Red Hat Bugzilla – Bug 200327
/usr/bin/id segfaults
Last modified: 2009-05-11 02:38:59 EDT
coreutils-4.5.3-28.1 uses getgrouplist (no idea why since #169464 is closed). Unfortunately getgrouplist is broken under glibc 2.3.2 and overwrites memory (man getgrouplist under BUGS). One of out init.d scripts started failing with segfaults just after update8 since it was using /usr/bin/id username. By stopping nscd even /usr/bin/id root fails! I know it's glibc's fault so the bug should probably be reassigned there but...
*** Bug 200569 has been marked as a duplicate of this bug. ***
*** Bug 200604 has been marked as a duplicate of this bug. ***
*** Bug 201811 has been marked as a duplicate of this bug. ***
*** Bug 201955 has been marked as a duplicate of this bug. ***
Here's a backtrace. # id jaq Segmentation fault # gdb id GNU gdb Red Hat Linux (6.3.0.0-1.132.EL3rh) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"... (no debugging symbols found) Using host libthread_db library "/lib/tls/libthread_db.so.1". (gdb) run jaq Starting program: /usr/bin/id jaq (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) Program received signal SIGSEGV, Segmentation fault. 0x00c3f5b8 in malloc_consolidate () from /lib/tls/libc.so.6 (gdb) bt #0 0x00c3f5b8 in malloc_consolidate () from /lib/tls/libc.so.6 #1 0x00c3ed59 in _int_malloc () from /lib/tls/libc.so.6 #2 0x00c3e0fd in malloc () from /lib/tls/libc.so.6 #3 0x001ea85f in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #4 0x001ea997 in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #5 0x001e936c in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #6 0x001e926b in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #7 0x001e79b1 in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #8 0x001e7c7e in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #9 0x001e8e66 in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #10 0x001d6fc5 in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #11 0x001d6e97 in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #12 0x001d7d78 in _nss_ldap_sasl_interact () from /lib/libnss_ldap.so.2 #13 0x001cc24a in _nss_ldap_ent_context_release () from /lib/libnss_ldap.so.2 #14 0x001cc140 in _nss_ldap_ent_context_release () from /lib/libnss_ldap.so.2 #15 0x001cc7db in _nss_ldap_search_s () from /lib/libnss_ldap.so.2 #16 0x001ce16a in _nss_ldap_initgroups_dyn () from /lib/libnss_ldap.so.2 #17 0x00c7395f in getgrouplist () from /lib/tls/libc.so.6 #18 0x08049337 in ?? () #19 0xbffffc08 in ?? () #20 0x00009088 in ?? () #21 0x0919b858 in ?? () #22 0xbfffb5c4 in ?? () ---Type <return> to continue, or q <return> to quit--- #23 0x00000000 in ?? ()
Also "groups root" is not working
(In reply to comment #33) > Also "groups root" is not working The 'groups' command is a sh script that relies on the 'id' binary. My workaround was to replace the /usr/bin/id binary coming with coreutils-4.5.3-28.1 by the one included in the previous coreutils package available for RHEL3, version 4.5.3-28. I'm just wondering why there is no official statement or hotfix from RedHat, since this is the Enterprise product customers have to pay a lot for.
(In reply to comment #34) > I'm just wondering why there is no official statement or hotfix from RedHat, > since this is the Enterprise product customers have to pay a lot for. Tim Waugh changed the status to "MODIFIED" on August 7th. So I guess he has written a fix but for some reason testing takes a long time.
I have put in a support call to redhat for this. The engineers do have a fix. When they will make it publicly available is another story. The current release I have been given is now up to -4. The current available coreutils in the channel is -1.
(In reply to comment #35) > Tim Waugh changed the status to "MODIFIED" on August 7th. So I guess he has > written a fix but for some reason testing takes a long time. Since the status has been updated from "MODIFIED" to "ON_QA" recently (on Sep. 8, 2006), it seems that a fixed coreutils package will be officially released soon.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2006-0670.html
*** Bug 499382 has been marked as a duplicate of this bug. ***