Bug 590247 - passwd Segmentation Fault
passwd Segmentation Fault
Status: CLOSED DUPLICATE of bug 590199
Product: Fedora
Classification: Fedora
Component: nss-softokn (Show other bugs)
12
All Linux
high Severity urgent
: ---
: ---
Assigned To: Elio Maldonado Batiz
Fedora Extras Quality Assurance
:
: 590756 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-05-08 06:39 EDT by Jongman Heo
Modified: 2010-05-29 20:31 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-05-29 20:31:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jongman Heo 2010-05-08 06:39:38 EDT
Description of problem:

passwd fails with Segmentation fault.

Version-Release number of selected component (if applicable):

passwd-0.77-1.fc12.i686

How reproducible:

Always

Steps to Reproduce:
1. execute passwd

Changing password for user root.
New password: 
Retype new password: 


Actual results:

Segmentation fault (core dumped)

Expected results:

change password successfully

Additional info:

[snip]

Loaded symbols for /usr/lib/libcrack.so.2
Reading symbols from /lib/security/pam_gnome_keyring.so...(no debugging symbols found)...done.
Loaded symbols for /lib/security/pam_gnome_keyring.so
Core was generated by `passwd'.
Program terminated with signal 11, Segmentation fault.
#0  strncmp (s1=0xb74a8c29 "6$", s2=0x0, n=3) at strncmp.c:66
66	      c2 = (unsigned char) *s2++;
Missing separate debuginfos, use: debuginfo-install cracklib-2.8.13-6.i686 dbus-glib-0.82-2.fc12.i686 dbus-libs-1.2.16-9.fc12.i686 fprintd-pam-0.1-16.git04fd09cfa.fc12.i686 gnome-keyring-pam-2.28.2-2.fc12.i686 libcap-ng-0.6.2-3.fc12.i686 nss-softokn-freebl-3.12.4-17.fc12.i686
(gdb) bt
#0  strncmp (s1=0xb74a8c29 "6$", s2=0x0, n=3) at strncmp.c:66
#1  0xb74a57ed in create_password_hash (pamh=<value optimized out>, 
    password=<value optimized out>, ctrl=<value optimized out>, rounds=<value optimized out>)
    at passverify.c:427
#2  0xb74a1d1b in pam_sm_chauthtok (pamh=<value optimized out>, flags=<value optimized out>, 
    argc=<value optimized out>, argv=<value optimized out>) at pam_unix_passwd.c:754
#3  0x4abd536f in _pam_dispatch_aux (pamh=<value optimized out>, flags=<value optimized out>, 
    choice=<value optimized out>) at pam_dispatch.c:110
#4  _pam_dispatch (pamh=<value optimized out>, flags=<value optimized out>, 
    choice=<value optimized out>) at pam_dispatch.c:407
#5  0x4abd9523 in pam_chauthtok (pamh=<value optimized out>, flags=<value optimized out>)
    at pam_password.c:48
#6  0x0804a035 in main (argc=<value optimized out>, argv=<value optimized out>) at passwd.c:529



BTW, is there way to change password without using passwd?
Comment 1 jfceklosky 2010-05-08 23:32:06 EDT
Here is another stack trace from passwd

#0  strncmp (s1=0xb74fec29 "6$", s2=0x0, n=3) at strncmp.c:66
#1  0xb74fb7ed in create_password_hash (pamh=<value optimized out>, password=<value optimized out>, ctrl=<value optimized out>, 
    rounds=<value optimized out>) at passverify.c:427
#2  0xb74f7d1b in pam_sm_chauthtok (pamh=<value optimized out>, flags=<value optimized out>, argc=<value optimized out>, 
    argv=<value optimized out>) at pam_unix_passwd.c:754
#3  0xb774d36f in _pam_dispatch_aux (pamh=<value optimized out>, flags=<value optimized out>, choice=<value optimized out>)
    at pam_dispatch.c:110
#4  _pam_dispatch (pamh=<value optimized out>, flags=<value optimized out>, choice=<value optimized out>) at pam_dispatch.c:407
#5  0xb7751523 in pam_chauthtok (pamh=<value optimized out>, flags=<value optimized out>) at pam_password.c:48
#6  0x0804a035 in main (argc=<value optimized out>, argv=<value optimized out>) at passwd.c:529
Comment 2 javierwilson 2010-05-09 06:40:33 EDT
I can confirm this bug.
Jongman Heo, BTW, you can change the users' password in another linux machine and then copy/replace the /etc/shadow entry.
Comment 3 jfceklosky 2010-05-09 08:41:26 EDT
This is even more serious I can't even log in on my machine.  I think the problem comes from the pam modules.  I had to boot with a recovery disk and remove the passwords to login
Comment 4 Jan "Yenya" Kasprzak 2010-05-09 15:38:31 EDT
This affects my systems on x86_64 as well, trying to change arch tag to "all". Also trying to raise severity, I cannot login or change password anymore (altough ssh with key auth works).
Comment 5 Jan "Yenya" Kasprzak 2010-05-09 16:11:55 EDT
It is probably not a bug in passwd at all. Here is a list of modules which have been recently updated by yum on one of the affected systems:

