[prev in list] [next in list] [prev in thread] [next in thread]
List: sudo-users
Subject: Re: [sudo-users] SegFault/BusError on FreeBSD
From: Samuel Denbigh Leslie <samuel.denbigh.leslie () gmail ! com>
Date: 2012-02-01 17:18:08
Message-ID: 4F2973D0.7030908 () gmail ! com
[Download RAW message or body]
Hi Todd,
Thanks for your reply. I've built a lab setup in a VM and have
reproduced the problem using the same version of PBIS and sudo 1.8.4rc1
as requested. Please find attached two debug logs: sudo_debug.local
(sudo from a local account -> works fine) and sudo_debug.ad (sudo from
an AD account -> segfault).
-SDL
On 31/01/2012 3:27 AM, Todd C. Miller wrote:
> On Thu, 26 Jan 2012 19:46:07 +1100, Samuel Denbigh Leslie wrote:
>
>> I recently compiled& installed sudo from ports on a FreeBSD 8.2 x64
>> box; version 1.8.3p1 w/ insults& LDAP support. The box also has
>> BeyondTrust PowerBroker Identity Services (Open Edition) installed for
>> integration with an Active Directory domain. Whenever trying to sudo
>> logged in as an AD user, we either get a Segmentation Fault or a Bus
>> Error (which one seems to be largely random). When logged in as a local
>> user, sudo seems to work absolutely fine.
> That sounds like a problem related to the PAM modules used by
> PowerBroker Identity Services.
>
> Please try ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.8.4rc1.tar.gz and
> see if it has the same problem (I expect it will). If so, add the
> following line to /etc/sudo.conf (creating it if it doesn't already
> exist).
>
> Debug sudo /var/log/sudo_debug auth@trace
>
> The tail end of /var/log/sudo_debug should give me an idea of where
> sudo is dying.
>
> - todd
["sudo_debug.ad" (text/plain)]
Feb 2 04:10:20 sudo -> check_user @ ./check.c:108
Feb 2 04:10:20 sudo -> get_authpw @ ./check.c:748
Feb 2 04:10:20 sudo <- get_authpw @ ./check.c:767 := 0x800a35198
Feb 2 04:10:20 sudo -> sudo_auth_init @ ./auth/sudo_auth.c:108
Feb 2 04:10:20 sudo -> sudo_pam_init @ ./auth/pam.c:87
Feb 2 04:10:20 sudo <- sudo_pam_init @ ./auth/pam.c:123 := 0
Feb 2 04:10:20 sudo <- sudo_auth_init @ ./auth/sudo_auth.c:146 := 1
Feb 2 04:10:20 sudo -> user_is_exempt @ ./check.c:406
Feb 2 04:10:20 sudo <- user_is_exempt @ ./check.c:410 := false
Feb 2 04:10:20 sudo -> build_timestamp @ ./check.c:421
Feb 2 04:10:20 sudo <- build_timestamp @ ./check.c:454 := 18
Feb 2 04:10:20 sudo -> timestamp_status @ ./check.c:471
Feb 2 04:10:20 sudo <- timestamp_status @ ./check.c:656 := 3
Feb 2 04:10:20 sudo -> lecture @ ./check.c:204
Feb 2 04:10:20 sudo <- lecture @ ./check.c:208
Feb 2 04:10:20 sudo -> expand_prompt @ ./check.c:281
Feb 2 04:10:20 sudo <- expand_prompt @ ./check.c:392 := Password:
Feb 2 04:10:20 sudo -> verify_user @ ./auth/sudo_auth.c:186
Feb 2 04:10:20 sudo -> sudo_pam_verify @ ./auth/pam.c:131
Feb 2 04:10:20 sudo -> converse @ ./auth/pam.c:280
Feb 2 04:10:20 sudo -> auth_getpass @ ./auth/sudo_auth.c:347
Feb 2 04:10:23 sudo <- auth_getpass @ ./auth/sudo_auth.c:365 := **********
Feb 2 04:10:23 sudo <- converse @ ./auth/pam.c:345 := 0
Feb 2 04:10:23 sudo <- sudo_pam_verify @ ./auth/pam.c:142 := 0
Feb 2 04:10:23 sudo <- verify_user @ ./auth/sudo_auth.c:285 := 1
Feb 2 04:10:23 sudo -> sudo_auth_cleanup @ ./auth/sudo_auth.c:154
Feb 2 04:10:23 sudo -> sudo_pam_cleanup @ ./auth/pam.c:187
Feb 2 04:10:23 sudo <- sudo_pam_cleanup @ ./auth/pam.c:191 := 0
Feb 2 04:10:23 sudo <- sudo_auth_cleanup @ ./auth/sudo_auth.c:174 := 1
Feb 2 04:10:23 sudo <- check_user @ ./check.c:183 := true
["sudo_debug.local" (text/plain)]
Feb 2 04:11:29 sudo -> check_user @ ./check.c:108
Feb 2 04:11:29 sudo -> get_authpw @ ./check.c:748
Feb 2 04:11:29 sudo <- get_authpw @ ./check.c:767 := 0x800a34198
Feb 2 04:11:29 sudo -> sudo_auth_init @ ./auth/sudo_auth.c:108
Feb 2 04:11:29 sudo -> sudo_pam_init @ ./auth/pam.c:87
Feb 2 04:11:29 sudo <- sudo_pam_init @ ./auth/pam.c:123 := 0
Feb 2 04:11:29 sudo <- sudo_auth_init @ ./auth/sudo_auth.c:146 := 1
Feb 2 04:11:29 sudo -> sudo_auth_cleanup @ ./auth/sudo_auth.c:154
Feb 2 04:11:29 sudo -> sudo_pam_cleanup @ ./auth/pam.c:187
Feb 2 04:11:29 sudo <- sudo_pam_cleanup @ ./auth/pam.c:191 := 0
Feb 2 04:11:29 sudo <- sudo_auth_cleanup @ ./auth/sudo_auth.c:174 := 1
Feb 2 04:11:29 sudo <- check_user @ ./check.c:183 := true
Feb 2 04:11:29 sudo -> sudo_auth_begin_session @ ./auth/sudo_auth.c:293
Feb 2 04:11:29 sudo -> sudo_pam_begin_session @ ./auth/pam.c:202
Feb 2 04:11:29 sudo <- sudo_pam_begin_session @ ./auth/pam.c:242 := 0
Feb 2 04:11:29 sudo <- sudo_auth_begin_session @ ./auth/sudo_auth.c:305 := true
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic