Learn more about these different git repos.
Other Git URLs
Platform: Ubuntu Xenial (16.04) Certmonger version: 0.78.6
Scenario:
ipa-getcert resubmit -w -v -f /path/to/file.crt -D servername.domain.tld -D othername.domain.tld -C 'systemctl reload nginx'
ipa-getcert exits with code 1, with this in stdout:
Please verify that the certmonger service is still running. Error org.freedesktop.DBus.Error.NoReply: Message recipient disconnected from message bus without replying
certmonger log contains:
Nov 06 14:20:49 servername certmonger[753]: *** buffer overflow detected ***: /usr/sbin/certmonger terminated Nov 06 14:20:50 servername certmonger[753]: ======= Backtrace: ========= Nov 06 14:20:50 servername certmonger[753]: /lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f0f1d9927e5] Nov 06 14:20:50 servername certmonger[753]: /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x5c)[0x7f0f1da3415c] Nov 06 14:20:50 servername certmonger[753]: /lib/x86_64-linux-gnu/libc.so.6(+0x117160)[0x7f0f1da32160] Nov 06 14:20:50 servername certmonger[753]: /lib/x86_64-linux-gnu/libc.so.6(+0x1190a7)[0x7f0f1da340a7] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0x10b65)[0x55fccb7aeb65] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0x10d4c)[0x55fccb7aed4c] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0xfae6)[0x55fccb7adae6] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0xfde0)[0x55fccb7adde0] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0x35c7c)[0x55fccb7d3c7c] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0x38438)[0x55fccb7d6438] Nov 06 14:20:50 servername certmonger[753]: /lib/x86_64-linux-gnu/libdbus-1.so.3(dbus_connection_dispatch+0x375)[0x7f0f1f40fd35] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0x281c8)[0x55fccb7c61c8] Nov 06 14:20:50 servername certmonger[753]: /lib/x86_64-linux-gnu/libdbus-1.so.3(+0x1112e)[0x7f0f1f40e12e] Nov 06 14:20:50 servername certmonger[753]: /lib/x86_64-linux-gnu/libdbus-1.so.3(+0x11266)[0x7f0f1f40e266] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0x28ee9)[0x55fccb7c6ee9] Nov 06 14:20:50 servername certmonger[753]: /usr/lib/x86_64-linux-gnu/libtevent.so.0(+0x9613)[0x7f0f1f1f7613] Nov 06 14:20:50 servername certmonger[753]: /usr/lib/x86_64-linux-gnu/libtevent.so.0(+0x7b57)[0x7f0f1f1f5b57] Nov 06 14:20:50 servername certmonger[753]: /usr/lib/x86_64-linux-gnu/libtevent.so.0(_tevent_loop_once+0x8d)[0x7f0f1f1f1d3d] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0xd3fd)[0x55fccb7ab3fd] Nov 06 14:20:50 servername certmonger[753]: /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7f0f1d93b830] Nov 06 14:20:50 servername certmonger[753]: /usr/sbin/certmonger(+0xda89)[0x55fccb7aba89] Nov 06 14:20:50 servername certmonger[753]: ======= Memory map: ======== Nov 06 14:20:50 servername certmonger[753]: 55fccb79e000-55fccb811000 r-xp 00000000 08:01 1717670 /usr/sbin/certmonger Nov 06 14:20:50 servername certmonger[753]: 55fccba11000-55fccba14000 r--p 00073000 08:01 1717670 /usr/sbin/certmonger Nov 06 14:20:50 servername certmonger[753]: 55fccba14000-55fccba15000 rw-p 00076000 08:01 1717670 /usr/sbin/certmonger Nov 06 14:20:50 servername certmonger[753]: 55fccbd61000-55fccbdc2000 rw-p 00000000 00:00 0 [heap] Nov 06 14:20:50 servername certmonger[753]: 7f0f1b6cd000-7f0f1b6e3000 r-xp 00000000 08:01 1048641 /lib/x86_64-linux-gnu/libgcc_s.so.1 Nov 06 14:20:50 servername certmonger[753]: 7f0f1b6e3000-7f0f1b8e2000 ---p 00016000 08:01 1048641 /lib/x86_64-linux-gnu/libgcc_s.so.1 Nov 06 14:20:50 servername