Bug 249330 - causes su to crash
Summary: causes su to crash
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: libselinux
Version: 8
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: bzcl34nup
: 249328 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-07-23 19:06 UTC by Bill Nottingham
Modified: 2014-03-17 03:07 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2008-09-10 18:44:10 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Bill Nottingham 2007-07-23 19:06:57 UTC 
Description of problem:

[root@nostromo ~]# gdb /bin/su 
GNU gdb Red Hat Linux (6.6-20.fc8rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...
Using host libthread_db library "/lib64/libthread_db.so.1".
(gdb) set args -
(gdb) run
Starting program: /bin/su -
warning: no loadable sections found in added symbol-file system-supplied DSO at
0x7fffde5fd000
[Thread debugging using libthread_db enabled]
[New Thread 46912496221104 (LWP 1272)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912496221104 (LWP 1272)]
string_to_security_class (s=0x3e784132c6 "passwd") at stringrep.c:264
264                     node->perms[value-1] = strdup(dentry->d_name);
(gdb) bt
#0  string_to_security_class (s=0x3e784132c6 "passwd") at stringrep.c:264
#1  0x0000003e78408ba0 in *selinux_check_passwd_access_internal (requested=8)
    at checkAccess.c:20
#2  0x00002aaaaeb0f6ca in pam_sm_authenticate (pamh=0x6092d0, flags=<value
optimized out>, 
    argc=0, argv=0x0) at pam_rootok.c:70
#3  0x0000003d9a402a97 in _pam_dispatch (pamh=0x6092d0, flags=0, choice=1) at
pam_dispatch.c:83
#4  0x0000003d9a402372 in pam_authenticate (pamh=0x6092d0, flags=0) at pam_auth.c:34
#5  0x0000000000402b45 in main (argc=2, argv=0x7fffde5aff68) at su.c:341
#6  0x000000311fe1dab4 in __libc_start_main (main=0x402810 <main>, argc=2, 
    ubp_av=0x7fffde5aff68, init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7fffde5aff58) at libc-start.c:222
#7  0x0000000000401dd9 in _start ()
(gdb) 

Version-Release number of selected component (if applicable):

coreutils-6.9-4.fc8
libselinux-2.0.24-2.fc8

How reproducible:

Every time.

Steps to Reproduce:
1. <as user> su -
2. <as root> su -
  
Actual results:

segfault
Comment 1 Daniel Walsh 2007-10-12 11:12:26 UTC 
*** Bug 249328 has been marked as a duplicate of this bug. ***
Comment 2 Bug Zapper 2008-04-04 13:26:03 UTC 
Based on the date this bug was created, it appears to have been reported
during the development of Fedora 8. In order to refocus our efforts as
a project we are changing the version of this bug to '8'.

If this bug still exists in rawhide, please change the version back to
rawhide.
(If you're unable to change the bug's version, add a comment to the bug
and someone will change it for you.)

Thanks for your help and we apologize for the interruption.

The process we're following is outlined here:
http://fedoraproject.org/wiki/BugZappers/F9CleanUp

We will be following the process here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this
doesn't happen again.
Comment 3 Daniel Walsh 2008-09-10 18:44:10 UTC 
This is caused by pam_selinux being added to su-l file.  It should not be in this file.

I don't see this problem in Fedora 10,  so I am going to close?
Note You need to log in before you can comment on or make changes to this bug.