Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.1.14
-
Ubuntu 14.04.3 LTS
-
10.1.15
Description
I’ve been experiencing segfaults while testing group mapping with the PAM user mapping module. I’ve
been using https://mariadb.com/blog/configuring-pam-group-mapping-mariadb as a guide and most of
the configuration is similar to what is outlined there except that I have two groups “dba” and “dba_ro”.
cat /etc/pam.d/mariadb
|
auth required pam_unix.so audit
|
account required pam_unix.so audit
|
auth required pam_user_map.so
|
cat /etc/security/user_map.conf
|
@dba: dba
|
@dba_ro: dba_ro
|
With this configuration when attempting to authenticate with a user that is not in the “dba” group a
segfault will occur as the loop at line 82 of pam_user_map.c never terminates. Even if the user is a member of the “dba_ro” group the crash will occur while matching
line 1 of /etc/security/user_map.conf.
Attachments
Issue Links
- links to
Activity
| Field | Original Value | New Value |
|---|---|---|
| Description |
I’ve been experiencing segfaults while testing group mapping with the PAM user mapping module. I’ve
been using https://mariadb.com/blog/configuring-pam-group-mapping-mariadb as a guide and most of the configuration is similar to what is outlined there except that I have two groups “dba” and “dba_ro”. cat /etc/pam.d/mariadb auth required pam_unix.so audit account required pam_unix.so audit auth required pam_user_map.so cat /etc/security/user_map.conf @dba: dba @dba_ro: dba_ro With this configuration when attempting to authenticate with a user that is not in the “dba” group a segfault will occur as the loop [at line 82 of pam_user_map.c|https://github.com/MariaDB/server/blob/10.1/plugin/auth_pam/mapper/pam_user_map.c#L82] never terminates. Even if the user is a member of the “dba_ro” group the crash will occur while matching line 1 of /etc/security/user_map.conf. |
I’ve been experiencing segfaults while testing group mapping with the PAM user mapping module. I’ve
been using https://mariadb.com/blog/configuring-pam-group-mapping-mariadb as a guide and most of the configuration is similar to what is outlined there except that I have two groups “dba” and “dba_ro”. {noformat} cat /etc/pam.d/mariadb auth required pam_unix.so audit account required pam_unix.so audit auth required pam_user_map.so {noformat} {noformat} cat /etc/security/user_map.conf @dba: dba @dba_ro: dba_ro {noformat} With this configuration when attempting to authenticate with a user that is not in the “dba” group a segfault will occur as the loop [at line 82 of pam_user_map.c|https://github.com/MariaDB/server/blob/10.1/plugin/auth_pam/mapper/pam_user_map.c#L82] never terminates. Even if the user is a member of the “dba_ro” group the crash will occur while matching line 1 of /etc/security/user_map.conf. |
Thanks for the report and the patch. Assigning to serg for the review and merge.
| Fix Version/s | 10.1 [ 16100 ] | |
| Labels | patch | |
| Priority | Minor [ 4 ] | Major [ 3 ] |
| Assignee | Sergei Golubchik [ serg ] |
| Remote Link | This issue links to "GitHub Pull Request #183 (Web Link)" [ 27356 ] |
| Labels | patch | contribution foundation patch |
| Sprint | 10.0.26 [ 73 ] |
| Sprint | 10.0.26 [ 73 ] |
| Assignee | Sergei Golubchik [ serg ] | Alexey Botchkov [ holyfoot ] |
| Status | Open [ 1 ] | In Progress [ 3 ] |
| Status | In Progress [ 3 ] | Stalled [ 10000 ] |
| Sprint | 10.1.15 [ 75 ] |
| Rank | Ranked higher |
| Status | Stalled [ 10000 ] | In Progress [ 3 ] |
| issue.field.resolutiondate | 2016-06-24 14:11:32.0 | 2016-06-24 14:11:32.094 |
| Fix Version/s | 10.1.16 [ 22019 ] | |
| Fix Version/s | 10.1 [ 16100 ] | |
| Resolution | Fixed [ 1 ] | |
| Status | In Progress [ 3 ] | Closed [ 6 ] |
| Workflow | MariaDB v3 [ 75977 ] | MariaDB v4 [ 150506 ] |
PR - https://github.com/MariaDB/server/pull/183