Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 66919 - pam_krb5 segfaults on logout when used in proftpd
Summary: pam_krb5 segfaults on logout when used in proftpd
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High minor
Assignee: Ryan Phillips (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-10-09 13:56 UTC by Christophe Saout
Modified: 2005-06-30 15:53 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Workaround for pam_krb5 to not segfault when unable to get default realm (like in a chroot environment) (pam_krb5_snap-2003.06.01-realm-empty.patch,550 bytes, patch)
2004-10-09 14:07 UTC, Christophe Saout 		Details | Diff
Workaround for pam_krb5 to not segfault when unable to get default realm (like in a chroot environment) (pam_krb5_snap-2003.06.01-realm-empty.patch,548 bytes, patch)
2004-10-09 14:08 UTC, Christophe Saout 		Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christophe Saout 2004-10-09 13:56:21 UTC 
I spent the evening tracking down this bug.

I am using AuthPAM with proftpd and pam_krb5. proftpd always segfaults after logout, and lastlog then tells the user has gone without logout. Great... :)

Well, the problem is that proftpd does a chroot and then calls PAM_DELETE_CREDS. pam_krb5 tries to get the default krb5 realm and fails (because it can't access its config file due to chroot), the field is uninitialized, points into Nirvana and boom.

I've attached a patch that explicitly sets it to "" (empty string, better than nothing) before getting the default realm so that at it doesn't crash anymore.


Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Christophe Saout 2004-10-09 14:07:08 UTC 
Created attachment 41434 [details, diff]
Workaround for pam_krb5 to not segfault when unable to get default realm (like in a chroot environment)
Comment 2 Christophe Saout 2004-10-09 14:08:24 UTC 
Created attachment 41435 [details, diff]
Workaround for pam_krb5 to not segfault when unable to get default realm (like in a chroot environment)

Sorry, wrong patch... this one is the working one.
Comment 3 Ryan Phillips (RETIRED) gentoo-dev 2005-06-30 15:53:31 UTC 
Committed. Thanks