Red Hat Bugzilla – Bug 987536
sssd_be segfaults on sudo usage
Last modified: 2013-08-08 04:18:18 EDT
Description of problem:
SSSD is configured with ldap/kerberos. Functions normally, except running the sudo command causes sssd_be to crash. Most of the time the processes is automatically relaunched and sssd recovers. Occasionally however, sssd does not recover and needs to be manually restarted before users can login again. Sudo is actually successful despite the crash.
Version-Release number of selected component (if applicable):
Apparently something specific to our sssd configuration causes this, but I am not sure what. We are authenticating against an AD domain using ldap for directory services and krb5 for the actual auth. We do not have this issue with nslcd/pam.
coredump has potentially sensitive information, so I'll send it privately but do not want to attach here.
Thank you very much for the bug report. We are not currently aware of any sssd_be crash related to sudo. Feel free to send the corefile to my address (firstname.lastname@example.org) and copy Pavel Brezina (email@example.com).
Also would you mind attaching the logs when you send the core file? To generate the logs, put "debug_level=10" into the [sudo] and [domain] sections of the sssd.conf, restart the sssd, re-run the crasher case and then attach the contents of /var/log/sssd/
thank you for the corefile. Unfortunately, it is not clear why SSSD gets to the state where it crashes.
Can you also send us the logs and possibly sssd.conf please?
Is this always reproducible or does this happen only sporadically?
Hi, any luck getting the log files Pavel requested? Since you were able to reproduce the problem in-house, the log files would be a great help for us..
Sorry, I'll email the log entries today. This does happen sporadically, I'd say maybe 10% of the time we run sudo. I should also mention we are not using SSSD for our sudo database, we are using the standard sudoers file. However there are groups in sudoers that come from ldap via SSSD.
(In reply to mleary from comment #6)
> Sorry, I'll email the log entries today. This does happen sporadically, I'd
> say maybe 10% of the time we run sudo.
Right, according to Pavel's investigation of the core file, the bug is actually a use-after-free problem, so chances are that the contents of the memory are still available despite beeing freed most of the time.
> I should also mention we are not
> using SSSD for our sudo database, we are using the standard sudoers file.
> However there are groups in sudoers that come from ldap via SSSD.
Yep, the crash seems to have happened in the nested group processing.
Thanks for the logs, either me or Pavel would take a look..
we believe we found the culprit. There was a use-after-free situation in one of the less probable branches of the nested group processing. I built test packages which are the same as the 6.4 ones, just with the additional fix on top. Can you try them out if you have a moment?
The builds are here:
btw this is most likely the same issue as the one tracked in #963235
Marking this bug as duplicate of #963235 as that one has more complete information.
*** This bug has been marked as a duplicate of bug 963235 ***