Bug 972542 - Supplying only compressed pw_dict.pwd.gz breaks revelation
Supplying only compressed pw_dict.pwd.gz breaks revelation
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: cracklib (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
: Reopened
: 998321 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-09 21:32 EDT by Tom London
Modified: 2013-08-28 06:10 EDT (History)
2 users (show)

See Also:
Fixed In Version: cracklib-2.9.0-4.fc20
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-08-28 06:10:36 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
teach the python binding to check for the presence of compressed dictionaries (2.20 KB, patch)
2013-06-10 11:46 EDT, Nalin Dahyabhai
no flags Details | Diff

  None (edit)
Description Tom London 2013-06-09 21:32:25 EDT
Description of problem:
cracklib-dicts-2.9.0-1.fc20.x86_64 seems to provide only pw_dict.pwd.gz, not pw_dict.pwd.

Revelation (revelation-0.4.14-4.fc20.x86_64) seems to expect the uncompressed version:

[tbl@tlondon ~]$ revelation
Traceback (most recent call last):
  File "/usr/lib64/python2.7/site-packages/revelation/ui.py", line 1019, in __cb_check_password
    util.check_password(password)
  File "/usr/lib64/python2.7/site-packages/revelation/util.py", line 97, in check_password
    cracklib.FascistCheck(password)
OSError: [Errno 2] No such file or directory: '/usr/share/cracklib/pw_dict.pwd'
[tbl@tlondon ~]$ 

Manually uncompressing the file "makes it work".

Not sure this is an issue for cracklib or for revelation.

Version-Release number of selected component (if applicable):
cracklib-dicts-2.9.0-1.fc20.x86_64
revelation-0.4.14-4.fc20.x86_64

How reproducible:
Every time.....

Steps to Reproduce:
1. Start revelation
2. Try to update an entry
3.

Actual results:


Expected results:


Additional info:
Comment 1 Nalin Dahyabhai 2013-06-10 10:46:04 EDT
Eek, looks like it breaks anything using the python binding.
Comment 2 Nalin Dahyabhai 2013-06-10 11:46:17 EDT
Created attachment 759236 [details]
teach the python binding to check for the presence of compressed dictionaries

The python binding makes precautionary checks to see if the dictionary it will be opening is present, but it doesn't know about the main library's ability to use compressed dictionaries.  Fix that.
Comment 3 Fedora Admin XMLRPC Client 2013-06-10 12:17:48 EDT
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 4 Tomas Mraz 2013-08-20 02:37:30 EDT
*** Bug 998321 has been marked as a duplicate of this bug. ***
Comment 5 Tom London 2013-08-20 09:15:18 EDT
Did the above (or similar) patch ever "make it in"?

I'm still seeing this issue if I try to add an entry and click on "generate password":

Traceback (most recent call last):
  File "/usr/lib64/python2.7/site-packages/revelation/ui.py", line 1057, in <lambda>
    self.button = Button(_('Generate'), lambda w: self.generate())
  File "/usr/lib64/python2.7/site-packages/revelation/ui.py", line 1066, in generate
    password = util.generate_password(self.config.get("passwordgen/length"),self.config.get("passwordgen/punctuation"))
  File "/usr/lib64/python2.7/site-packages/revelation/util.py", line 235, in generate_password
    check_password(password)
  File "/usr/lib64/python2.7/site-packages/revelation/util.py", line 97, in check_password
    cracklib.FascistCheck(password)
OSError: [Errno 2] No such file or directory: '/usr/share/cracklib/pw_dict.pwd'
Comment 6 Tomas Mraz 2013-08-20 10:03:13 EDT
Yes, it was never patched in Fedora. I created a slightly different patch and apply it.
Comment 7 Tom London 2013-08-22 09:19:42 EDT
Well, revelation no longer crashes, but it now takes up to 20-30 seconds to generate a password.

Not sure if this is an issue with the above patch or with how revelation is using cracklib.....
Comment 8 Tomas Mraz 2013-08-22 10:25:48 EDT
That's really weird. If you ungzip the /usr/share/cracklib/pw_dict.pwd.gz does it work normally?

If you issue cracklib-check and enter a password how long does it take to produce output?
Comment 9 Tom London 2013-08-23 09:18:00 EDT
If I unzip cracklib-small.pwd and pw_dict.pwd into /usr/share/cracklib/ "generate" works instantly.

If I remove them, then it takes 10-20 seconds or so for it to work.

[tbl@tlondon ~]$ time cracklib-check <dummies
Obscured 16 character random-type password: OK

real	0m3.756s
user	0m3.706s
sys	0m0.049s
[tbl@tlondon ~]$ 

After restoring the uncompressed files:

[tbl@tlondon ~]$ time cracklib-check <dummies
Obscured 16 character random-type password: OK

real	0m0.055s
user	0m0.000s
sys	0m0.003s
[tbl@tlondon ~]$
Comment 10 Tomas Mraz 2013-08-23 09:25:04 EDT
Hmm, we should probably revert to uncompressed dictionaries? Nalin, what do you think?
Comment 11 Tomas Mraz 2013-08-23 09:27:30 EDT
I don't think such performance degradation is worth the reduction of size to just slightly under half the original one.
Comment 12 Nalin Dahyabhai 2013-08-23 15:27:42 EDT
If it's that big a performance hit, and it doesn't help much with bug #865521, then yes, it might as well be reverted.
Comment 13 Tomas Mraz 2013-08-28 06:10:36 EDT
The reports of performance problems are coming from elsewhere too. I've reverted the compression.

Note You need to log in before you can comment on or make changes to this bug.