Bug 590269 - Update to 3.12.4-17 breaks pam
Update to 3.12.4-17 breaks pam
Status: CLOSED DUPLICATE of bug 590199
Product: Fedora
Classification: Fedora
Component: nss-softokn (Show other bugs)
12
All Linux
low Severity urgent
: ---
: ---
Assigned To: Elio Maldonado Batiz
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-05-08 09:26 EDT by Felipe Contreras
Modified: 2010-05-08 09:39 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-05-08 09:39:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Felipe Contreras 2010-05-08 09:26:45 EDT
After updating nss-softokn{,-freebl} to 3.12.4-17 I'm not able to login to my system any more.

Reverting back to 3.12.4-15 fixes the problem.

Right after upgrade if I try to login (the password is correct):

% su felipec
Password: 
su: incorrect password

If I try to change my password:

% passwd
Changing password for user felipec.
Changing password for felipec.
(current) UNIX password: 
passwd: Authentication token manipulation error

If I remove the password for my user in /etc/shadow:

% passwd
Changing password for user felipec.
New password: 
Retype new password: 
zsh: segmentation fault  passwd

This is the backtrace:
#0  strncmp (s1=0xb7616c29 "6$", s2=0x0, n=3) at strncmp.c:66
#1  0xb76137ed in create_password_hash (pamh=<value optimized out>, password=<value optimized out>, ctrl=<value optimized out>, 
    rounds=<value optimized out>) at passverify.c:427
#2  0xb760fd1b in pam_sm_chauthtok (pamh=<value optimized out>, flags=<value optimized out>, argc=<value optimized out>, 
    argv=<value optimized out>) at pam_unix_passwd.c:754
#3  0x4d6cc36f in _pam_dispatch_aux (pamh=<value optimized out>, flags=<value optimized out>, choice=<value optimized out>)
    at pam_dispatch.c:110
#4  _pam_dispatch (pamh=<value optimized out>, flags=<value optimized out>, choice=<value optimized out>) at pam_dispatch.c:407
#5  0x4d6d0523 in pam_chauthtok (pamh=<value optimized out>, flags=<value optimized out>) at pam_password.c:48
#6  0x0804a035 in ?? ()
#7  0x4c58dbb6 in __libc_start_main (main=0x8049780, argc=1, ubp_av=0xbfec1bb4, init=0x804c170, fini=0x804c160, rtld_fini=
    0x4c563d10 <_dl_fini>, stack_end=0xbfec1bac) at libc-start.c:226
#8  0x08049641 in ?? ()

s2(sp) is null because crypt returns NULL here (the password is correct):
sp = crypt(password, salt);

And this is part of an strace that points to bug #504949:
open("/dev/urandom", O_RDONLY|O_LARGEFILE) = 5
read(5, "\356G&\256.\215\275(", 8)      = 8
close(5)                                = 0
open("/etc/ld.so.cache", O_RDONLY)      = 5
fstat64(5, {st_mode=S_IFREG|0644, st_size=104092, ...}) = 0
mmap2(NULL, 104092, PROT_READ, MAP_PRIVATE, 5, 0) = 0xb75e1000
close(5)                                = 0
open("/lib/libnspr4.so", O_RDONLY)      = 5
read(5, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 h\312M4\0\0\0"..., 512) = 512
fstat64(5, {st_mode=S_IFREG|0755, st_size=244572, ...}) = 0
close(5)                                = 0
munmap(0xb75e1000, 104092)              = 0
open("/proc/sys/crypto/fips_enabled", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libfreebl3.chk", O_RDONLY)   = 5
read(5, "\361\305\1\2\0\0\0\f\0\0\0\1", 12) = 12
lseek(5, 12, SEEK_SET)                  = 12
read(5, "\0\0\0\201", 4)                = 4
read(5, "\0\227D\35\314\r9\r\215\313u\334$%o\1\222\241\21\7kp\254s\327\202(\337\253\202\fA"..., 129) = 129
read(5, "\0\0\0\25", 4)                 = 4
read(5, "\0\330\26#4\212\236:\365\331\20\0235\252\363\363T\v1$\361", 21) = 21
read(5, "\0\0\0\200", 4)                = 4
read(5, "\3:\255\372:\f\352\nNC2\222\273\207\361\21\300\25598V\32\333#f\261\10\332\266\31QB"..., 128) = 128
read(5, "\0\0\0\200", 4)                = 4
read(5, "ZjJs\215\316\361\33\231?\26\362z7{\313q\23&p\203\262\330\5N\327\222\270V\226\20\334"..., 128) = 128
read(5, "\0\0\0(", 4)                   = 4
read(5, "YZ\2313\220\323\10\200\373\225L\231iC\t\256\257\243'\231\0d\ro\6\306]\262\245@\322\241"..., 40) = 40
close(5)                                = 0
stat64("/usr/sbin/prelink", {st_mode=S_IFREG|0755, st_size=1175812, ...}) = 0
pipe([5, 6])                            = 0
vfork()                                 = 10033
close(6)                                = 0
read(5, "", 512)                        = 0
--- SIGCHLD (Child exited) @ 0 (0) ---
close(5)                                = 0
waitpid(10033, NULL, 0)                 = 10033
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Comment 1 Felipe Contreras 2010-05-08 09:39:09 EDT

*** This bug has been marked as a duplicate of bug 590199 ***

Note You need to log in before you can comment on or make changes to this bug.