certmonger[753]: 7f0f1b8e2000-7f0f1b8e3000 rw-p 00015000 08:01 1048641 /lib/x86_64-linux-gnu/libgcc_s.so.1 Nov 06 14:20:50 servername certmonger[753]: 7f0f1b8e3000-7f0f1b8f5000 r-xp 00000000 08:01 1048645 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1b8f5000-7f0f1baf5000 ---p 00012000 08:01 1048645 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1baf5000-7f0f1baf6000 r--p 00012000 08:01 1048645 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1baf6000-7f0f1baf7000 rw-p 00013000 08:01 1048645 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1baf7000-7f0f1bb65000 r-xp 00000000 08:01 1048672 /lib/x86_64-linux-gnu/libpcre.so.3.13.2 Nov 06 14:20:50 servername certmonger[753]: 7f0f1bb65000-7f0f1bd65000 ---p 0006e000 08:01 1048672 /lib/x86_64-linux-gnu/libpcre.so.3.13.2 Nov 06 14:20:50 servername certmonger[753]: 7f0f1bd65000-7f0f1bd66000 r--p 0006e000 08:01 1048672 /lib/x86_64-linux-gnu/libpcre.so.3.13.2 Nov 06 14:20:50 servername certmonger[753]: 7f0f1bd66000-7f0f1bd67000 rw-p 0006f000 08:01 1048672 /lib/x86_64-linux-gnu/libpcre.so.3.13.2 Nov 06 14:20:50 servername certmonger[753]: 7f0f1bd67000-7f0f1be3f000 r-xp 00000000 08:01 1048589 /lib/x86_64-linux-gnu/libgcrypt.so.20.0.5 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1be3f000-7f0f1c03e000 ---p 000d8000 08:01 1048589 /lib/x86_64-linux-gnu/libgcrypt.so.20.0.5 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1c03e000-7f0f1c03f000 r--p 000d7000 08:01 1048589 /lib/x86_64-linux-gnu/libgcrypt.so.20.0.5 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1c03f000-7f0f1c047000 rw-p 000d8000 08:01 1048589 /lib/x86_64-linux-gnu/libgcrypt.so.20.0.5 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1c047000-7f0f1c048000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c048000-7f0f1c069000 r-xp 00000000 08:01 1048649 /lib/x86_64-linux-gnu/liblzma.so.5.0.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c069000-7f0f1c268000 ---p 00021000 08:01 1048649 /lib/x86_64-linux-gnu/liblzma.so.5.0.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c268000-7f0f1c269000 r--p 00020000 08:01 1048649 /lib/x86_64-linux-gnu/liblzma.so.5.0.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c269000-7f0f1c26a000 rw-p 00021000 08:01 1048649 /lib/x86_64-linux-gnu/liblzma.so.5.0.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c26a000-7f0f1c289000 r-xp 00000000 08:01 1048680 /lib/x86_64-linux-gnu/libselinux.so.1 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c289000-7f0f1c488000 ---p 0001f000 08:01 1048680 /lib/x86_64-linux-gnu/libselinux.so.1 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c488000-7f0f1c489000 r--p 0001e000 08:01 1048680 /lib/x86_64-linux-gnu/libselinux.so.1 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c489000-7f0f1c48a000 rw-p 0001f000 08:01 1048680 /lib/x86_64-linux-gnu/libselinux.so.1 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c48a000-7f0f1c48c000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c48c000-7f0f1c4a3000 r-xp 00000000 08:01 1048754 /lib/x86_64-linux-gnu/libresolv-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1c4a3000-7f0f1c6a3000 ---p 00017000 08:01 1048754 /lib/x86_64-linux-gnu/libresolv-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1c6a3000-7f0f1c6a4000 r--p 00017000 08:01 1048754 /lib/x86_64-linux-gnu/libresolv-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1c6a4000-7f0f1c6a5000 rw-p 00018000 08:01 1048754 /lib/x86_64-linux-gnu/libresolv-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1c6a5000-7f0f1c6a7000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c6a7000-7f0f1c6aa000 