Bug 43190 - tripwire crashes when pam_ldap auth is used
tripwire crashes when pam_ldap auth is used
Status: CLOSED CANTFIX
Product: Red Hat Linux
Classification: Retired
Component: pam_ldap (Show other bugs)
7.1
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-06-01 15:12 EDT by Need Real Name
Modified: 2007-04-18 12:33 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-18 12:35:50 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2001-06-01 15:12:02 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.51 [en] (X11; I; SunOS 5.7 sun4u)

Description of problem:
tripwire crashes when pam_ldap is used (see bug #37725)

strace /usr/sbin/tripwire --check -v looks almost the same way it does for
bug # 37725
see in additional info

How reproducible:
Always

Steps to Reproduce:
1. enable lpad as the primary auth method. set pam_ldap and nss_ldap.
2. init tripwire db.
3. run tripwire --check

	

Actual Results:  [root@sun /root]# /usr/sbin/tripwire --check -v   
Tripwire(R) 2.3.0.50 for Linux

Tripwire 2.3 Portions copyright 2000 Tripwire, Inc. Tripwire is a
registered
trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO
WARRANTY;
for details use --version. This is free software which may be redistributed
or modified only under certain conditions; see COPYING for details.
All rights reserved.
Opening configuration file: /etc/tripwire/tw.cfg
This file is encrypted.

Opening key file: /etc/tripwire/site.key
Opening key file: /etc/tripwire/localhost-local.key
Opening database file: /var/lib/tripwire/localhost.twd
This file is encrypted.
Software interrupt forced exit: Segmentation Fault
[root@sun /root]#

Additional info:

close(4)                                = 0
open("/etc/nsswitch.conf", O_RDONLY)    = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=1741, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x40060000
read(4, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1741
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x40060000, 4096)                = 0
--- SIGSEGV (Segmentation fault) ---
write(2, "Software interrupt forced exit: "..., 51Software interrupt forced
exit: Segmentation Fault
) = 51
munmap(0x40061000, 4096)                = 0
munmap(0x4005c000, 4096)                = 0
_exit(8)
Comment 1 Richard Allbery 2003-01-17 19:49:51 EST
1/17/2003 - And it is still broke with Red Hat 8.0.  If you remove the 'ldap'
out of the nsswitch.conf file you can get tripwire to run.  Sigh.  Actually I
suspect the problem is really not tripwire but a system call that is being used
to go get UID and GID information from the ldap server.  It would be nice if one
could turn that off.  If anybody has any work arounds please share them.  I'm
doing the horrible solution of changing the nsswitch.conf file, running
tripwire, and then changing it back.  Not really very elegant.  
Comment 2 Dave Miller 2003-09-04 01:18:06 EDT
This is probably a dupe of bug 69236.

That bug is newer, but it has a "workaround" on it and is resolved.
Comment 3 Bill Nottingham 2006-08-07 15:11:26 EDT
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still
running Red Hat Linux, you are strongly advised to upgrade to a
current Fedora Core release or Red Hat Enterprise Linux or comparable.
Some information on which option may be right for you is available at
http://www.redhat.com/rhel/migrate/redhatlinux/.

Red Hat apologizes that these issues have not been resolved yet. We do
want to make sure that no important bugs slip through the cracks.
Please check if this issue is still present in a current Fedora Core
release. If so, please change the product and version to match, and
check the box indicating that the requested information has been
provided. Note that any bug still open against Red Hat Linux on will be
closed as 'CANTFIX' on September 30, 2006. Thanks again for your help.
Comment 4 Bill Nottingham 2006-10-18 12:35:50 EDT
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still
running Red Hat Linux, you are strongly advised to upgrade to a
current Fedora Core release or Red Hat Enterprise Linux or comparable.
Some information on which option may be right for you is available at
http://www.redhat.com/rhel/migrate/redhatlinux/.

Closing as CANTFIX.

Note You need to log in before you can comment on or make changes to this bug.