49386 – Bus error when exiting 'su' shell in xterm with hard file limit.

Bug 49386 - Bus error when exiting 'su' shell in xterm with hard file limit.

Summary: Bus error when exiting 'su' shell in xterm with hard file limit.

Keywords:
Status:	CLOSED DUPLICATE of bug 49437
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	pam
Sub Component:
Version:	7.1
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Mike A. Harris
QA Contact:	Aaron Brown
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-07-18 21:10 UTC by John Dalbec
Modified:	2007-04-18 16:34 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2001-07-19 14:03:22 UTC
Embargoed:

Attachments	(Terms of Use)

Description John Dalbec 2001-07-18 21:10:54 UTC

From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (Windows NT 5.0; U)

Description of problem:
I ran the Bastille-Linux hardening scripts.  They set a hard file size limit of 100MB in /etc/security/limits.conf.
I rebooted and logged into GNOME.  I brought up a shell and su'd to root.  When I exited the root shell,
I got a bus error.  I tried to su again and got the message 'File size limit exceeded'.
I found a file .xauth/refcount/root/localhost.localdomain/unix:0 which was exactly the file size limit.

How reproducible:
Always

Steps to Reproduce:
1. Set hard limit.
2. Log in to WM.
3. Start terminal window.
4. su
5. exit
6. "Bus error"
7. su
8. "File size limit exceeded"


Actual Results:  See steps 6 & 8.

Expected Results:  No error messages.

Additional info:

Strace shows an ftruncate() and a mmap2() on the offending file just before the error.

Comment 1 Bernhard Rosenkraenzer 2001-07-19 09:37:50 UTC

Looks like your xauth file is getting way too large (shouldn't be bigger than 
a couple of kbs). xauth problem, assigning there. (can't reproduce it here, by 
the way).

Comment 2 John Dalbec 2001-07-19 14:03:18 UTC

According to gdb, the bus error occurs at 0x401e8650 in _init() from /lib/security/pam_xauth.so.
$(rpm -q pam) == pam-0.74-22
/etc/pam.d/su has: session optional pam_xauth.so
/etc/pam.d/system_auth appears to be modified; running authconfig without changing any settings reproduces the modified file.
So far I have not reproduced this except on an IBM eServer xSeries 230 (that's a Pentium III).  The boot drive is an IBM ServerRAID.

Comment 3 John Dalbec 2001-07-20 20:56:46 UTC

Here's the end of an strace (note the 64-bit fs calls):

stat64("/home/jpdalbec/.xauth/refcount/root/mail02.cc.ysu.edu/unix:0", {st_mode=S_IFREG|0600,
st_size=34, ...}) = 0
open("/home/jpdalbec/.xauth/refcount/root/mail02.cc.ysu.edu/unix:0", O_RDWR|O_CREAT, 0600) = 3
time([995660143])                       = 995660143
getpid()                                = 1666
rt_sigaction(SIGPIPE, {0x40141840, [], 0x4000000}, {SIG_DFL}, 8) = 0
socket(PF_UNIX, SOCK_DGRAM, 0)          = 4
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
connect(4, {sin_family=AF_UNIX, path="      /dev/log"}, 16) = 0
send(4, "<87>Jul 20 16:15:43 pam_xauth[16"..., 115, 0) = 115
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
close(4)                                = 0
ftruncate(3, 1075343265)                = 0
mmap2(NULL, 1075343265, PROT_READ|PROT_WRITE, MAP_SHARED, 3, 0) = 0x40224000
--- SIGBUS (Bus error) ---
I wonder where the 1075343265(0x40186FA1) comes from?  Could the program be passing a pointer instead of a value?

*** This bug has been marked as a duplicate of 49437 ***

Note You need to log in before you can comment on or make changes to this bug.