Package: krb5-auth-dialog Version: 3.2.1-1 Severity: important User: [email protected] Usertags: debian-edu
On a Debian Edu Wheezy diskless workstation, a user login end up without a working Kerberos ticket (because it uses ldm which in turn do not handle PAM properly), and this in turn exposes a crash bug in krb5-auth-dialog. The machine in question get a short hostname (ltsp4115 or similar), and while kinit is able to use the settings in /etc/resolv.conf to figure out the Kerberos realm (using SRV records in DNS), krb5-auth-dialog is not. Thus when I klick on the panel icon to ask for a kerberos ticket, instead of getting the password dialog prompt, I get a dialog stating that it could not find the realm. The dialog states (translated from Norwegian): Kerberos authentication error Could not get kerberos ticket: 'unable to find realm of host ltsp4115' [OK] If I start a terminal and run kinit there, I can set a password but krb5-auth-dialog imediately crashes. Here is the valgrind output from the crash run: ==7338== Memcheck, a memory error detector ==7338== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==7338== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==7338== Command: krb5-auth-dialog ==7338== ==7338== Conditional jump or move depends on uninitialised value(s) ==7338== at 0x551751E: ??? (in /usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0) ==7338== by 0x5503987: ??? (in /usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0) ==7338== by 0x54BA133: pixman_image_composite32 (in /usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0) ==7338== by 0x5134A1C: ??? (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.2) ==7338== by 0x5178EEB: ??? (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.2) ==7338== by 0x5169554: ??? (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.2) ==7338== by 0x516A03E: ??? (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.2) ==7338== by 0x7F: ??? ==7338== ==7338== Conditional jump or move depends on uninitialised value(s) ==7338== at 0x551778E: ??? (in /usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0) ==7338== by 0x5503987: ??? (in /usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0) ==7338== by 0x54BA133: pixman_image_composite32 (in /usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0) ==7338== by 0x5134A1C: ??? (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.2) ==7338== by 0x5178EEB: ??? (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.2) ==7338== by 0x5169554: ??? (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.2) ==7338== by 0x516A03E: ??? (in /usr/lib/i386-linux-gnu/libcairo.so.2.11200.2) ==7338== by 0x51A: ??? ==7338== ==7338== Conditional jump or move depends on uninitialised value(s) ==7338== at 0x7EE7621: ??? (in /usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1) ==7338== by 0x7EE8485: rsvg_handle_get_pixbuf_sub (in /usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1) ==7338== by 0x7EE8502: rsvg_handle_get_pixbuf (in /usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1) ==7338== by 0x5BD9ACF: ??? (in /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so) ==7338== by 0x4F632BA: gdk_pixbuf_loader_close (in /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.2600.1) ==7338== by 0x4F5F14C: ??? (in /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.2600.1) ==7338== by 0x4F60CA6: gdk_pixbuf_new_from_stream_at_scale (in /usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.2600.1) ==7338== by 0x42B877D: ??? (in /usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2) ==7338== by 0x42BB7E0: gtk_icon_info_load_icon (in /usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2) ==7338== by 0x42BBD14: gtk_icon_info_load_symbolic_for_context (in /usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2) ==7338== by 0x42B65F5: ??? (in /usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2) ==7338== by 0x43744FE: ??? (in /usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2) ==7338== ** Message: No plugins to load ** (krb5-auth-dialog:7338): WARNING **: Could not initialize NMClient /org/freedesktop/NetworkManager: The name org.freedesktop.NetworkManager was not provided by any .service files (krb5-auth-dialog:7338): GLib-GIO-CRITICAL **: GApplication subclass 'KaApplet' failed to chain up on ::startup (from start of override function) ==7338== Invalid read of size 4 ==7338== at 0x40F3F47: krb5_principal_compare (in /usr/lib/i386-linux-gnu/libkrb5.so.26.0.0) ==7338== by 0x804EB45: ??? (in /usr/bin/krb5-auth-dialog) ==7338== by 0x53ED20C: ffi_call (in /usr/lib/i386-linux-gnu/libffi.so.5.0.10) ==7338== by 0x4810C79: g_cclosure_marshal_generic_va (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4) ==7338== by 0x4810120: ??? (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4) ==7338== by 0x4829278: g_signal_emit_valist (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4) ==7338== by 0x4829CD2: g_signal_emit (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4) ==7338== by 0x46EDA70: ??? (in /usr/lib/i386-linux-gnu/libgio-2.0.so.0.3200.4) ==7338== by 0x48A018F: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4) ==7338== by 0x48A26D2: g_main_context_dispatch (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4) ==7338== by 0x48A2A6F: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4) ==7338== by 0x48A2B50: g_main_context_iteration (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4) ==7338== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==7338== ==7338== ==7338== Process terminating with default action of signal 11 (SIGSEGV) ==7338== Access not within mapped region at address 0x0 ==7338== at 0x40F3F47: krb5_principal_compare (in /usr/lib/i386-linux-gnu/libkrb5.so.26.0.0) ==7338== by 0x804EB45: ??? (in /usr/bin/krb5-auth-dialog) ==7338== by 0x53ED20C: ffi_call (in /usr/lib/i386-linux-gnu/libffi.so.5.0.10) ==7338== by 0x4810C79: g_cclosure_marshal_generic_va (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4) ==7338== by 0x4810120: ??? (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4) ==7338== by 0x4829278: g_signal_emit_valist (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4) ==7338== by 0x4829CD2: g_signal_emit (in /usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4) ==7338== by 0x46EDA70: ??? (in /usr/lib/i386-linux-gnu/libgio-2.0.so.0.3200.4) ==7338== by 0x48A018F: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4) ==7338== by 0x48A26D2: g_main_context_dispatch (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4) ==7338== by 0x48A2A6F: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4) ==7338== by 0x48A2B50: g_main_context_iteration (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4) ==7338== If you believe this happened as a result of a stack ==7338== overflow in your program's main thread (unlikely but ==7338== possible), you can try to increase the size of the ==7338== main thread stack using the --main-stacksize= flag. ==7338== The main thread stack size used in this run was 8388608. ==7338== ==7338== HEAP SUMMARY: ==7338== in use at exit: 1,620,516 bytes in 23,147 blocks ==7338== total heap usage: 83,987 allocs, 60,840 frees, 6,257,291 bytes allocated ==7338== ==7338== LEAK SUMMARY: ==7338== definitely lost: 1,792 bytes in 6 blocks ==7338== indirectly lost: 6,460 bytes in 320 blocks ==7338== possibly lost: 1,041,607 bytes in 14,392 blocks ==7338== still reachable: 570,657 bytes in 8,429 blocks ==7338== suppressed: 0 bytes in 0 blocks ==7338== Rerun with --leak-check=full to see details of leaked memory ==7338== ==7338== For counts of detected and suppressed errors, rerun with: -v ==7338== Use --track-origins=yes to see where uninitialised values come from ==7338== ERROR SUMMARY: 11 errors from 4 contexts (suppressed: 177 from 12) Can you change krb5-auth-dialog to use the same algorithm as kinit to figure out the realm, to get it working also for hosts without a domain part in their name? Can you fix the crash? And if you are able to fix these things, can you fix them in Wheezy too? -- Happy hacking Petter Reinholdtsen -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
