#2629 sssd_be segfault id_provider = ad src/providers/ad/ad_gpo.c:843
Closed: Fixed None Opened 5 years ago by lslebodn.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1205852

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

Created attachment 1006415
crask.tgz

Description of problem:
sssd_be segfaulting with :
Reading symbols from /usr/libexec/sssd/sssd_be...Reading symbols from
/usr/lib/debug/usr/libexec/sssd/sssd_be.debug...done.
done.
[New LWP 2487]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/libexec/sssd/sssd_be --domain na.lzb.hq --uid 0
--gid 0 --debug-to-files'.
Program terminated with signal 11, Segmentation fault.
#0  ad_gpo_filter_gpos_by_dacl (_num_dacl_filtered_gpos=0x7f88e1de6810,
_dacl_filtered_gpos=0x7f88e1de6808, num_candidate_gpos=<optimized out>,
candidate_gpos=<optimized out>, idmap_ctx=<optimized out>,
    domain=<optimized out>, user=<optimized out>, mem_ctx=0x7f88e1de67a0) at
src/providers/ad/ad_gpo.c:843
843             dacl = candidate_gpo->gpo_sd->dacl;
(gdb) bt
#0  ad_gpo_filter_gpos_by_dacl (_num_dacl_filtered_gpos=0x7f88e1de6810,
_dacl_filtered_gpos=0x7f88e1de6808, num_candidate_gpos=<optimized out>,
candidate_gpos=<optimized out>, idmap_ctx=<optimized out>,
    domain=<optimized out>, user=<optimized out>, mem_ctx=0x7f88e1de67a0) at
src/providers/ad/ad_gpo.c:843
#1  ad_gpo_process_gpo_done (subreq=0x0) at src/providers/ad/ad_gpo.c:1939
#2  0x00007f88d1ab6693 in ad_gpo_get_gpo_attrs_done (subreq=0x0) at
src/providers/ad/ad_gpo.c:3619
#3  0x00007f88df47e0c2 in tevent_common_add_fd (ev=<optimized out>,
mem_ctx=<optimized out>, fd=-604581600, flags=<optimized out>,
handler=<optimized out>, private_data=<optimized out>,
    handler_name=0x7f88e1de6cc0 "\260\340\022\342\210\177",
location=0x7f88e1dbda80 "s\f\025\350\210\177") at ../tevent_fd.c:74
#4  0x0000000000000000 in ?? ()


Version-Release number of selected component (if applicable):
sssd-1.12.2-58.el7.x86_64

How reproducible:
ssh to server

Steps to Reproduce:
1.
2.
3.

Actual results:
sssd_be segfaults

Expected results:
sssd_be should not segfault

Additional info:

I have figured out how to reproduce the bug.

  1. Create a two-domain forest, with one domain being the child of the other. (e.g. multilevel.ad and child.multilevel.ad)
  2. Create a new policy on the parent domain containing access-control rules and add it to the Default-First-Site-Name site (or whatever site the client machine is going to be associated with).
  3. Enroll a client machine with realmd (or manually) against the child domain. Make sure this client machine is assigned to the same site as the parent policy is being applied to.

Results:
When trying to process the site-level GPOs, SSSD encounters a referral to the parent domain controller. SSSD doesn't follow this referral and as a result it later crashes because the GPO object in SSSD has not been fully initialized.

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.12.5

resolution: => fixed
status: new => closed

Metadata Update from @lslebodn:
- Issue set to the milestone: SSSD 1.12.5

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3670

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata