2056089 – SSSD failing differents segfaults

Bug 2056089 - SSSD failing differents segfaults

Summary: SSSD failing differents segfaults

Keywords:
Status:	CLOSED INSUFFICIENT_DATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	sssd
Sub Component:
Version:	8.5
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Sumit Bose
QA Contact:	shridhar
Docs Contact:
URL:
Whiteboard:	sync-to-jira
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-02-18 18:54 UTC by Chino Soliard
Modified:	2023-06-01 18:01 UTC (History)
CC List:	11 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-06-01 18:00:59 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-112841	0	None	None	None	2022-02-18 19:05:53 UTC
Red Hat Issue Tracker	SSSD-5531	0	None	None	None	2023-01-19 15:37:09 UTC

Description Chino Soliard 2022-02-18 18:54:39 UTC

Description of problem:

SSSD is not able to start. It is showing segfaults with different values:

    Feb 14 08:17:49 hostname sssd_be[839566]: Starting up
    Feb 14 08:27:49 hostname kernel: sssd_be[839566]: segfault at 0 ip 00007fedb801c771 sp 00007fffedbe5ca0 error 4 in libgssapiv2.so.3.0.0[7fedb801a000+8000]
    Feb 14 08:27:49 hostname abrt-hook-ccpp[840583]: Process 839566 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 08:27:49 hostname sssd_be[840586]: Starting up
    Feb 14 08:37:49 hostname kernel: sssd_be[840586]: segfault at 0 ip 00007f593c2a4771 sp 00007ffde0905f90 error 4 in libgssapiv2.so.3.0.0[7f593c2a2000+8000]
    Feb 14 08:37:49 hostname abrt-hook-ccpp[841585]: Process 840586 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 08:37:49 hostname sssd_be[841588]: Starting up
    Feb 14 08:47:49 hostname kernel: sssd_be[841588]: segfault at 0 ip 00007fa971723771 sp 00007ffd11d510d0 error 4 in libgssapiv2.so.3.0.0[7fa971721000+8000]
    Feb 14 08:47:50 hostname abrt-hook-ccpp[842589]: Process 841588 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 08:47:50 hostname sssd_be[842592]: Starting up
    Feb 14 08:57:50 hostname kernel: sssd_be[842592]: segfault at 0 ip 00007f1e76560771 sp 00007ffd3ba02eb0 error 4 in libgssapiv2.so.3.0.0[7f1e7655e000+8000]
    Feb 14 08:57:50 hostname abrt-hook-ccpp[843592]: Process 842592 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 08:57:50 hostname sssd_be[843595]: Starting up
    Feb 14 09:07:50 hostname kernel: sssd_be[843595]: segfault at 0 ip 00007f14204db771 sp 00007ffefa479120 error 4 in libgssapiv2.so.3.0.0[7f14204d9000+8000]
    Feb 14 09:07:50 hostname abrt-hook-ccpp[844626]: Process 843595 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 09:07:50 hostname sssd_be[844629]: Starting up
    Feb 14 09:17:50 hostname kernel: sssd_be[844629]: segfault at 0 ip 00007fc60f312771 sp 00007ffc23323910 error 4 in libgssapiv2.so.3.0.0[7fc60f310000+8000]
    Feb 14 09:17:50 hostname abrt-hook-ccpp[845629]: Process 844629 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 09:17:50 hostname sssd_be[845632]: Starting up
    Feb 14 09:27:50 hostname kernel: sssd_be[845632]: segfault at 0 ip 00007fd019664771 sp 00007ffffb71c6f0 error 4 in libgssapiv2.so.3.0.0[7fd019662000+8000]
    Feb 14 09:27:50 hostname abrt-hook-ccpp[846633]: Process 845632 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 09:27:50 hostname sssd_be[846636]: Starting up
    Feb 14 09:37:50 hostname kernel: sssd_be[846636]: segfault at 0 ip 00007f7a7d139771 sp 00007ffd955cc880 error 4 in libgssapiv2.so.3.0.0[7f7a7d137000+8000]
    Feb 14 09:37:50 hostname abrt-hook-ccpp[847637]: Process 846636 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 09:37:50 hostname sssd_be[847640]: Starting up
    Feb 14 09:47:51 hostname kernel: sssd_be[847640]: segfault at 0 ip 00007f9b42d60771 sp 00007ffda4b86bf0 error 4 in libgssapiv2.so.3.0.0[7f9b42d5e000+8000]
    Feb 14 09:47:51 hostname abrt-hook-ccpp[848742]: Process 847640 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 09:47:51 hostname sssd_be[848745]: Starting up
    Feb 14 09:57:51 hostname kernel: sssd_be[848745]: segfault at 0 ip 00007f6e11f8c771 sp 00007fff13bff190 error 4 in libgssapiv2.so.3.0.0[7f6e11f8a000+8000]
    Feb 14 09:57:51 hostname abrt-hook-ccpp[849745]: Process 848745 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 09:57:51 hostname sssd_be[849748]: Starting up
    Feb 14 10:07:51 hostname kernel: sssd_be[849748]: segfault at 0 ip 00007f0fda022771 sp 00007ffeae6b0230 error 4 in libgssapiv2.so.3.0.0[7f0fda020000+8000]
    Feb 14 10:07:51 hostname abrt-hook-ccpp[850759]: Process 849748 (sssd_be) of user 0 killed by SIGSEGV - dumping core
    Feb 14 10:07:51 hostname sssd_be[850762]: Starting up
    Feb 14 10:17:51 hostname kernel: sssd_be[850762]: segfault at 0 ip 00007f7655014771 sp 00007fff60ed6360 error 4 in libgssapiv2.so.3.0.0[7f7655012000+8000]
    Feb 14 10:17:51 hostname abrt-hook-ccpp[851772]: Process 850762 (sssd_be) of user 0 killed by SIGSEGV - dumping core