r-xp 00000000 08:01 1048792 /lib/x86_64-linux-gnu/libkeyutils.so.1.5 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c6aa000-7f0f1c8a9000 ---p 00003000 08:01 1048792 /lib/x86_64-linux-gnu/libkeyutils.so.1.5 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c8a9000-7f0f1c8aa000 r--p 00002000 08:01 1048792 /lib/x86_64-linux-gnu/libkeyutils.so.1.5 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c8aa000-7f0f1c8ab000 rw-p 00003000 08:01 1048792 /lib/x86_64-linux-gnu/libkeyutils.so.1.5 Nov 06 14:20:50 servername certmonger[753]: 7f0f1c8ab000-7f0f1c8b5000 r-xp 00000000 08:01 1707622 /usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1c8b5000-7f0f1cab4000 ---p 0000a000 08:01 1707622 /usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1cab4000-7f0f1cab5000 r--p 00009000 08:01 1707622 /usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1cab5000-7f0f1cab6000 rw-p 0000a000 08:01 1707622 /usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1cab6000-7f0f1cab9000 r-xp 00000000 08:01 1048627 /lib/x86_64-linux-gnu/libcom_err.so.2.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1cab9000-7f0f1ccb8000 ---p 00003000 08:01 1048627 /lib/x86_64-linux-gnu/libcom_err.so.2.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ccb8000-7f0f1ccb9000 r--p 00002000 08:01 1048627 /lib/x86_64-linux-gnu/libcom_err.so.2.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ccb9000-7f0f1ccba000 rw-p 00003000 08:01 1048627 /lib/x86_64-linux-gnu/libcom_err.so.2.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ccba000-7f0f1cce6000 r-xp 00000000 08:01 1707624 /usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1cce6000-7f0f1cee5000 ---p 0002c000 08:01 1707624 /usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1cee5000-7f0f1cee7000 r--p 0002b000 08:01 1707624 /usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1cee7000-7f0f1cee8000 rw-p 0002d000 08:01 1707624 /usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1cee8000-7f0f1cee9000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1cee9000-7f0f1cef0000 r-xp 00000000 08:01 1048773 /lib/x86_64-linux-gnu/librt-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1cef0000-7f0f1d0ef000 ---p 00007000 08:01 1048773 /lib/x86_64-linux-gnu/librt-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d0ef000-7f0f1d0f0000 r--p 00006000 08:01 1048773 /lib/x86_64-linux-gnu/librt-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d0f0000-7f0f1d0f1000 rw-p 00007000 08:01 1048773 /lib/x86_64-linux-gnu/librt-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d0f1000-7f0f1d0f4000 r-xp 00000000 08:01 1717140 /usr/lib/x86_64-linux-gnu/libplds4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d0f4000-7f0f1d2f3000 ---p 00003000 08:01 1717140 /usr/lib/x86_64-linux-gnu/libplds4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d2f3000-7f0f1d2f4000 r--p 00002000 08:01 1717140 /usr/lib/x86_64-linux-gnu/libplds4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d2f4000-7f0f1d2f5000 rw-p 00003000 08:01 1717140 /usr/lib/x86_64-linux-gnu/libplds4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d2f5000-7f0f1d2f9000 r-xp 00000000 08:01 1717138 /usr/lib/x86_64-linux-gnu/libplc4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d2f9000-7f0f1d4f8000 ---p 00004000 08:01 1717138 /usr/lib/x86_64-linux-gnu/libplc4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d4f8000-7f0f1d4f9000 r--p 00003000 08:01 1717138 /usr/lib/x86_64-linux-gnu/libplc4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d4f9000-7f0f1d4fa000 rw-p 00004000 08:01 1717138 /usr/lib/x86_64-linux-gnu/libplc4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d4fa000-7f0f1d512000 r-xp 00000000 08:01 1048748 /lib/x86_64-linux-gnu/libpthread-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d512000-7f0f1d711000 ---p 00018000 08:01 1048748 /lib/x86_64-linux-gnu/libpthread-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d711000-7f0f1d712000 r--p 00017000 08:01 1048748 /lib/x86_64-linux-gnu/libpthread-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d712000-7f0f1d713000 rw-p 00018000 08:01 1048748 /lib/x86_64-linux-gnu/libpthread-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d713000-7f0f1d717000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1d717000-7f0f1d71a000 r-xp 00000000 08:01 1048752 /lib/x86_64-linux-gnu/libdl-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d71a000-7f0f1d919000 ---p 00003000 08:01 1048752 /lib/x86_64-linux-gnu/libdl-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d919000-7f0f1d91a000 r--p 00002000 08:01 1048752 /lib/x86_64-linux-gnu/libdl-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d91a000-7f0f1d91b000 rw-p 00003000 08:01 1048752 /lib/x86_64-linux-gnu/libdl-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1d91b000-7f0f1dadb000 r-xp 00000000 08:01 1048750 /lib/x86_64-linux-gnu/libc-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1dadb000-7f0f1dcdb000 ---p 001c0000 08:01 1048750 /lib/x86_64-linux-gnu/libc-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1dcdb000-7f0f1dcdf000 r--p 001c0000 08:01 1048750 /lib/x86_64-linux-gnu/libc-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1dcdf000-7f0f1dce1000 rw-p 001c4000 08:01 1048750 /lib/x86_64-linux-gnu/libc-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1dce1000-7f0f1dce5000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1dce5000-7f0f1dcf0000 r-xp 00000000 08:01 1048849 /lib/x86_64-linux-gnu/libpopt.so.0.0.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1dcf0000-7f0f1deef000 ---p 0000b000 08:01 1048849 /lib/x86_64-linux-gnu/libpopt.so.0.0.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1deef000-7f0f1def0000 r--p 0000a000 08:01 1048849 /lib/x86_64-linux-gnu/libpopt.so.0.0.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1def0000-7f0f1def1000 rw-p 0000b000 08:01 1048849 /lib/x86_64-linux-gnu/libpopt.so.0.0.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1def1000-7f0f1def5000 r-xp 00000000 08:01 1048582 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1def5000-7f0f1e0f4000 ---p 00004000 08:01 1048582 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1e0f4000-7f0f1e0f5000 r--p 00003000 08:01 1048582 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1e0f5000-7f0f1e0f6000 rw-p 00004000 08:01 1048582 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1e0f6000-7f0f1e127000 r-xp 00000000 08:01 1707456 /usr/lib/x86_64-linux-gnu/libidn.so.11.6.15 Nov 06 14:20:50 servername certmonger[753]: 7f0f1e127000-7f0f1e327000 ---p 00031000 08:01 1707456 /usr/lib/x86_64-linux-gnu/libidn.so.11.6.15 Nov 06 14:20:50 servername certmonger[753]: 7f0f1e327000-7f0f1e328000 r--p 00031000 08:01 1707456 /usr/lib/x86_64-linux-gnu/libidn.so.11.6.15 Nov 06 14:20:50 servername certmonger[753]: 7f0f1e328000-7f0f1e329000 rw-p 00032000 08:01 1707456 /usr/lib/x86_64-linux-gnu/libidn.so.11.6.15 Nov 06 14:20:50 servername certmonger[753]: 7f0f1e329000-7f0f1e3ec000 r-xp 00000000 08:01 