[MDEV-21385] PAM v2 plugin produces lots of zombie processes - Jira

XML

Word

Printable

The authentication using the PAM v2 module works, but produces a lot of zombie processes.

$ ps aux | grep auth_pam_tool

...

root      1637  0.0  0.0      0     0 ?        Z    Dez22   0:00 [auth_pam_tool] <defunct>

root      1638  0.0  0.0      0     0 ?        Z    Dez22   0:00 [auth_pam_tool] <defunct>

root      1639  0.0  0.0      0     0 ?        Z    Dez21   0:00 [auth_pam_tool] <defunct>

root      1640  0.0  0.0      0     0 ?        Z    Dez21   0:00 [auth_pam_tool] <defunct>

root      1641  0.0  0.0      0     0 ?        Z    Dez22   0:00 [auth_pam_tool] <defunct>

root      1642  0.0  0.0      0     0 ?        Z    08:21   0:00 [auth_pam_tool] <defunct>

...

Configuration details:

Logs (to make clear authentifaction itself works):

Dez 23 14:30:59 web1 mysqld[13717]: pam_sss(mariadb:auth): authentication success; logname= uid=27 euid=27 tty= ruser= rhost= user=web_<removed>

Dez 23 14:31:01 web1 mysqld[13717]: pam_sss(mariadb:auth): authentication success; logname= uid=27 euid=27 tty= ruser= rhost= user=web_<removed>

Dez 23 14:31:01 web1 mysqld[13717]: pam_sss(mariadb:auth): authentication success; logname= uid=27 euid=27 tty= ruser= rhost= user=web_<removed>

/etc/pam.d/mariadb

auth    required pam_sss.so domains=mariadb

account required pam_sss.so domains=mariadb

is caused by

MDEV-7032 new pam plugin with a suid wrapper

MDEV-15473 Isolate/sandbox PAM modules, so that they can't crash the server

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.