Description of problem: Squid totally crashes when trying to filter access with squid_unix_group components with messages : /var/log/messages : Jul 7 11:21:11 test-01 squid[5207]: Squid Parent: child process 5396 started Jul 7 11:21:19 test-01 kernel: squid_unix_grou[5407]: segfault at 00000000000000bf rip 00002b7d586c04a5 rsp 00007fff5321bd60 error 4 Jul 7 11:21:19 test-01 kernel: squid_unix_grou[5408]: segfault at 00000000000000bf rip 00002afb757fe4a5 rsp 00007fff360dbc20 error 4 Jul 7 11:21:20 test-01 kernel: squid_unix_grou[5409]: segfault at 00000000000000bf rip 00002b0781eb74a5 rsp 00007fff29a25570 error 4 Jul 7 11:21:20 test-01 squid[5207]: Squid Parent: child process 5396 exited due to signal 6 Jul 7 11:21:23 test-01 squid[5207]: Squid Parent: child process 5431 started Jul 7 11:21:31 test-01 kernel: squid_unix_grou[5443]: segfault at 00000000000000bf rip 00002abf60e624a5 rsp 00007fff4aa785c0 error 4 Jul 7 11:21:31 test-01 kernel: squid_unix_grou[5444]: segfault at 00000000000000bf rip 00002b9a0770d4a5 rsp 00007fffa41ccd10 error 4 Jul 7 11:21:31 test-01 (squid): The unix_group helpers are crashing too rapidly, need help! Jul 7 11:21:31 test-01 squid[5207]: Squid Parent: child process 5431 exited due to signal 6 Jul 7 11:21:31 test-01 squid[5207]: Exiting due to repeated, frequent failures Version-Release number of selected component (if applicable): Bug available since kernel 2.6.18-92 (works fine before that) Squid version : Version 2.6.STABLE6 How reproducible: Just make squid_unix_group authentication available through : /etc/squid/squid.conf: external_acl_type unix_group %LOGIN /usr/lib64/squid/squid_unix_group acl AccessInternet external unix_group MyInternetAccessGroup Additional info: Starts to crash after updating kernel from 2.6.18-53 to 2.6.18-92
I just tried to downgrade the kernel to version 2.6.18-53 but this doesn't solve the problem...
Created attachment 311377 [details] Patch to correct check_group.c
I found the problem in the check_group.c file from external_acl of squid : a value was not initialized correctly, here is a patch that correct this.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0126.html