Red Hat Bugzilla – Bug 507706
runaway grpconv when parsing duplicate entries in /etc/group
Last modified: 2014-06-18 04:46:44 EDT
Description of problem:
When there are duplicate entries for groups in /etc/group grpconv begins to take all memory and is eventually OOM-killed. This bug did not exist in RHEL 4
Version-Release number of selected component (if applicable):
Steps to reproduce:
1. Create 10 groups (g1 to g10) with groupadd and then create duplicate entries for these groups in /etc/group.
ex:- # grep g2 /etc/group
2. Run authconfig.
grpconv is consuming all the memory and oom-kill is called -
[root@dhcp7-150 ~]# time authconfig-tui
OOM Kill -
Jun 18 05:54:10 dhcp7-150 kernel: 0 pages swap cached
Jun 18 05:54:10 dhcp7-150 kernel: Out of memory: Killed process 28224 (grpconv).
grpconv is consuming all the memory and oom-kill is called.
An error message or some sort of sane failure mode that doesn't require emergency intervention by the kernel.
This belongs to shadow-utils as grpconv is part of this package.
Created attachment 349785 [details]
duplicate entries patch
I have updated the shadow-4.0.17-duplicateGroupEntries.patch. There was already another issue with duplicate entries, so patch is just extended to grpconv now. It transforms group -> gshadow successfully and creates only one entry in gshadow for >1 entries in group file. (last of duplicate entries is the reference one)
Why is this bug reported assigned to RHEL5? Shouldn't it be RHEL4? Because I don't see duplicateGroupEntries patch in RHEL4.
Looks like my report was wrong. The bug was in:
The cited versions are the last known working versions of the package.
authconfig just calls grpconv it does not contain the bug itself.
Right. At any rate, the bug was observed on EL5, and was specifically NOT seen on EL4
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
*** Bug 655088 has been marked as a duplicate of this bug. ***