On Thu, Jul 05, 2007 at 03:55:03PM -0700, Russ Allbery wrote:
> Andrew Reid <[EMAIL PROTECTED]> writes:
>
> > I've had a chance to experiment a little more, and it's
> > clear that what is crashing the kadmind is a second or
> > subsequent kpasswd attempt for a given principal a short
> > time after a (successful) first change.
>
> > It's as though there's some time window after a kpasswd
> > invocation on a principal during which additional kpasswd
> > invocations will crash the server's admin daemon. It
> > seems to be independent of the particular principal or
> > client machine.
>
> Apologies for the delay in responding to this bug report.
>
> The next step would be to see if you can get a core dump from kadmind so
> that we can figure out just where it's dying. Unfortunately the syslog
> messages don't help much there. Can you make sure that core dumps are
> enabled and core dump size is unlimited (with ulimit -c unlimited) and
> restart kadmind to try to get a core dump from the next time this happens?
Thanks for the reply.
I got a backtrace. I ran "kadmind -nofork" in a terminal
session (after killing the regular daemon, of course), and triggered
the segfault by the already-described client password-change
mechanism.
The gdb-provided backtrace is:
> #0 0x00002b1052c1c5d0 in strlen () from /lib/libc.so.6
> #1 0x000000000040aa3c in ?? ()
> #2 0x000000000040ab3f in ?? ()
> #3 0x000000000040a783 in ?? ()
> #4 0x00000000004084b2 in ?? ()
> #5 0x0000000000408b5e in ?? ()
> #6 0x0000000000409a7e in ?? ()
> #7 0x00002b1052bc64ca in __libc_start_main () from /lib/libc.so.6
> #8 0x0000000000403dca in ?? ()
> #9 0x00007fff58a4f6c8 in ?? ()
> #10 0x0000000000000000 in ?? ()
I actually did this twice, since it's not possible, using the
syslog, to distinguish between a randomly-located segfault
(due to pointer-mishandling, for instance) and differences due
to relocation or other invocation-dependent differences. I got
the same backtrace both times.
The fact that the segfault was triggered also means that
the bug is still present in the current etch security-fix
package, krb5-admin-server-1.4.4-7etch2, which is now installed
on this server. It was ...-7etch1 which first showed the
bug.
-- A.
--
Dr. Andrew C. E. Reid, Guest Researcher
Center for Theoretical and Computational Materials Science
National Institute of Standards and Technology, Mail Stop 8910
Gaithersburg MD 20899 USA
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
