This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 249330 - causes su to crash
causes su to crash
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: libselinux (Show other bugs)
8
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
bzcl34nup
:
: 249328 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-07-23 15:06 EDT by Bill Nottingham
Modified: 2014-03-16 23:07 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-09-10 14:44:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Bill Nottingham 2007-07-23 15:06:57 EDT
Description of problem:

[root@nostromo ~]# gdb /bin/su 
GNU gdb Red Hat Linux (6.6-20.fc8rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...
Using host libthread_db library "/lib64/libthread_db.so.1".
(gdb) set args -
(gdb) run
Starting program: /bin/su -
warning: no loadable sections found in added symbol-file system-supplied DSO at
0x7fffde5fd000
[Thread debugging using libthread_db enabled]
[New Thread 46912496221104 (LWP 1272)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912496221104 (LWP 1272)]
string_to_security_class (s=0x3e784132c6 "passwd") at stringrep.c:264
264                     node->perms[value-1] = strdup(dentry->d_name);
(gdb) bt
#0  string_to_security_class (s=0x3e784132c6 "passwd") at stringrep.c:264
#1  0x0000003e78408ba0 in *selinux_check_passwd_access_internal (requested=8)
    at checkAccess.c:20
#2  0x00002aaaaeb0f6ca in pam_sm_authenticate (pamh=0x6092d0, flags=<value
optimized out>, 
    argc=0, argv=0x0) at pam_rootok.c:70
#3  0x0000003d9a402a97 in _pam_dispatch (pamh=0x6092d0, flags=0, choice=1) at
pam_dispatch.c:83
#4  0x0000003d9a402372 in pam_authenticate (pamh=0x6092d0, flags=0) at pam_auth.c:34
#5  0x0000000000402b45 in main (argc=2, argv=0x7fffde5aff68) at su.c:341
#6  0x000000311fe1dab4 in __libc_start_main (main=0x402810 <main>, argc=2, 
    ubp_av=0x7fffde5aff68, init=<value optimized out>, fini=<value optimized out>, 
    rtld_fini=<value optimized out>, stack_end=0x7fffde5aff58) at libc-start.c:222
#7  0x0000000000401dd9 in _start ()
(gdb) 

Version-Release number of selected component (if applicable):

coreutils-6.9-4.fc8
libselinux-2.0.24-2.fc8

How reproducible:

Every time.

Steps to Reproduce:
1. <as user> su -
2. <as root> su -
  
Actual results:

segfault
Comment 1 Daniel Walsh 2007-10-12 07:12:26 EDT
*** Bug 249328 has been marked as a duplicate of this bug. ***
Comment 2 Bug Zapper 2008-04-04 09:26:03 EDT
Based on the date this bug was created, it appears to have been reported
during the development of Fedora 8. In order to refocus our efforts as
a project we are changing the version of this bug to '8'.

If this bug still exists in rawhide, please change the version back to
rawhide.
(If you're unable to change the bug's version, add a comment to the bug
and someone will change it for you.)

Thanks for your help and we apologize for the interruption.

The process we're following is outlined here:
http://fedoraproject.org/wiki/BugZappers/F9CleanUp

We will be following the process here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this
doesn't happen again.
Comment 3 Daniel Walsh 2008-09-10 14:44:10 EDT
This is caused by pam_selinux being added to su-l file.  It should not be in this file.

I don't see this problem in Fedora 10,  so I am going to close?

Note You need to log in before you can comment on or make changes to this bug.