May 04 04:18:27 Updated: gdb-7.0.1-45.fc12.x86_64
May 04 04:18:28 Updated: sudo-1.7.2p6-1.fc12.x86_64
May 04 04:18:29 Updated: ipvsadm-1.25-5.fc12.x86_64
May 04 04:18:39 Updated: selinux-policy-3.6.32-113.fc12.noarch
May 04 04:18:56 Updated: selinux-policy-targeted-3.6.32-113.fc12.noarch
May 04 04:18:59 Updated: nss-sysinit-3.12.6-4.fc12.x86_64
May 04 04:19:00 Updated: nss-3.12.6-4.fc12.x86_64
May 05 04:18:31 Updated: glibc-2.11.1-6.x86_64
May 05 04:18:39 Updated: glibc-common-2.11.1-6.x86_64
May 05 04:18:41 Updated: nano-2.0.9-6.fc12.x86_64
May 05 04:18:42 Updated: nscd-2.11.1-6.x86_64
May 05 04:18:43 Updated: iproute-2.6.29-5.0.20091009gitdaf49fd6.fc12.x86_64
May 05 04:18:44 Updated: glibc-headers-2.11.1-6.x86_64
May 05 04:18:45 Updated: glibc-devel-2.11.1-6.x86_64
May 07 04:32:09 Updated: nss_db-2.2-47.fc12.x86_64
May 07 04:32:11 Updated: ruby-libs-1.8.6.399-1.fc12.x86_64
May 08 03:47:14 Updated: libuuid-2.16.2-9.fc12.x86_64
May 08 03:47:15 Updated: libblkid-2.16.2-9.fc12.x86_64
May 08 03:47:16 Updated: nss-softokn-freebl-3.12.4-17.fc12.x86_64
May 08 03:47:17 Updated: perl-URI-1.54-1.fc12.noarch
May 08 03:47:17 Updated: perl-Digest-HMAC-1.02-1.fc12.noarch
May 08 03:47:19 Updated: util-linux-ng-2.16.2-9.fc12.x86_64
May 08 03:47:20 Updated: nss-softokn-3.12.4-17.fc12.x86_64

I have verified that setenforce permissive does not help, so SElinux is not a culprit here. 

I have tried to yum downgrade most of these pacakges, but passwd still segfaults and password auth over ssh does not work (even after restarting sshd).
Comment 6 jfceklosky 2010-05-09 21:42:36 EDT
My passwd and su breakage happened after the following update list:
( I doubt mplayer and mencoder have anything to do with this!)