- /etc/sssd/sssd.conf:
  ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    [domain/ipa.example.net]
    debug_level=9

    id_provider = ipa
    ipa_server = _srv_, ipa3.ipa.example.net, ipa4.ipa.example.net
    ipa_domain = ipa.example.net
    ipa_hostname = hostname.ipa.example.net
    auth_provider = ipa
    chpass_provider = ipa
    access_provider = ipa
    cache_credentials = True
    ldap_tls_cacert = /etc/ipa/ca.crt
    dyndns_update = True
    dyndns_iface = ens3
    krb5_store_password_if_offline = True

    [sssd]
    services = nss, pam, ssh, sudo
    debug_level=9
    domains = ipa.example.net

    [nss]
    homedir_substring = /home
    debug_level=9

    [pam]
    debug_level=9

    [sudo]

    [autofs]

    [ssh]

    [pac]

    [ifp]

    [secrets]

    [session_recording]


==============================================================================
Version-Release number of selected component (if applicable):

- sssd-2.5.2-2.el8_5.3.x86_64

==============================================================================

How reproducible:

- It is happening all the time.

- Case started with an updated system, but customer confirmed
  that this is happening also in fresh systems

==============================================================================
Additional info:

- Report started with an updated (RHEL8.4 > RHEL8.5) system, but customer
confirmed that this is happening also in fresh systems

Comment 2 Sumit Bose 2022-02-21 07:22:15 UTC

Hi,

according to the logs attached to the case the crash happens when reading configuration data from the IPA server. Here we currently try to continue to read the next type of data even if the previous search failed, see "Not good, but let's try to continue with other server side options" comments in ipa_subdomains.c added with 02d9625ef8b3c8e3254ef69cea77fce058d6337d.

But here the previous search failed with "Can't contact LDAP server" which will release all LDAP and internal sdap connection data. As a result we try to continue without an existing connection which then causes the segfault. So before trying to read the next configuration data we have to make sure that there is still a connection.

But why there is the "Can't contact LDAP server" error is currently unclear because it looks that some data can be read from the server. Since it always happens while reading the idranges I wonder it might be related to the 'ipaAutoPrivateGroups' which might be unknown to the server. Please let me know which ipa-server package version is running on the IPA servers.

HTH

bye,
Sumit

Comment 3 Alexey Tikhonov 2022-02-21 16:29:39 UTC

Looks a bit similar to bz 2054412

Note You need to log in before you can comment on or make changes to this bug.