1707630 /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1e3ec000-7f0f1e5ec000 ---p 000c3000 08:01 1707630 /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1e5ec000-7f0f1e5f9000 r--p 000c3000 08:01 1707630 /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1e5f9000-7f0f1e5fb000 rw-p 000d0000 08:01 1707630 /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1e5fb000-7f0f1e635000 r-xp 00000000 08:01 1717136 /usr/lib/x86_64-linux-gnu/libnspr4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1e635000-7f0f1e835000 ---p 0003a000 08:01 1717136 /usr/lib/x86_64-linux-gnu/libnspr4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1e835000-7f0f1e836000 r--p 0003a000 08:01 1717136 /usr/lib/x86_64-linux-gnu/libnspr4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1e836000-7f0f1e837000 rw-p 0003b000 08:01 1717136 /usr/lib/x86_64-linux-gnu/libnspr4.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1e837000-7f0f1e83a000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1e83a000-7f0f1e862000 r-xp 00000000 08:01 1717146 /usr/lib/x86_64-linux-gnu/libsmime3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1e862000-7f0f1ea62000 ---p 00028000 08:01 1717146 /usr/lib/x86_64-linux-gnu/libsmime3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ea62000-7f0f1ea65000 r--p 00028000 08:01 1717146 /usr/lib/x86_64-linux-gnu/libsmime3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ea65000-7f0f1ea66000 rw-p 0002b000 08:01 1717146 /usr/lib/x86_64-linux-gnu/libsmime3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ea66000-7f0f1ea8c000 r-xp 00000000 08:01 1717148 /usr/lib/x86_64-linux-gnu/libnssutil3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ea8c000-7f0f1ec8b000 ---p 00026000 08:01 1717148 /usr/lib/x86_64-linux-gnu/libnssutil3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ec8b000-7f0f1ec92000 r--p 00025000 08:01 1717148 /usr/lib/x86_64-linux-gnu/libnssutil3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ec92000-7f0f1ec93000 rw-p 0002c000 08:01 1717148 /usr/lib/x86_64-linux-gnu/libnssutil3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1ec93000-7f0f1edd2000 r-xp 00000000 08:01 1717172 /usr/lib/x86_64-linux-gnu/libnss3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1edd2000-7f0f1efd2000 ---p 0013f000 08:01 1717172 /usr/lib/x86_64-linux-gnu/libnss3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1efd2000-7f0f1efd7000 r--p 0013f000 08:01 1717172 /usr/lib/x86_64-linux-gnu/libnss3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1efd7000-7f0f1efd9000 rw-p 00144000 08:01 1717172 /usr/lib/x86_64-linux-gnu/libnss3.so (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1efd9000-7f0f1efda000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1efda000-7f0f1efed000 r-xp 00000000 08:01 1712637 /usr/lib/x86_64-linux-gnu/libtalloc.so.2.1.5 Nov 06 14:20:50 servername certmonger[753]: 7f0f1efed000-7f0f1f1ec000 ---p 00013000 08:01 1712637 /usr/lib/x86_64-linux-gnu/libtalloc.so.2.1.5 Nov 06 14:20:50 servername certmonger[753]: 7f0f1f1ec000-7f0f1f1ed000 r--p 00012000 08:01 1712637 /usr/lib/x86_64-linux-gnu/libtalloc.so.2.1.5 Nov 06 14:20:50 servername certmonger[753]: 7f0f1f1ed000-7f0f1f1ee000 rw-p 00013000 08:01 1712637 /usr/lib/x86_64-linux-gnu/libtalloc.so.2.1.5 Nov 06 14:20:50 servername certmonger[753]: 7f0f1f1ee000-7f0f1f1fb000 r-xp 00000000 08:01 1712641 /usr/lib/x86_64-linux-gnu/libtevent.so.0.9.28 Nov 06 14:20:50 servername certmonger[753]: 7f0f1f1fb000-7f0f1f3fb000 ---p 0000d000 08:01 1712641 /usr/lib/x86_64-linux-gnu/libtevent.so.0.9.28 