I have xserver-1.6.3.901 and xdm-1.1.9. When I enter my kerberos password xdm session dies. Please see the bug report at http://bugs.gentoo.org/show_bug.cgi?id=286923 and its attachments with the substring kerberos. In brief, linux-2.6.30.9 kernel with glibc-2.10.1: (gdb) where #0 0xb7c72258 in _IO_vfprintf_internal (s=0x80cbd58, format=0xb7fe4e04 "LOGIN FAILURE ON %s, %s", ap=0xbff938ac "\230\203\006\b\001") at vfprintf.c:1580 #1 0xb7d122e0 in ___vfprintf_chk (fp=0x80cbd58, flag=1, format=0xb7fe4e04 "LOGIN FAILURE ON %s, %s", ap=0xbff938ac "\230\203\006\b\001") at vfprintf_chk.c:35 #2 0xb7cfa9ae in __vsyslog_chk (pri=85, flag=1, fmt=0xb7fe4e04 "LOGIN FAILURE ON %s, %s", ap=0xbff938ac "\230\203\006\b\001") at ../misc/syslog.c:224 #3 0xb7cfadb6 in __syslog_chk (pri=85, flag=1, fmt=0xb7fe4e04 "LOGIN FAILURE ON %s, %s") at ../misc/syslog.c:131 #4 0xb7fe341a in GreetUser (d=0x8068298, dpy=0xbff93bbc, verify=0x8060d48, greet=0x8060d30, dlfuncs=0x80608e0) at /usr/include/bits/syslog.h:32 #5 0x08053b96 in ManageSession (d=0x8068298) at session.c:320 #6 0x080506b0 in StartDisplay (d=0x8068298) at dm.c:762 #7 0x0804fbdc in ForEachDisplay (f=0x805079e <CheckDisplayStatus>) at dpylist.c:54 #8 0x08051267 in main (argc=1, argv=0xbff941a4) at dm.c:630 (gdb) bt full #0 0xb7c72258 in _IO_vfprintf_internal (s=0x80cbd58, format=0xb7fe4e04 "LOGIN FAILURE ON %s, %s", ap=0xbff938ac "\230\203\006\b\001") at vfprintf.c:1580 len = <value optimized out> string_malloced = -1208070541 [cut]
This appears to be a call from the FailedLogin() function in greeter/greet.c to log the failed login: syslog(LOG_AUTHPRIV|LOG_NOTICE, "LOGIN FAILURE ON %s, %s", d->name, greet->name); commit 58021c21c28fdb4949d44aa92e68874155842ccc tried to make sure that greet->name was set to a valid string before calling that routine, but it seems in your case to still be invalid. FailedLogin() itself should probably check for NULL for non-PAM authentication anyway, or for failure of PAM to fill in the string: diff --git a/greeter/greet.c b/greeter/greet.c index 17d21c8..17d67b8 100644 --- a/greeter/greet.c +++ b/greeter/greet.c @@ -415,9 +415,14 @@ static void FailedLogin (struct display *d, struct greet_info *greet) { #ifdef USE_SYSLOG + char *username = greet->name; + + if (username == NULL) + username = "username unavailable"; + syslog(LOG_AUTHPRIV|LOG_NOTICE, "LOGIN FAILURE ON %s, %s", - d->name, greet->name); + d->name, username); #endif DrawFail (login); #ifndef USE_PAM
Created attachment 30509 [details] crash-on-patch1.txt Sorry but that does not help on valid password. I will try wrong password next time as well. ;) Oct 17 22:14:42 vrapenec xdm[13475]: pam_unix(xdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=mmokrejs Oct 17 22:14:44 vrapenec kernel: xdm[13475]: segfault at 1 ip b7bde258 sp bfd2684c error 4 in libc-2.10.1.so[b7b9e000+151000] Login with valid local password results in Oct 17 22:15:24 vrapenec xdm[13538]: pam_unix(xdm:session): session opened for user mmokrejs by mmokrejs(uid=0)
On Sat, Oct 17, 2009 at 12:06:13PM -0700, bugzilla-daemon@freedesktop.org wrote: > + char *username = greet->name; > + > + if (username == NULL) > + username = "username unavailable"; Won't this need to be a const char *, then? Cheers, Daniel
(In reply to comment #2) > Created an attachment (id=30509) [details] > crash-on-patch1.txt > > Sorry but that does not help on valid password. I will try wrong password next > time as well. ;) xdm doesn't call syslog on valid password - if it's crashing in that case, then that's probably not the right stack trace (after all, if your password is valid, why is it syslog'ing "LOGIN FAILURE ON...") or your kerberos/PAM stack is broken. I don't have a kerberos environment set up - if you want to solve this, you'll probably need to find someone who does have kerberos and can debug.
