#1932 sssd_be crashing with nested ldap groups contain a dangling member
Closed: Fixed None Opened 6 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 963235

Description of problem:
I have several fully patched RedHat boxes (20 or more), with the following sssd
rpms installed:

sssd-client-1.9.2-82.7.el6_4.x86_64
sssd-1.9.2-82.7.el6_4.x86_64

Whenever a lookup is done (for example opening an SSH session or running groups
username) to figure out a users' group membership and that particular user is a
member of a ldap group that is nested in another ldap group, sssd_be aborts
with the following logged to /var/log/messages:

kernel: sssd_be[32294]: segfault at 0 ip (null) sp 00007fff4a2f2eb8 error 14 in
sssd_be[400000+87000]

I do make use of the ldap_schema = rfc2307bis and ldap_group_member =
uniqueMember options, as our ldap provider is Oracle Enterprise Directory
Server (formally Sun Directory Server).

I have also confirmed that this issue was introduced with an update to sssd
released sometime after sssd-1.9.2-82.el6.x86_64, as in order to further
troubleshoot this, I did a clean build of a RedHat 6.4 client, used the same
/etc/sssd/sssd.conf file and have yet to have any trouble with the sssd daemon
crashing.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. install update to sssd higher than sssd-1.9.2-82.el6.x86_64
2. use nested ldap groups
3. run groups username command

Actual results:
sssd crashes with the following logged to /var/log/messages:

kernel: sssd_be[32294]: segfault at 0 ip (null) sp 00007fff4a2f2eb8 error 14 in
sssd_be[400000+87000]

Expected results:

with client running sssd-1.9.2-82.7.el6_4.x86_64 or lowered (i.e. fresh RedHat
6.4 install or previous version of 6.x) sssd does not crash

Additional info:

Can slip into 1.10.x

blockedby: =>
blocking: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
milestone: NEEDS_TRIAGE => SSSD 1.10.0
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

milestone: SSSD 1.10.0 => SSSD 1.10.1

Was there any news from the reporter? If not, please close as worksforme.

changelog: =>
owner: somebody => lslebodn

Bugzilla ticket BZ963235 was closed with reason: INSUFFICIENT_DATA

resolution: => worksforme
status: new => closed

Fields changed

resolution: worksforme =>
status: closed => reopened

I am now able to reproduce the bug with Najmuddin's help.

owner: lslebodn => jhrozek
status: reopened => new

This bug only affects the 1.9 series.

milestone: SSSD 1.10.1 => SSSD 1.9.6
status: new => assigned

resolution: => fixed
status: assigned => closed

Fields changed

changelog: => N/A, just a bugfix

Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.9.6

2 years ago

Login to comment on this ticket.

Metadata