Package: libpam-umask Version: 0.02 Severity: grave Justification: renders package unusable
The latest libpam-umask (0.02) encounters a SIGSEGV (Segmentation fault) that prevents all uses from logging in through any path that references pam_umask.so in the PAM configuration. This even effects "optional" entries in PAM configurations since pam_umask.so seg-faults. I had the following line in /etc/pam.d/common-session session optional pam_umask.so umask=0077 Commenting out this line allows users to log in again. Below are ltrace and gdb output for the getty process when pam_umask is enabled on the system. Running getty through ltrace, and then attempting to log in produced # ltrace /sbin/getty 38400 tty8 ... pam_start(0x804f1c9, 0xbfe1a2d0, 0x804f088, 0x8051618, 0) = 0 pam_set_item(0x9242228, 4, 0x804ff87, 0x8051618, 0) = 0 pam_set_item(0x9242228, 3, 0xbfe182d0, 0x8051618, 0) = 0 pam_fail_delay(0x9242228, 0x2dc6c0, 0xbfe182d0, 0x8051618, 0) = 0 gethostname("server", 256) = 0 snprintf("server login: ", 256, "%s login: ", "server") = 14 pam_set_item(0x9242228, 9, 0xbfe17e50, 0xbfe17f50, 0) = 0 pam_get_item(0x9242228, 2, 0xbfe17e48, 0xbfe17f50, 0) = 0 pam_fail_delay(0x9242228, 0x2dc6c0, 0xbfe17e48, 0xbfe17f50, 0) = 0 pam_authenticate(0x9242228, 0, 0xbfe17e48, 0xbfe17f50, 0 <unfinished ...> misc_conv(1, 0xbfe17d1c, 0xbfe17d28, 0, 0xb7f0a280) = 0 <... pam_authenticate resumed> ) = 0 pam_get_item(0x9242228, 2, 0xbfe17e48, 0xbfe17f50, 0) = 0 getpwnam("michael") = 0x4114c0b8 strcmp("MAIL_CHECK_ENAB", "FAILLOG_ENAB") = 1 strcmp("ERASECHAR", "FAILLOG_ENAB") = -1 strcmp("HUSHLOGIN_FILE", "FAILLOG_ENAB") = 1 strcmp("FTMP_FILE", "FAILLOG_ENAB") = 1 strcmp("FAIL_DELAY", "FAILLOG_ENAB") = 1 strcmp("FAILLOG_ENAB", "FAILLOG_ENAB") = 0 strcasecmp("yes", "yes") = 0 open64("/var/log/faillog", 2, 0145) = 7 lseek64(7, 240000, 0, 0, 0x41021158) = 240000 read(7, "", 24) = 24 lseek64(7, 240000, 0, 0, 0) = 240000 write(7, "", 24) = 24 close(7) = 0 alarm(0) = 58 pam_acct_mgmt(0x9242228, 0, 0, 0xbfe17f50, 0) = 0 pam_get_item(0x9242228, 2, 0xbfe17e48, 0xbfe17f50, 0) = 0 setpwent() = <void> getpwnam("michael") = 0x4114c0b8 setgid(10000) = 0 initgroups(0x9249e5a, 10000, 0x4114c0b8, 0x4114c0b8, 0x4114c0b8) = 0 pam_setcred(0x9242228, 2, 0xbfe17e48, 0xbfe17f50, 0) = 0 strcmp("MAIL_CHECK_ENAB", "HUSHLOGIN_FILE") = 1 strcmp("ERASECHAR", "HUSHLOGIN_FILE") = -1 strcmp("HUSHLOGIN_FILE", "HUSHLOGIN_FILE") = 0 snprintf("/home/michael/.hushlogin", 8192, "%s/%s", "/home/michael", ".hushlogin") = 24 access("/home/michael/.hushlogin", 0) = -1 pam_open_session(0x9242228, 0, 0xbfe17e48, 0xbfe17f50, 0 <unfinished ...> --- SIGSEGV (Segmentation fault) --- +++ killed by SIGSEGV +++ Running getty through strace produced no interesting information. Running getty through gdb, I obtained the following backtrace (long runs of "0x00000000" are replaced with "...") Program received signal SIGSEGV, Segmentation fault. 0x00126abe in ?? () (gdb) bt #0 0x00126abe in ?? () #1 0x4114b8a8 in main_arena () from /lib/tls/i686/cmov/libc.so.6 #2 0x08048f00 in ?? () #3 0x00000000 in ?? () #4 0x4114c0b8 in buffer_size.0 () from /lib/tls/i686/cmov/libc.so.6 #5 0x00802b60 in ?? () #6 0x08143f80 in ?? () #7 0x0813f228 in ?? () #8 0xbff1d0d8 in ?? () #9 0x007fda1c in ?? () #10 0x0813f228 in ?? () #11 0x00000000 in ?? () #12 0x00000001 in ?? () #13 0x08143c10 in ?? () #14 0xb7f1f19c in ?? () #15 0x00000001 in ?? () #16 0x00000000 in ?? () #17 0x00000000 in ?? () #18 0x00000000 in ?? () #19 0x00000000 in ?? () #20 0x00000006 in ?? () #21 0x00000020 in ?? () #22 0xffffffe0 in ?? () #23 0x08051178 in ?? () #24 0x0000003c in ?? () #25 0x00802b60 in ?? () #26 0x00000000 in ?? () #27 0x00000000 in ?? () #28 0xbff1d0f8 in ?? () #29 0x007ff9fb in ?? () #30 0x0813f228 in ?? () #31 0x00000000 in ?? () #32 0x00000004 in ?? () #33 0xffffffe0 in ?? () #34 0x0813f228 in ?? () #35 0x4114c0b8 in buffer_size.0 () from /lib/tls/i686/cmov/libc.so.6 #36 0xbff1f5f8 in ?? () #37 0x0804addb in ?? () #38 0x0813f228 in ?? () #39 0x00000000 in ?? () #40 0xbff1d138 in ?? () #41 0xbff1d240 in ?? () #42 0x00000000 in ?? () #43 0x00000000 in ?? () #44 0x00000000 in ?? () #45 0x00000000 in ?? () #46 0x08146e58 in ?? () #47 0x00000001 in ?? () #48 0x00000005 in ?? () #49 0x00000003 in ?? () #50 0x00000000 in ?? () #51 0x00000000 in ?? () #52 0x0813f2d8 in ?? () #53 0x00000000 in ?? () #54 0x76726573 in ?? () #55 0x6c207265 in ?? () #56 0x6e69676f in ?? () #57 0x0000203a in ?? () #58 0x00000000 in ?? () ... #118 0x76726573 in ?? () #119 0x00007265 in ?? () #120 0x00000000 in ?? () ... #182 0x206e6f20 in ?? () #183 0x79747460 in ?? () #184 0x00002738 in ?? () #185 0x00000000 in ?? () ... -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12.3-execshield-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages libpam-umask depends on: ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an libpam-umask recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]