Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-21385

PAM v2 plugin produces lots of zombie processes

Details

    Description

      The authentication using the PAM v2 module works, but produces a lot of zombie processes.

      $ ps aux | grep auth_pam_tool
      		 
      ...
      		 
       
      		 
      root      1637  0.0  0.0      0     0 ?        Z    Dez22   0:00 [auth_pam_tool] <defunct>
      		 
      root      1638  0.0  0.0      0     0 ?        Z    Dez22   0:00 [auth_pam_tool] <defunct>
      		 
      root      1639  0.0  0.0      0     0 ?        Z    Dez21   0:00 [auth_pam_tool] <defunct>
      		 
      root      1640  0.0  0.0      0     0 ?        Z    Dez21   0:00 [auth_pam_tool] <defunct>
      		 
      root      1641  0.0  0.0      0     0 ?        Z    Dez22   0:00 [auth_pam_tool] <defunct>
      		 
      root      1642  0.0  0.0      0     0 ?        Z    08:21   0:00 [auth_pam_tool] <defunct>
      		 
      ...

      Configuration details:

      • Using sssd with ldap backend for mariadb service
      • OS: CentOS 8

      Logs (to make clear authentifaction itself works):

      Dez 23 14:30:59 web1 mysqld[13717]: pam_sss(mariadb:auth): authentication success; logname= uid=27 euid=27 tty= ruser= rhost= user=web_<removed>
      		 
      Dez 23 14:31:01 web1 mysqld[13717]: pam_sss(mariadb:auth): authentication success; logname= uid=27 euid=27 tty= ruser= rhost= user=web_<removed>
      		 
      Dez 23 14:31:01 web1 mysqld[13717]: pam_sss(mariadb:auth): authentication success; logname= uid=27 euid=27 tty= ruser= rhost= user=web_<removed>

      /etc/pam.d/mariadb

      auth    required pam_sss.so domains=mariadb
      		 
      account required pam_sss.so domains=mariadb

      Attachments

        Issue Links

          is caused by

          Task - A task that needs to be done. MDEV-7032 new pam plugin with a suid wrapper

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Task - A task that needs to be done. MDEV-15473 Isolate/sandbox PAM modules, so that they can't crash the server

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            Transition Time In Source Status Execution Times
            Alexey Botchkov made transition -
            Open In Progress
            		198d 20h 55m 1
            Alexey Botchkov made transition -
            In Progress In Review
            		23h 18m 1
            Sergei Golubchik made transition -
            In Review Stalled
            		2h 27m 1
            Alexey Botchkov made transition -
            Stalled Closed
            		7h 27m 1

            People

              holyfoot Alexey Botchkov
              fbezdeka Florian Bezdeka
              Votes:
              5 Vote for this issue
              Watchers:
              16 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.