Red Hat Bugzilla – Bug 480588
Enabling PAM for a user crashes Satellite and prevents further logins
Last modified: 2009-01-29 12:18:57 EST
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.2)
I'm running 5.1.0 on RHAS4.7. When I enable PAM for a user in satellite, the satellite server stops responging and I get a console message:
*** glibc detected *** free(): invalid pointer: 0x97300050 ***
After that, no users can log in anymore, also ones without PAM.
pam_auth_service = rhn-satellite
encrypted_passwords = 1
I tried with and without encrypted_passwords = 0, no change.
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_loginuid.so
I removed the test user and created a new one, without ever specifying a password, still the same result:
Service Temporarily Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
There are no messages in catalina.out.
[Mon Jan 19 10:29:02.897 2009] [6456:3086476992] [info] init_jk::mod_jk.c (2775): mod_jk/1.2.25 initialized
[Mon Jan 19 10:37:10.524 2009] [6482:3086476992] [info] ajp_connection_tcp_get_message::jk_ajp_common.c (960): (ajp13) Tomcat has forced a connectio
n close for socket 20
[Mon Jan 19 10:37:10.529 2009] [6482:3086476992] [error] ajp_get_reply::jk_ajp_common.c (1658): (ajp13) Tomcat is down or refused connection. No res
ponse has been sent to the client (yet)
[Mon Jan 19 10:37:10.529 2009] [6482:3086476992] [info] ajp_service::jk_ajp_common.c (2046): (ajp13) receiving from tomcat failed, recoverable opera
[Mon Jan 19 10:37:10.529 2009] [6482:3086476992] [info] ajp_service::jk_ajp_common.c (2085): (ajp13) sending request to tomcat failed, recoverable
[Mon Jan 19 10:37:10.530 2009] [6482:3086476992] [info] jk_open_socket::jk_connect.c (473): connect to 127.0.0.1:8009 failed (errno=111)
[Mon Jan 19 10:37:10.530 2009] [6482:3086476992] [info] ajp_connect_to_endpoint::jk_ajp_common.c (891): Failed opening socket
Steps to Reproduce:
1. Enable PAM authentication for a user
2. log in with that user
Being able to log in using PAM
As long as I don't try to log in with that PAM enabled user, everything is fine.
Hi there, please open a support ticket for further investigation on this. Internally we run a Satellite with PAM enabled users for devel, QA and stage cycles.
I feel very confident that the PAM authentication mechanisms do work. The Red Hat Support team can work with you in investigating why this is occurring for yourself.
They will open a bugzilla if needed.