Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 234538 - dev-libs/libhome-0.10.1 segmentation fault on amd64 ONLY on hardened profile
Summary: dev-libs/libhome-0.10.1 segmentation fault on amd64 ONLY on hardened profile
Status: RESOLVED TEST-REQUEST
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Library (show other bugs)
Hardware: AMD64 Linux
: Low major (vote)
Assignee: Apache Team - Bugzilla Reports
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-08-12 10:56 UTC by hexa
Modified: 2009-07-08 11:18 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
Added strace output if it helps. (strace,18.92 KB, text/plain)
2008-11-19 13:09 UTC, hexa
Details

Note You need to log in before you can comment on or make changes to this bug.
Description hexa 2008-08-12 10:56:52 UTC
home_finger and apache crash when using libhome.

home_finger: >>>>>>
ibm2 log # home_finger -t mod_vhs hosting.xxx.si
Segmentation fault
ibm2 log # home_finger -t mod_vhs nonexistent.xxx.si
not found
Segmentation fault

apache: >>>>>>
[Tue Aug 12 12:49:06 2008] [notice] Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8g PHP/5.2.6-pl2-gentoo with Suhosin-Patch mod_vhs/1.0.32 configured -- resuming normal operations
[Tue Aug 12 12:49:11 2008] [notice] child pid 31901 exit signal Segmentation fault (11)
[Tue Aug 12 12:49:13 2008] [notice] child pid 31930 exit signal Segmentation fault (11)
[Tue Aug 12 12:49:14 2008] [notice] child pid 31960 exit signal Segmentation fault (11)
[Tue Aug 12 12:49:15 2008] [notice] child pid 31988 exit signal Segmentation fault (11)



Reproducible: Always

Steps to Reproduce:
1. Emerge mod_vhs or just libhome
2. Create database, populate table vhost, create and configure /etc/home.conf
3. Try home_finger and it will crash. If you add it to apache, then apache child's will crash

Actual Results:  
home_finger or apache child's segfaulted.

Expected Results:  
Get the user/hosting info from MySql.

I really don't know why it crashes.
Here is some info i have in home.conf for now:

ibm2 apache2 # cat /etc/home.conf 
mode mysql
myhosts 10.30.1.19
myuser vhosts
mypasswd xxxx
mydatabase system

[mod_vhs]
log.stderr y
where ServerName
user ServerName
home DocumentRoot
uid "80"
gid "80"
gecos PointTo
passwd SetEnv
shell owner
quota "1000"
table vhost
class ServerAdmin
Comment 1 hexa 2008-08-12 11:00:44 UTC
ibm2 etc # emerge --info
Portage 2.1.4.4 (hardened/linux/amd64/2008.0, gcc-3.4.6, glibc-2.6.1-r0, 2.6.23-hardened-r12ISG x86_64)
=================================================================
System uname: 2.6.23-hardened-r12ISG x86_64 Intel(R) Xeon(R) CPU E5320 @ 1.86GHz
Timestamp of tree: Thu, 31 Jul 2008 09:04:01 +0000
app-shells/bash:     3.2_p33
dev-lang/python:     2.4.4-r9
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 2.0.0
sys-apps/openrc:     0.2.5
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.61-r2
sys-devel/automake:  1.10.1
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.26
virtual/os-headers:  2.6.23-r3
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks metadata-transfer sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://mirror.ovh.net/gentoo-distfiles/ ftp://mirror.ovh.net/gentoo-distfiles/ ftp://ftp.tu-clausthal.de/pub/linux/gentoo/ ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ http://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp.gentoo.mesh-solutions.com/gentoo/ ftp://pandemonium.tiscali.de/pub/gentoo/ http://gentoo.mneisen.org/ http://de-mirror.org/distro/gentoo/ ftp://de-mirror.org/distro/gentoo/ "
LDFLAGS="-Wl,-O1"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="acl amd64 berkdb bzip2 cli cracklib crypt cups dri fam gdbm gpm hardened hpn iconv isdnlog justify midi mmx mudflap multilib ncurses nls nptl nptlonly pam pcre perl pic pppd python readline reflection session spl sse sse2 ssl sysfs tcpd threads unicode urandom xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="alias auth_basic auth_digest authn_alias authn_anon authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache filter deflate dir expires file_cache env headers include info log_config logio mime mime_magic negotiation rewrite setenvif status unique_id userdir vhost_alias" APACHE2_MPMS="worker" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="fbdev glint i810 mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Comment 2 hexa 2008-11-10 12:22:27 UTC
I've just updated everything (ran emerge -uve world a couple of times and updated my config files)
But still I have the same error.