Nov 06 14:20:50 servername certmonger[753]: 7f0f1f3fb000-7f0f1f3fc000 r--p 0000d000 08:01 1712641 /usr/lib/x86_64-linux-gnu/libtevent.so.0.9.28 Nov 06 14:20:50 servername certmonger[753]: 7f0f1f3fc000-7f0f1f3fd000 rw-p 0000e000 08:01 1712641 /usr/lib/x86_64-linux-gnu/libtevent.so.0.9.28 Nov 06 14:20:50 servername certmonger[753]: 7f0f1f3fd000-7f0f1f447000 r-xp 00000000 08:01 1048896 /lib/x86_64-linux-gnu/libdbus-1.so.3.14.6 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1f447000-7f0f1f647000 ---p 0004a000 08:01 1048896 /lib/x86_64-linux-gnu/libdbus-1.so.3.14.6 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1f647000-7f0f1f648000 r--p 0004a000 08:01 1048896 /lib/x86_64-linux-gnu/libdbus-1.so.3.14.6 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1f648000-7f0f1f649000 rw-p 0004b000 08:01 1048896 /lib/x86_64-linux-gnu/libdbus-1.so.3.14.6 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1f649000-7f0f1f863000 r-xp 00000000 08:01 1049338 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1f863000-7f0f1fa62000 ---p 0021a000 08:01 1049338 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1fa62000-7f0f1fa7e000 r--p 00219000 08:01 1049338 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1fa7e000-7f0f1fa8a000 rw-p 00235000 08:01 1049338 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1fa8a000-7f0f1fa8d000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1fa8d000-7f0f1fab3000 r-xp 00000000 08:01 1048746 /lib/x86_64-linux-gnu/ld-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1fc15000-7f0f1fc1f000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1fc1f000-7f0f1fc9f000 r-xp 00000000 08:01 1049186 /lib/x86_64-linux-gnu/libsystemd.so.0.14.0(deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1fc9f000-7f0f1fca2000 r--p 0007f000 08:01 1049186 /lib/x86_64-linux-gnu/libsystemd.so.0.14.0(deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1fca2000-7f0f1fca3000 rw-p 00082000 08:01 1049186 /lib/x86_64-linux-gnu/libsystemd.so.0.14.0(deleted) Nov 06 14:20:50 servername certmonger[753]: 7f0f1fca3000-7f0f1fcaa000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1fcb1000-7f0f1fcb2000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7f0f1fcb2000-7f0f1fcb3000 r--p 00025000 08:01 1048746 /lib/x86_64-linux-gnu/ld-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1fcb3000-7f0f1fcb4000 rw-p 00026000 08:01 1048746 /lib/x86_64-linux-gnu/ld-2.23.so Nov 06 14:20:50 servername certmonger[753]: 7f0f1fcb4000-7f0f1fcb5000 rw-p 00000000 00:00 0 Nov 06 14:20:50 servername certmonger[753]: 7fff6eca3000-7fff6ecc4000 rw-p 00000000 00:00 0 [stack] Nov 06 14:20:50 servername certmonger[753]: 7fff6ed53000-7fff6ed56000 r--p 00000000 00:00 0 [vvar] Nov 06 14:20:50 servername certmonger[753]: 7fff6ed56000-7fff6ed58000 r-xp 00000000 00:00 0 [vdso] Nov 06 14:20:50 servername certmonger[753]: ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Nov 06 14:20:50 servername systemd[1]: certmonger.service: Main process exited, code=killed, status=6/ABRT Nov 06 14:20:50 servername systemd[1]: certmonger.service: Unit entered failed state. Nov 06 14:20:50 servername systemd[1]: certmonger.service: Failed with result 'signal'.
I can't reproduce this with certmonger-0.79.7-1.fc29.1.x86_64
A number of issues discovered by clang were fixed in between which could be mitigating this. Is there a way you can re-test with a newer version of certmonger? Or see if it is dropping core to get a backtrace to tell more precisely where it is failing?
