl.com/show_bug.cgi...
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2000-10-27 16:15 UTC by Phil Mayers
Modified: 2007-03-27 03:37 UTC (History)
1 user (show)

Clone Of:
Last Closed: 2000-10-27 22:53:03 UTC

Attachments (Terms of Use)

Description Phil Mayers 2000-10-27 16:15:36 UTC
From the nssldap@padl.com mailing list, Sat 21 Oct 2000:


Michael Shuey has fixed a race condition in nss_ldap which
caused nscd to lock up under Linux. The patch is in

See bugzilla.padl.com bug #49 for more info.

-- Luke

Luke Howard | lukeh@padl.com
PADL Software | www.padl.com


The gist of the bug is that nss_ldap has a lock which it takes. If you are 
running nscd, it is possible to lock the entire machine by making all nscd 
threads call getpw*.

This triggers a race condition, and locks *ALL* entity lookup - "ls -l", 
ps, all login utilies - all will block. *IF* you happen to know the PID of 
nscd, you can kill it, otherwise, you'll have to power-cycle the machine.

I could reliably trigger this bug using "tar" on a fast machine - the 
lookups for the file username, combined with general system activity, 
would lock the machine unrecoverably.

nss_ldap version 121 has a fix for this.

Comment 1 Nalin Dahyabhai 2000-10-27 16:27:25 UTC
122 has just been placed into the errata testing pipeline.  Please verify that
packages at http://people.redhat.com/nalin/test/ (1.6 for RHL 6.1 and 6.2, 1.7
for RHL 7) install and work correctly.

Note You need to log in before you can comment on or make changes to this bug.