I've tracked it down! Patch attached. There's a call-back from pam_open_session to sudo_conv, and sudo_conv calls strncmp on a null pointer. If the user's not using something that pam_mount needs a password for, then there's no call, and so no crash.
Problem is, that solving this bug reveals another couple of issues, because using sudo -u to a user affected by pam_mount requires a password for the session. 1) This would allow pam_mount to mount something, but the session isn't handled fully in sudo - it's opened then immediatly closed. This probably means that there's no benefit to the program being run of getting that password in the first place, haven't confirmed this though. 2) It also means that every init/cron script that uses sudo -u to that user will ask for a password. This may not be useful! David. ** Attachment added: "1 line patch for sudo NULL reference checking" http://launchpadlibrarian.net/21261955/sudo.patch -- apt: segmentation fault [ubuntu 8.04] https://bugs.launchpad.net/bugs/234727 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