May 07 22:35:15 Updated: libuuid-2.16.2-9.fc12.i686
May 07 22:35:15 Updated: libblkid-2.16.2-9.fc12.i686
May 07 22:35:16 Updated: libchamplain-0.4.5-1.fc12.i686
May 07 22:35:17 Updated: nss-softokn-freebl-3.12.4-17.fc12.i686
May 07 22:35:17 Updated: evince-libs-2.28.2-2.fc12.i686
May 07 22:35:18 Installed: mplayer-common-1.0-0.112.20100424svn.fc12.i686
May 07 22:35:19 Updated: perl-URI-1.54-1.fc12.noarch
May 07 22:35:20 Updated: libuuid-devel-2.16.2-9.fc12.i686
May 07 22:35:23 Updated: python-fedora-0.3.20-1.fc12.noarch
May 07 22:35:24 Updated: nss-softokn-3.12.4-17.fc12.i686
May 07 22:35:24 Updated: libchamplain-gtk-0.4.5-1.fc12.i686
May 07 22:35:27 Updated: vala-0.8.1-1.fc12.i686
May 07 22:35:28 Updated: mencoder-1.0-0.112.20100424svn.fc12.i686
May 07 22:35:30 Updated: mplayer-1.0-0.112.20100424svn.fc12.i686
May 07 22:35:30 Updated: nss-softokn-devel-3.12.4-17.fc12.i686
May 07 22:35:34 Updated: util-linux-ng-2.16.2-9.fc12.i686
May 07 22:35:48 Updated: tigervnc-1.0.1-1.fc12.i686
May 07 22:35:55 Updated: evince-2.28.2-2.fc12.i686
Comment 7 jfceklosky 2010-05-09 22:03:10 EDT
I think I found the culprit!

I ran the following and my SEGV's are gone.


       yum downgrade nss-softokn-freebl

I now have this version installed:

       nss-softokn-freebl-3.12.4-10.fc12.i686


This appears to be the BUSTED version:

       nss-softokn-freebl.i686 0:3.12.4-17.fc12
Comment 8 jfceklosky 2010-05-09 22:08:48 EDT
Wait with the above changes passwd does not SEGV, but a problem exists logging you in.  Something is still failing.
Comment 9 jfceklosky 2010-05-09 22:13:58 EDT
OK. All seems to be fine after the following

yum downgrade nss-softokn

I thinks the nss-softtokn packages are the problem!

nss-softokn-freebl
and
nss-softokn

I am running the following fine now:

nss-softokn-3.12.4-10.fc12.i686
nss-softokn-freebl-3.12.4-10.fc12.i686


The version 3.12.4-17.fc12 of BOTH of the above is BUSTED!
Comment 10 Jongman Heo 2010-05-10 00:28:01 EDT
I can confirm that downgrading nss-softokn & nss-softokn-freebl fixes the issue.

======================================================================
[snip]
Removed:
  nss-softokn.i686 0:3.12.4-17.fc12

Dependency Removed:
  nss-devel.i686 0:3.12.6-4.fc12                  nss-devel.i686 0:3.12.6-5.fc12                   
  nss-pkcs11-devel.i686 0:3.12.6-5.fc12           nss-softokn-devel.i686 0:3.12.4-17.fc12          
  rpm-devel.i686 0:4.7.2-1.fc12                   xulrunner-devel.i686 0:1.9.1.9-1.fc12            

Installed:
  nss-softokn.i686 0:3.12.4-10.fc12 


 -> still segfaulted.

======================================================================
[snip]
Removed: 
  nss-softokn-freebl.i686 0:3.12.4-7.fc12

Installed:
  nss-softokn-freebl.i686 0:3.12.4-10.fc12  


 -> passwd works without problem
Comment 11 Jan "Yenya" Kasprzak 2010-05-10 02:28:40 EDT
I can confirm that "yum downgrade nss-softokn nss-softokn-freebl" fixes the problem for me (as described in comment #9). 

I am changing the component to nss-softokn.
Comment 12 javierwilson 2010-05-10 09:53:38 EDT
Yes! Thanks a lot!
Comment 13 Elio Maldonado Batiz 2010-05-10 10:30:09 EDT
The cause of the problems is now understood and we evaluating solution options. 
A typo in the spec file caused the upgrade to occur even though a minimum version requirement on another package wasn't met. A fix is in the works. In the meantime the work-around is to downgrade nss-softokn.
Comment 14 Dan Book 2010-05-10 11:56:56 EDT
*** Bug 590756 has been marked as a duplicate of this bug. ***
Comment 15 Elio Maldonado Batiz 2010-05-10 13:19:37 EDT
nss-softokn-3.12.4-19 has been sent to updated-testing
https://admin.fedoraproject.org/updates/nss-softokn-3.12.4-19.fc12
and see also https://bugzilla.redhat.com/show_bug.cgi?id=590508#c3
Applying the two updates together should take of the reported problems.
Comment 16 Elio Maldonado Batiz 2010-05-29 20:31:10 EDT

*** This bug has been marked as a duplicate of bug 590199 ***

Note You need to log in before you can comment on or make changes to this bug.