Bug 69236 - tripwire --init segfaults if using LDAP for user authentication
Summary: tripwire --init segfaults if using LDAP for user authentication
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: tripwire (Show other bugs)
(Show other bugs)
Version: 7.2
Hardware: i386 Linux
Target Milestone: ---
Assignee: Jeff Johnson
QA Contact: David Lawrence
Depends On:
TreeView+ depends on / blocked
Reported: 2002-07-19 13:01 UTC by Dave Miller
Modified: 2007-04-18 16:44 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2002-08-09 20:46:38 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Dave Miller 2002-07-19 13:01:19 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.1b) Gecko/20020716

Description of problem:
running "/usr/sbin/tripwire --init" on a system that uses LDAP for
authentication results in a segfault.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.enable LDAP lookups by adding "ldap" after passwd, shadow, and group in
2.run /usr/sbin/tripwire --init

Actual Results:
[root@delenn root]# /usr/sbin/tripwire --init
Please enter your local passphrase: 
Parsing policy file: /etc/tripwire/tw.pol
Generating the database...
*** Processing Unix File System ***
Software interrupt forced exit: Segmentation Fault

Expected Results:  database creation should not have crashed

Additional info:

running strace on tripwire reveals that the segfault ocurrs immediately
following loading /etc/nsswitch.conf, which given that I can't reproduce this on
a system that's not using LDAP, seems to place the blame pretty squarely on the
fact that LDAP name lookups are enabled.

The relevant lines out of /etc/nsswitch.conf are:
passwd:     files ldap
shadow:     files ldap
group:      files ldap

The tail end of the strace follows:
read(4, "search syndicomm.com\nnameserver "..., 4096) = 44
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x4007a000, 4096)                = 0
socket(PF_UNIX, SOCK_STREAM, 0)         = 4
connect(4, {sin_family=AF_UNIX, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT
(No such file or directory)
close(4)                                = 0
open("/etc/nsswitch.conf", O_RDONLY)    = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=1733, ...}) = 0
read(4, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1733
read(4, "", 4096)                       = 0
close(4)                                = 0
munmap(0x4007a000, 4096)                = 0
--- SIGSEGV (Segmentation fault) ---
write(2, "Software interrupt forced exit: "..., 51Software interrupt forced
exit: Segmentation Fault
) = 51
munmap(0x40075000, 4096)                = 0
munmap(0x40074000, 4096)                = 0
_exit(8)                                = ?

Comment 1 Dave Miller 2002-07-19 14:47:03 UTC
I was able to successfully work around this by installing nscd, but I'm not sure
if that's a "real" solution, so I'll leave this open.

Comment 2 Jeff Johnson 2002-08-10 15:27:08 UTC
FWIW, rpm has this problem too, all statically
linked binaries that use getpwnam(3), thereby loading
the pam LDAP module, will have this problem.

Running nscd is the only solution ATM.

Note You need to log in before you can comment on or make changes to this bug.