Bug 449136 - nscd segfaults removing negative passwd entries
Summary: nscd segfaults removing negative passwd entries
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: glibc
Version: 9
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-05-30 18:13 UTC by Chris Schanzle
Modified: 2008-08-03 03:18 UTC (History)
3 users (show)

Fixed In Version: 2.8-8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-08-03 03:18:01 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Chris Schanzle 2008-05-30 18:13:09 UTC
Description of problem:
When switching NIS domains as described in comment 0 of 449126, if a negative
entry exists in the cache, prior to switching, nscd will segfault when it
removes the entry.

Version-Release number of selected component (if applicable):
glibc-2.8-3

How reproducible: 100%

Steps to Reproduce:
Start bound to the "old" NIS server.  clear out nscd's cache, start fresh:
 service nscd stop; rm /var/db/nscd/*; service nscd start

populate with a negative entry:
 getent passwd nosuchuser

switch to new NIS domain:
 domainname $NEWDOMAIN; pkill -HUP ypbind; ypwhich

watch nscd segfault in 20 seconds (note I have debug=9 & logging enabled):
 strace -ttfp `pgrep nscd`

[pid   791] 13:48:28.170192 <... futex resumed> ) = -1 ETIMEDOUT (Connection
timed out)
[pid   791] 13:48:28.170246 stat("/etc/passwd", {st_mode=S_IFREG|0644,
st_size=2327, ...}) = 0
[pid   791] 13:48:28.170396 write(3, "789: pruning passwd cache; time "..., 43) = 43
[pid   791] 13:48:28.170500 write(3, "789: considering GETPWBYNAME ent"..., 68) = 68
[pid   791] 13:48:28.170602 futex(0x7f1dc7f06108, FUTEX_WAKE_PRIVATE, 1) = 0
[pid   791] 13:48:28.170691 futex(0x7f1dc7f060dc, FUTEX_WAIT_PRIVATE, 7, {14,
999910935}) = -1 ETIMEDOUT (Connection timed out)
[pid   791] 13:48:43.170709 stat("/etc/passwd", {st_mode=S_IFREG|0644,
st_size=2327, ...}) = 0
[pid   791] 13:48:43.170852 write(3, "789: pruning passwd cache; time "..., 43) = 43
[pid   791] 13:48:43.170948 write(3, "789: considering GETPWBYNAME ent"..., 68) = 68
[pid   791] 13:48:43.171063 msync(0x7f1dc110a000, 1064, MS_ASYNC) = 0
[pid   791] 13:48:43.171155 write(3, "789: remove GETPWBYNAME entry \"n"..., 43)
= 43
[pid   791] 13:48:43.171258 --- SIGSEGV (Segmentation fault) @ 0 (0) ---
Process 791 detached
[pid   798] 13:48:43.171444 +++ killed by SIGSEGV +++
[pid   797] 13:48:43.171472 +++ killed by SIGSEGV +++
[pid   795] 13:48:43.171497 +++ killed by SIGSEGV +++
[pid   794] 13:48:43.171514 +++ killed by SIGSEGV +++
[pid   793] 13:48:43.171531 +++ killed by SIGSEGV +++
[pid   792] 13:48:43.171663 +++ killed by SIGSEGV +++
[pid   796] 13:48:43.171855 +++ killed by SIGSEGV +++
13:48:43.171882 +++ killed by SIGSEGV +++

On a positive note, with nscd out of the way, 'getent' queries to the new NIS
domain actually return data from the new domain, unlike in 449126.  :-)

If there are no negative passwd cache entries, nscd won't segfault (tested by
turning down positive-time-to-live=60 from 600).  However, it does not use the
new domain server data, as described in 449126 on EL5, and visible in the strace
as (replace $OLDDOMAIN with actual old domain name, but it should be
NEWDOMAINAME): open("/var/yp/binding/$OLDDOMAIN.2", O_RDONLY) = 14.  I'll file a
separate bug if requested (or can 449126 be linked to apply to Fedora 9?).

Comment 1 Ulrich Drepper 2008-06-12 04:54:28 UTC
Might be fixed upstream.  We will have to backport a number of changes to F9.

Comment 2 Ulrich Drepper 2008-08-03 03:18:01 UTC
Should work nicely in current F9 version.


Note You need to log in before you can comment on or make changes to this bug.