#1383 sssd_nss segfaults performing netgroup lookups without a specified domain

Created 4 years ago by sgallagh
Modified 12 hours ago

https://bugzilla.redhat.com/show_bug.cgi?id=833789 (Fedora)

Description of problem:

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce: (Not sure if this is related, but the case where crash was
detected is)

1. # ipa sudorule-show sudorule1 --all --raw
  dn: ipauniqueid=8d023938-bac0-11e1-b429-525400951069,cn=sudorules,cn=sudo,dc=
  cn: sudorule1
  ipaenabledflag: TRUE
  memberhost: cn=hostgrp1,cn=hostgroups,cn=accounts,dc=testrelm,dc=com
  memberuser: uid=user1,cn=users,cn=accounts,dc=testrelm,dc=com
  ipauniqueid: 8d023938-bac0-11e1-b429-525400951069
  objectclass: ipaassociation
  objectclass: ipasudorule

2. # ldapsearch -LLL -Y GSSAPI -b ou=SUDOers,dc=testrelm,dc=com
SASL/GSSAPI authentication started
SASL username: admin@TESTRELM.COM
SASL data security layer installed.
dn: ou=sudoers,dc=testrelm,dc=com
objectClass: extensibleObject
ou: sudoers

dn: cn=sudorule1,ou=sudoers,dc=testrelm,dc=com
objectClass: sudoRole
sudoUser: user1
sudoHost: +hostgrp1
cn: sudorule1

3. [root@dhcp201-207 ~]#  ssh -o StrictHostKeyChecking=no -l user1
user1@dhcp201-207.testrelm.com's password:
Last login: Wed Jun 20 07:06:09 2012 from dhcp201-207.testrelm.com

4. -sh-4.2$ sudo -l

Actual results:
Jun 20 07:06:17 dhcp201-207 kernel: [1039881.361685] sssd_nss[20374]: segfault
at 20 ip 0000003af5e89d8d sp 00007fff523572d8 e
rror 4 in libc-2.15.so[3af5e00000+1ac000]
Jun 20 07:06:17 dhcp201-207 abrtd: Directory 'ccpp-2012-06-20-07:06:17-20374'
creation detected
Jun 20 07:06:17 dhcp201-207 abrt[20454]: Saved core dump of pid 20374
(/usr/libexec/sssd/sssd_nss) to /var/spool/abrt/ccpp-201
2-06-20-07:06:17-20374 (1142784 bytes)
Jun 20 07:06:17 dhcp201-207 sssd[nss]: Starting up

Expected results: No crash detected.

Additional info:

relevant sssd.conf:

cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = testrelm.com
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = dhcp201-207.testrelm.com
chpass_provider = ipa
ipa_server = dhcp201-207.testrelm.com
ldap_tls_cacert = /etc/ipa/ca.crt
services = nss, pam, ssh
config_file_version = 2

domains = testrelm.com

sudo debug:
-sh-4.2$ sudo -l
LDAP Config Summary
uri              ldap://dhcp201-207.testrelm.com
ldap_version     3
sudoers_base     ou=SUDOers,dc=testrelm,dc=com
binddn           uid=sudo,cn=sysaccounts,cn=etc,dc=testrelm,dc=com
bindpw           bind123
bind_timelimit   5
timelimit        15
ssl              no
tls_checkpeer    (yes)
tls_cacertfile   /etc/ipa/ca.crt
tls_cacertdir    /etc/ipa
sudo: ldap_initialize(ld, ldap://dhcp201-207.testrelm.com)
sudo: ldap_set_option: debug -> 0
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_set_option: tls_checkpeer -> 1
sudo: ldap_set_option: tls_cacertfile -> /etc/ipa/ca.crt
sudo: ldap_set_option: tls_cacert -> /etc/ipa/ca.crt
sudo: ldap_set_option: tls_cacertdir -> /etc/ipa
sudo: ldap_set_option: timelimit -> 15
sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 5)
sudo: ldap_sasl_bind_s() ok
sudo: Looking for cn=defaults: cn=defaults
sudo: no default options found in ou=SUDOers,dc=testrelm,dc=com
sudo: ldap search '(|(sudoUser=user1)(sudoUser=%user1)(sudoUser=ALL))'
sudo: searching from base 'ou=SUDOers,dc=testrelm,dc=com'
sudo: adding search result
sudo: ldap sudoHost '+hostgrp1' ... not
sudo: result now has 0 entries
sudo: ldap search '(sudoUser=+*)'
sudo: searching from base 'ou=SUDOers,dc=testrelm,dc=com'
sudo: adding search result
sudo: result now has 0 entries
sudo: sorting remaining 0 entries
sudo: perform search for pwflag 52
sudo: done with LDAP searches
sudo: user_matches=1
sudo: host_matches=0
sudo: sudo_ldap_lookup(52)=0x42
[sudo] password for user1:

Fields changed

blockedby: =>
blocking: =>
coverity: =>
feature_milestone: =>
keywords: => Regression
milestone: NEEDS_TRIAGE => SSSD 1.9.0 beta 3
owner: somebody => sgallagh
patch: 0 => 1
priority: major => blocker
status: new => assigned
tests: => 0
testsupdated: => 0
upgrade: => 0

Don't think this is related to sudo since the same crash is detected while doing a "getent netgroup hostgrp1"

You are correct, Shanks. It was due to the recent patches to the name/domain parsing. A patch is on the sssd-devel list now.

summary: sssd_nss segfaults when sudo operation is performed. => sssd_nss segfaults performing netgroup lookups without a specified domain

Fixed by 4b0b0bc3f9c4966b9f1a7433803a37c36fcaf285 (master)

resolution: => fixed
status: assigned => closed

12 hours ago

Metadata Update from @sgallagh:
- Issue assigned to sgallagh
- Issue set to the milestone: SSSD 1.9.0 beta 3

Login to comment on this ticket.