831906 – sanlock: segfault with SANLOCKOPTS="-w 0" configuration

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 831906 - sanlock: segfault with SANLOCKOPTS="-w 0" configuration

Summary: sanlock: segfault with SANLOCKOPTS="-w 0" configuration

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	sanlock
Sub Component:
Version:	6.3
Hardware:	x86_64
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	David Teigland
QA Contact:	Haim
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	841992 906027
TreeView+	depends on / blocked

Reported:	2012-06-14 03:30 UTC by Alex Jia
Modified:	2016-04-26 14:48 UTC (History)
CC List:	10 users (show)
Fixed In Version:	sanlock-2.5-1.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-02-21 08:52:48 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2013:0530	0	normal	SHIPPED_LIVE	sanlock bug fix and enhancement update	2013-02-21 02:02:17 UTC

Description Alex Jia 2012-06-14 03:30:49 UTC

Description of problem:
To append SANLOCKOPTS="-w 0" into /etc/sysconfig/sanlock then start sanlock service, sanlock will stop due to a segfault error and some selinux AVC denied error.

Version-Release number of selected component (if applicable):
# rpm -q sanlock kernel selinux-policy libvirt
sanlock-2.3-1.el6.x86_64
kernel-2.6.32-278.el6.x86_64
selinux-policy-3.7.19-154.el6.noarch
libvirt-0.9.10-21.el6.x86_64


How reproducible:
always

Steps to Reproduce:
1. To append SANLOCKOPTS="-w 0" into /etc/sysconfig/sanlock
2. open a new terminal then run tailf /var/log/messages
3. service sanlock start
4. service sanlock status
5. grep avc /var/log/audit/audit.log | grep sanlock
  
Actual results:
# service sanlock status
sanlock is stopped

# service sanlock start
Starting sanlock:                                          [  OK  ]

# service sanlock status
sanlock is stopped

Expected results:
Can successfull start sanlock service without segfault error.

Additional info:

# tailf /var/log/messages

<snip>

Jun 14 11:05:13 intel-8400-8-1 kernel: sanlock[29558]: segfault at 8 ip 00007fee0c8dc5a1 sp 00007fff1daa0ad8 error 4 in libc-2.12.so[7fee0c85c000+189000]
Jun 14 11:05:13 intel-8400-8-1 abrtd: Directory 'ccpp-2012-06-14-11:05:13-29558' creation detected
Jun 14 11:05:13 intel-8400-8-1 abrt[29560]: Saved core dump of pid 29558 (/usr/sbin/sanlock) to /var/spool/abrt/ccpp-2012-06-14-11:05:13-29558 (16183296 bytes)
Jun 14 11:05:13 intel-8400-8-1 abrtd: Package 'sanlock' isn't signed with proper key
Jun 14 11:05:13 intel-8400-8-1 abrtd: 'post-create' on '/var/spool/abrt/ccpp-2012-06-14-11:05:13-29558' exited with 1
Jun 14 11:05:13 intel-8400-8-1 abrtd: Corrupted or bad directory /var/spool/abrt/ccpp-2012-06-14-11:05:13-29558, deleting
Jun 14 11:05:13 intel-8400-8-1 abrtd: Corrupted or bad directory /var/spool/abrt/ccpp-2012-06-14-11:05:13-29558, deleting

</snip>

Unfortunately, core dump file is also deleted due to some errors.

# cat /etc/sysconfig/sanlock 
SANLOCKOPTS="-w 0"

# service wdmd status
wdmd is stopped

# getsebool -a | grep sanlock
sanlock_use_nfs --> off
sanlock_use_samba --> off
virt_use_sanlock --> on

# grep avc /var/log/audit/audit.log | grep sanlock

<snip>

type=AVC msg=audit(1339315900.009:41782): avc:  denied  { signal } for  pid=22908 comm="sanlock" scontext=unconfined_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:sanlock_t:s0-s0:c0.c1023 tclass=process
type=AVC msg=audit(1339315900.009:41783): avc:  denied  { setgid } for  pid=22909 comm="sanlock" capability=6  scontext=unconfined_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:sanlock_t:s0-s0:c0.c1023 tclass=capability
type=AVC msg=audit(1339316617.086:41791): avc:  denied  { search } for  pid=23009 comm="sanlock" scontext=unconfined_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir
type=AVC msg=audit(1339316617.086:41791): avc:  denied  { read } for  pid=23009 comm="sanlock" scontext=unconfined_u:system_r:sanlock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=file

</snip>

Will also file a selinux-policy bug to trace this issue.

Comment 2 David Teigland 2012-07-09 21:42:18 UTC


*** This bug has been marked as a duplicate of bug 838654 ***

Comment 3 David Teigland 2012-07-13 15:26:54 UTC

deconsolidating

Comment 6 Leonid Natapov 2012-12-17 15:26:31 UTC

sanlock-2.6-2.el6.x86_64
no segfault when  SANLOCKOPTS="-w 0" activated in  /etc/sysconfig/sanlock
sanlock service can be successfully started.

Comment 8 errata-xmlrpc 2013-02-21 08:52:48 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0530.html

Note You need to log in before you can comment on or make changes to this bug.