(In reply to comment #3) > On Sat, Oct 17, 2009 at 12:06:13PM -0700, bugzilla-daemon@freedesktop.org > wrote: > > + char *username = greet->name; > > + > > + if (username == NULL) > > + username = "username unavailable"; > > Won't this need to be a const char *, then? Yeah, it should be. I've fixed that and pushed this patch, since even if it doesn't solve this bug, it protects against similar problems.
(In reply to comment #4) > (In reply to comment #2) > > Created an attachment (id=30509) [details] [details] > > crash-on-patch1.txt > > > > Sorry but that does not help on valid password. I will try wrong password next > > time as well. ;) > > xdm doesn't call syslog on valid password - if it's crashing in that case, > then that's probably not the right stack trace (after all, if your password > is valid, why is it syslog'ing "LOGIN FAILURE ON...") or your kerberos/PAM > stack is broken. > > I don't have a kerberos environment set up - if you want to solve this, > you'll probably need to find someone who does have kerberos and can debug. > Remember both passwords are tried (local and kerberos). The order is defined by /etc/pam.d/ files. If the first method fails, the other is tried. Some startup where maybe some return values are listed ... http://www.eyrie.org/~eagle/software/pam-krb5/ Install kerberos locally, it is easy. Just go for http://www.h5l.org/, ./configure, install into /usr/heimdal (default), create a master password for the password database, start kdc, install the pam module.
(In reply to comment #6) > Install kerberos locally, it is easy. Just go for http://www.h5l.org/, Thanks, but the OS I use already has kerberos support built in. I still don't have time to configure a server & client right now, so will leave this for someone else who does to debug.
On my Linux box xdm-1.1.9 crashes on _session exit_ , but with ( almost ) the same call stack so I assume there is some relation ... I could not totally follow the events yet, but it seems that the culprit is the call to `openlog' in the greeter library: The ident-string is a constant stored in the greeter library and the reference is passed to the logger, who stores it for later use. However, the greeter lib is unloaded shortly afterwards and the pointer turns invalid. The next call to a syslog ( after unloading the greeter lib ) then seems only to happen from ManageSession->SessionExit->pam_close_session and I constantly get a segfault with no xdm left. In the glibc manual page for openlog(3) I found: > Please note that the string pointer IDENT will be retained > internally by the Syslog routines. You must not free the memory > that IDENT points to. It is also dangerous to pass a reference to > an automatic variable since leaving the scope would mean ending the > lifetime of the variable. If you want to change the IDENT string, > you must call `openlog' again; overwriting the string pointed to by > IDENT is not thread-safe. > > ... > > !! In particular, if you are writing code for a shared library that > !! might get loaded and then unloaded (e.g. a PAM module), and you > !! use `openlog', you must call `closelog' before any point where > !! your library might get unloaded, as in this example: Indeed all works fine after I moved the call to `openlog' from the greeter lib to the main xdm part. maybe this helps ? horst wente Configuration: - Linux 2.6.27 - xdm 1.1.9 - Linux-PAM 1.1.1 - glibc 2.10.1 - gcc 4.4.2
(In reply to comment #8) > On my Linux box xdm-1.1.9 crashes on _session exit_ , but with ( almost ) the > same call stack so I assume there is some relation ... > > I could not totally follow the events yet, but it seems that the culprit > is the call to `openlog' in the greeter library: > The ident-string is a constant stored in the greeter library and the > reference is passed to the logger, who stores it for later use. > However, the greeter lib is unloaded shortly afterwards and the > pointer turns invalid. > this one should be fixed by: commit ecf015a4e78b96af913c1620d542c8e356f2a3d0 Author: Dmitry V. Levin <ldv@altlinux.org> Date: Mon Jan 11 23:09:47 2010 +0000 Call openlog(3) early
Do you still get this crash with xdm 1.1.10?
No, it seems to be fixed with 1.1.10. It seems I have some PAM issue, though as I cannot login using kerberos password. Just as a note, maybe not always is the to be logged text flushed into the syslog? Below is the log generated for 3 attempts to login using kerberos password: Apr 11 23:46:53 vrapenec xdm[8284]: pam_unix(xdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=mmokrejs Apr 11 23:46:55 vrapenec xdm[8284]: LOGIN FAILURE ON :0, mmokrejs Apr 11 23:47:16 vrapenec xdm[8284]: pam_unix(xdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=mmokrejs Apr 11 23:47:18 vrapenec xdm[8284]: LOGIN FAILURE ON :0, Apr 11 23:48:40 vrapenec xdm[8284]: pam_unix(xdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=mmokrejs Apr 11 23:48:41 vrapenec xdm[8284]: LOGIN FAILURE ON :0, <B8>^CL<B7>
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.