Bug 49386 - Bus error when exiting 'su' shell in xterm with hard file limit.
Bus error when exiting 'su' shell in xterm with hard file limit.
Status: CLOSED DUPLICATE of bug 49437
Product: Red Hat Linux
Classification: Retired
Component: pam (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Mike A. Harris
Aaron Brown
Depends On:
  Show dependency treegraph
Reported: 2001-07-18 17:10 EDT by John Dalbec
Modified: 2007-04-18 12:34 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-07-19 10:03:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description John Dalbec 2001-07-18 17:10:54 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (Windows NT 5.0; U)

Description of problem:
I ran the Bastille-Linux hardening scripts.  They set a hard file size limit of 100MB in /etc/security/limits.conf.
I rebooted and logged into GNOME.  I brought up a shell and su'd to root.  When I exited the root shell,
I got a bus error.  I tried to su again and got the message 'File size limit exceeded'.
I found a file .xauth/refcount/root/localhost.localdomain/unix:0 which was exactly the file size limit.

How reproducible:

Steps to Reproduce:
1. Set hard limit.
2. Log in to WM.
3. Start terminal window.
4. su
5. exit
6. "Bus error"
7. su
8. "File size limit exceeded"

Actual Results:  See steps 6 & 8.

Expected Results:  No error messages.

Additional info:

Strace shows an ftruncate() and a mmap2() on the offending file just before the error.
Comment 1 Bernhard Rosenkraenzer 2001-07-19 05:37:50 EDT
Looks like your xauth file is getting way too large (shouldn't be bigger than 
a couple of kbs). xauth problem, assigning there. (can't reproduce it here, by 
the way).
Comment 2 John Dalbec 2001-07-19 10:03:18 EDT
According to gdb, the bus error occurs at 0x401e8650 in _init() from /lib/security/pam_xauth.so.
$(rpm -q pam) == pam-0.74-22
/etc/pam.d/su has: session optional pam_xauth.so
/etc/pam.d/system_auth appears to be modified; running authconfig without changing any settings reproduces the modified file.
So far I have not reproduced this except on an IBM eServer xSeries 230 (that's a Pentium III).  The boot drive is an IBM ServerRAID.
Comment 3 John Dalbec 2001-07-20 16:56:46 EDT
Here's the end of an strace (note the 64-bit fs calls):

stat64("/home/jpdalbec/.xauth/refcount/root/mail02.cc.ysu.edu/unix:0", {st_mode=S_IFREG|0600,
st_size=34, ...}) = 0
open("/home/jpdalbec/.xauth/refcount/root/mail02.cc.ysu.edu/unix:0", O_RDWR|O_CREAT, 0600) = 3
time([995660143])                       = 995660143
getpid()                                = 1666
rt_sigaction(SIGPIPE, {0x40141840, [], 0x4000000}, {SIG_DFL}, 8) = 0
socket(PF_UNIX, SOCK_DGRAM, 0)          = 4
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
connect(4, {sin_family=AF_UNIX, path="      /dev/log"}, 16) = 0
send(4, "<87>Jul 20 16:15:43 pam_xauth[16"..., 115, 0) = 115
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
close(4)                                = 0
ftruncate(3, 1075343265)                = 0
mmap2(NULL, 1075343265, PROT_READ|PROT_WRITE, MAP_SHARED, 3, 0) = 0x40224000
--- SIGBUS (Bus error) ---
I wonder where the 1075343265(0x40186FA1) comes from?  Could the program be passing a pointer instead of a value?

*** This bug has been marked as a duplicate of 49437 ***

Note You need to log in before you can comment on or make changes to this bug.