dbg bt output for another repro of apparently same issue:
#0 0x00007fdb4078b428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54 #1 0x00007fdb4078d02a in __GI_abort () at abort.c:89 #2 0x00007fdb407cd7ea in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7fdb408e549f "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:175 #3 0x00007fdb4086f15c in __GI___fortify_fail (msg=<optimized out>, msg@entry=0x7fdb408e5430 "buffer overflow detected") at fortify_fail.c:37 #4 0x00007fdb4086d160 in __GI___chk_fail () at chk_fail.c:28 #5 0x00007fdb4086f0a7 in __fdelt_chk (d=d@entry=2155) at fdelt_chk.c:25 #6 0x0000555780d5ab65 in cm_waitfor_readable_fd (fd=2155, delay=delay@entry=-1) at ../../src/iterate.c:292 #7 0x0000555780d5ad4c in cm_iterate_entry_init (entry=0x555781ae8f90, cm_iterate_state=0x555781af7c00) at ../../src/iterate.c:454 #8 0x0000555780d59ae6 in cm_start_entry (context=context@entry=0x555781ae8b70, nickname=nickname@entry=0x555781aea3d0 "20180205213356") at ../../src/cm.c:866 #9 0x0000555780d59de0 in cm_restart_entry (context=context@entry=0x555781ae8b70, nickname=0x555781aea3d0 "20180205213356") at ../../src/cm.c:941 #10 0x0000555780d7fc7c in request_modify (conn=0x555781b04820, msg=0x555781b079e0, ci=0x7ffe27833ed0, ctx=0x555781ae8b70) at ../../src/tdbush.c:3453 #11 0x0000555780d82438 in cm_tdbush_handle_method_return (conn=0x555781b04820, msg=0x555781b06450, bus=<optimized out>, ctx=0x555781ae8b70) at ../../src/tdbush.c:7927 #12 0x00007fdb4224ad35 in dbus_connection_dispatch (connection=connection@entry=0x555781b04820) at ../../dbus/dbus-connection.c:4680 #13 0x0000555780d721c8 in cm_tdbus_dispatch_status (conn=0x555781b04820, new_status=DBUS_DISPATCH_DATA_REMAINS, data=<optimized out>) at ../../src/tdbus.c:84 #14 0x00007fdb4224912e in dbus_connection_unref (connection=0x2e6) at ../../dbus/dbus-connection.c:2841 #15 0x0000555781b04820 in ?? () #16 0x0000000000000001 in ?? () #17 0x0000000000000001 in ?? () #18 0x00007ffe27834040 in ?? () #19 0x0000555781ae88a0 in ?? () #20 0x00007fdb42249266 in _dbus_connection_handle_watch (watch=0x2e6, condition=742, data=0x6) at ../../dbus/dbus-connection.c:1489 #21 0x0000000000000009 in ?? () #22 0x0000555780d72ee9 in cm_tdbus_handle_fd (ec=0x555781b03fe0, tfd=0x555781b07d70, tflags=<optimized out>, pvt=0x555781b07cf0) at ../../src/tdbus.c:206 #23 0x00007fdb42032613 in epoll_event_loop (tvalp=0x7ffe278340c0, epoll_ev=0x555781ae8ae0) at ../tevent_epoll.c:728 #24 epoll_event_loop_once (ev=<optimized out>, location=<optimized out>) at ../tevent_epoll.c:926 #25 0x00007fdb42030b57 in std_event_loop_once (ev=0x555781ae88a0, location=0x555780da1614 "../../src/main.c:413") at ../tevent_standard.c:114 #26 0x00007fdb4202cd3d in _tevent_loop_once (ev=0x555781ae88a0, location=0x555780da1614 "../../src/main.c:413") at ../tevent.c:533 #27 0x0000555780d573fd in main (argc=<optimized out>, argv=<optimized out>) at ../../src/main.c:413
It is blowing up in the fortified source test fdelt_chk at:
if (d < 0 || d >= FD_SETSIZE)
There is a test for d == -1 in certmonger prior to the call so I doubt it is < 0 so it must be > FD_SETSIZE. On Fedora this is 1024.
The fd here is 2155 which explains why it is blowing up.
Can you install strace and provide the output of:
strace -f -s 1024 -o /tmp/strace.out pidof certmonger ipa-getcert resubmit ...
pidof certmonger
That may show me where this large fd is coming from.
Unfortunately, I seem to have exhausted my ability to reproduce this. I've tried grabbing straces from several machines when resubmitting, but the resubmit is succeeding without any crashing. The several machine I was able to reproduce on earlier were notable that their certmonger process had been running for over a year without a restart, but I don't have any others which look like that.
I'm investigating separately an apparent fd leak in certmonger. I suppose that could drive the number up over a period of time past the allowed per-process. Restarting certmonger would reset this back to 0 which is why you aren't seeing it on restarts. I'll keep this ticket in mind as I continue investigation.
Login to comment on this ticket.