Red Hat Bugzilla – Bug 972542
Supplying only compressed pw_dict.pwd.gz breaks revelation
Last modified: 2013-08-28 06:10:36 EDT
Description of problem: cracklib-dicts-2.9.0-1.fc20.x86_64 seems to provide only pw_dict.pwd.gz, not pw_dict.pwd. Revelation (revelation-0.4.14-4.fc20.x86_64) seems to expect the uncompressed version: [tbl@tlondon ~]$ revelation Traceback (most recent call last): File "/usr/lib64/python2.7/site-packages/revelation/ui.py", line 1019, in __cb_check_password util.check_password(password) File "/usr/lib64/python2.7/site-packages/revelation/util.py", line 97, in check_password cracklib.FascistCheck(password) OSError: [Errno 2] No such file or directory: '/usr/share/cracklib/pw_dict.pwd' [tbl@tlondon ~]$ Manually uncompressing the file "makes it work". Not sure this is an issue for cracklib or for revelation. Version-Release number of selected component (if applicable): cracklib-dicts-2.9.0-1.fc20.x86_64 revelation-0.4.14-4.fc20.x86_64 How reproducible: Every time..... Steps to Reproduce: 1. Start revelation 2. Try to update an entry 3. Actual results: Expected results: Additional info:
Eek, looks like it breaks anything using the python binding.
Created attachment 759236 [details] teach the python binding to check for the presence of compressed dictionaries The python binding makes precautionary checks to see if the dictionary it will be opening is present, but it doesn't know about the main library's ability to use compressed dictionaries. Fix that.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
*** Bug 998321 has been marked as a duplicate of this bug. ***
Did the above (or similar) patch ever "make it in"? I'm still seeing this issue if I try to add an entry and click on "generate password": Traceback (most recent call last): File "/usr/lib64/python2.7/site-packages/revelation/ui.py", line 1057, in <lambda> self.button = Button(_('Generate'), lambda w: self.generate()) File "/usr/lib64/python2.7/site-packages/revelation/ui.py", line 1066, in generate password = util.generate_password(self.config.get("passwordgen/length"),self.config.get("passwordgen/punctuation")) File "/usr/lib64/python2.7/site-packages/revelation/util.py", line 235, in generate_password check_password(password) File "/usr/lib64/python2.7/site-packages/revelation/util.py", line 97, in check_password cracklib.FascistCheck(password) OSError: [Errno 2] No such file or directory: '/usr/share/cracklib/pw_dict.pwd'
Yes, it was never patched in Fedora. I created a slightly different patch and apply it.
Well, revelation no longer crashes, but it now takes up to 20-30 seconds to generate a password. Not sure if this is an issue with the above patch or with how revelation is using cracklib.....
That's really weird. If you ungzip the /usr/share/cracklib/pw_dict.pwd.gz does it work normally? If you issue cracklib-check and enter a password how long does it take to produce output?
If I unzip cracklib-small.pwd and pw_dict.pwd into /usr/share/cracklib/ "generate" works instantly. If I remove them, then it takes 10-20 seconds or so for it to work. [tbl@tlondon ~]$ time cracklib-check <dummies Obscured 16 character random-type password: OK real 0m3.756s user 0m3.706s sys 0m0.049s [tbl@tlondon ~]$ After restoring the uncompressed files: [tbl@tlondon ~]$ time cracklib-check <dummies Obscured 16 character random-type password: OK real 0m0.055s user 0m0.000s sys 0m0.003s [tbl@tlondon ~]$
Hmm, we should probably revert to uncompressed dictionaries? Nalin, what do you think?
I don't think such performance degradation is worth the reduction of size to just slightly under half the original one.
If it's that big a performance hit, and it doesn't help much with bug #865521, then yes, it might as well be reverted.
The reports of performance problems are coming from elsewhere too. I've reverted the compression.