home_finger -t mod_vhs hosting.X.X
Segmentation fault

ibm2 etc # home_finger -t mod_vhs hosting.nonexistent.si
not found
Segmentation fault


ibm2 etc # emerge --info
Portage 2.1.4.5 (hardened/linux/amd64/2008.0, gcc-3.4.6, glibc-2.6.1-r0, 2.6.25-hardened-r9ISG x86_64)
=================================================================
System uname: 2.6.25-hardened-r9ISG x86_64 Intel(R) Xeon(R) CPU E5320 @ 1.86GHz
Timestamp of tree: Mon, 10 Nov 2008 09:31:01 +0000
app-shells/bash:     3.2_p33
dev-lang/python:     2.4.4-r9, 2.5.2-r7
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 2.0.0
sys-apps/openrc:     0.3.0-r1
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.61-r2
sys-devel/automake:  1.10.1-r1
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.26
virtual/os-headers:  2.6.23-r3
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks metadata-transfer sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://mirror.ovh.net/gentoo-distfiles/ ftp://mirror.ovh.net/gentoo-distfiles/ ftp://ftp.tu-clausthal.de/pub/linux/gentoo/ ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ http://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp.gentoo.mesh-solutions.com/gentoo/ ftp://pandemonium.tiscali.de/pub/gentoo/ http://gentoo.mneisen.org/ http://de-mirror.org/distro/gentoo/ ftp://de-mirror.org/distro/gentoo/ "
LDFLAGS="-Wl,-O1"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="acl amd64 berkdb bzip2 cli cracklib crypt cups dri fam gdbm gpm hardened hpn iconv isdnlog justify midi mmx mudflap multilib ncurses nls nptl nptlonly pam pcre perl pic pppd python readline reflection session spl sse sse2 ssl sysfs tcpd threads unicode urandom xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="alias auth_basic auth_digest authn_alias authn_anon authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache filter deflate dir expires file_cache env headers include info log_config logio mime mime_magic negotiation rewrite setenvif status unique_id userdir vhost_alias" APACHE2_MPMS="worker" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="fbdev glint i810 intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Comment 3 hexa 2008-11-10 12:26:16 UTC
I don't know if this helps, it tells me nothing, but here it goes:

--
ibm2 etc # gdb home_finger
GNU gdb 6.7.1
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".
(gdb) run -t mod_vhs hosting.XX.XX
Starting program: /usr/bin/home_finger -t mod_vhs hosting.XX.XX
(no debugging symbols found)
(no debugging symbols found)

Program received signal SIGSEGV, Segmentation fault.
0x000070cf62be9d20 in ?? ()
(gdb) 
--
Comment 4 hexa 2008-11-13 11:09:52 UTC
I have disabled PAX and grsecurity just in case that's the problem, but even without that support in kernel i still get segfaults:

home_finger[5173]: segfault at 7f0f ip 7f0f5dc9dfe6 sp 7fff660c4240 error 4 in libhome.so.1.0.0[7f0f5dc9a000+b000]
home_finger[5177]: segfault at 7f1c ip 7f1c80d1ad20 sp 7fff8913f370 error 4 in libhome.so.1.0.0[7f1c80d15000+b000]
Comment 5 hexa 2008-11-13 11:35:46 UTC
This is dmesg with pax and gresecurity:

id/egid:0/0, parent /bin/bash[bash:5087] uid/euid:0/0 gid/egid:0/0
home_finger[24847]: segfault at a10 ip 65407c20dd20 sp 7fff5ea1a350 error 4 in libhome.so.1.0.0[65407c208000+b000]
grsec: From 10.30.1.8: signal 11 sent to /usr/bin/home_finger[home_finger:24847] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:5087] uid/euid:0/0 gid/egid:0/0
grsec: From 10.30.1.8: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/home_finger[home_finger:24847] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:5087] uid/euid:0/0 gid/egid:0/0
Comment 6 hexa 2008-11-19 13:09:56 UTC
Created attachment 172362 [details]
Added strace output if it helps.

Included strace output.
Comment 7 hexa 2008-12-03 13:33:15 UTC
I was left alone to figure this one out and can now say I found a workaround. For everyone else outthere who got stuck with this, the solution is to use NON HARDENED profile. I'm using /usr/portage/profiles/default/linux/amd64/2008.0/server now and it doesn't segfault anymore. I'm still using hardened kernel thou.
The transition from non hardened profile wasn't all that easy but it can be done on a live system.

Here is step by step tutorial in case anyone needs it:
emerge --oneshot binutils gcc
gcc-config x86_64-pc-linux-gnu-4.1.2
source /etc/profile
emerge virtual/libc
etc-update
emerge world -eupv
Change/check use flags
emerge world -euva
Comment 8 Benedikt Böhm (RETIRED) gentoo-dev 2009-07-05 19:25:39 UTC
please test if 0.10.2 fixes the problem
Comment 9 Rene Kanzler 2009-07-08 10:00:53 UTC
The problem still exists in version 0.10.2. The "Segmentation fault error" accrues only in conjunction with the use of PAM. I don't know exactly why.

A possible workaround:

# echo "dev-libs/libhome -pam" >> /etc/portage/package.use
# emerge -av =dev-libs/libhome-0.10.2
Comment 10 hexa 2009-07-08 11:18:48 UTC
Nice to see some progress on fixing this bug. :-)