Package: libpam-umask
Version: 0.02
Severity: grave
Justification: renders package unusable
The latest libpam-umask (0.02) encounters a SIGSEGV (Segmentation fault)
that prevents all uses from logging in through any path that references
pam_umask.so in the PAM configuration.
This even effects "optional" entries in PAM configurations since
pam_umask.so seg-faults.
I had the following line in /etc/pam.d/common-session
session optional pam_umask.so umask=0077
Commenting out this line allows users to log in again.
Below are ltrace and gdb output for the getty process when pam_umask
is enabled on the system.
Running getty through ltrace, and then attempting to log in produced
# ltrace /sbin/getty 38400 tty8
...
pam_start(0x804f1c9, 0xbfe1a2d0, 0x804f088, 0x8051618, 0) = 0
pam_set_item(0x9242228, 4, 0x804ff87, 0x8051618, 0) = 0
pam_set_item(0x9242228, 3, 0xbfe182d0, 0x8051618, 0) = 0
pam_fail_delay(0x9242228, 0x2dc6c0, 0xbfe182d0, 0x8051618, 0) = 0
gethostname("server", 256) = 0
snprintf("server login: ", 256, "%s login: ", "server") = 14
pam_set_item(0x9242228, 9, 0xbfe17e50, 0xbfe17f50, 0) = 0
pam_get_item(0x9242228, 2, 0xbfe17e48, 0xbfe17f50, 0) = 0
pam_fail_delay(0x9242228, 0x2dc6c0, 0xbfe17e48, 0xbfe17f50, 0) = 0
pam_authenticate(0x9242228, 0, 0xbfe17e48, 0xbfe17f50, 0 <unfinished ...>
misc_conv(1, 0xbfe17d1c, 0xbfe17d28, 0, 0xb7f0a280) = 0
<... pam_authenticate resumed> ) = 0
pam_get_item(0x9242228, 2, 0xbfe17e48, 0xbfe17f50, 0) = 0
getpwnam("michael") = 0x4114c0b8
strcmp("MAIL_CHECK_ENAB", "FAILLOG_ENAB") = 1
strcmp("ERASECHAR", "FAILLOG_ENAB") = -1
strcmp("HUSHLOGIN_FILE", "FAILLOG_ENAB") = 1
strcmp("FTMP_FILE", "FAILLOG_ENAB") = 1
strcmp("FAIL_DELAY", "FAILLOG_ENAB") = 1
strcmp("FAILLOG_ENAB", "FAILLOG_ENAB") = 0
strcasecmp("yes", "yes") = 0
open64("/var/log/faillog", 2, 0145) = 7
lseek64(7, 240000, 0, 0, 0x41021158) = 240000
read(7, "", 24) = 24
lseek64(7, 240000, 0, 0, 0) = 240000
write(7, "", 24) = 24
close(7) = 0
alarm(0) = 58
pam_acct_mgmt(0x9242228, 0, 0, 0xbfe17f50, 0) = 0
pam_get_item(0x9242228, 2, 0xbfe17e48, 0xbfe17f50, 0) = 0
setpwent() = <void>
getpwnam("michael") = 0x4114c0b8
setgid(10000) = 0
initgroups(0x9249e5a, 10000, 0x4114c0b8, 0x4114c0b8, 0x4114c0b8) = 0
pam_setcred(0x9242228, 2, 0xbfe17e48, 0xbfe17f50, 0) = 0
strcmp("MAIL_CHECK_ENAB", "HUSHLOGIN_FILE") = 1
strcmp("ERASECHAR", "HUSHLOGIN_FILE") = -1
strcmp("HUSHLOGIN_FILE", "HUSHLOGIN_FILE") = 0
snprintf("/home/michael/.hushlogin", 8192, "%s/%s", "/home/michael",
".hushlogin") = 24
access("/home/michael/.hushlogin", 0) = -1
pam_open_session(0x9242228, 0, 0xbfe17e48, 0xbfe17f50, 0 <unfinished ...>
--- SIGSEGV (Segmentation fault) ---
+++ killed by SIGSEGV +++
Running getty through strace produced no interesting information.
Running getty through gdb, I obtained the following backtrace
(long runs of "0x00000000" are replaced with "...")
Program received signal SIGSEGV, Segmentation fault.
0x00126abe in ?? ()
(gdb) bt
#0 0x00126abe in ?? ()
#1 0x4114b8a8 in main_arena () from /lib/tls/i686/cmov/libc.so.6
#2 0x08048f00 in ?? ()
#3 0x00000000 in ?? ()
#4 0x4114c0b8 in buffer_size.0 () from /lib/tls/i686/cmov/libc.so.6
#5 0x00802b60 in ?? ()
#6 0x08143f80 in ?? ()
#7 0x0813f228 in ?? ()
#8 0xbff1d0d8 in ?? ()
#9 0x007fda1c in ?? ()
#10 0x0813f228 in ?? ()
#11 0x00000000 in ?? ()
#12 0x00000001 in ?? ()
#13 0x08143c10 in ?? ()
#14 0xb7f1f19c in ?? ()
#15 0x00000001 in ?? ()
#16 0x00000000 in ?? ()
#17 0x00000000 in ?? ()
#18 0x00000000 in ?? ()
#19 0x00000000 in ?? ()
#20 0x00000006 in ?? ()
#21 0x00000020 in ?? ()
#22 0xffffffe0 in ?? ()
#23 0x08051178 in ?? ()
#24 0x0000003c in ?? ()
#25 0x00802b60 in ?? ()
#26 0x00000000 in ?? ()
#27 0x00000000 in ?? ()
#28 0xbff1d0f8 in ?? ()
#29 0x007ff9fb in ?? ()
#30 0x0813f228 in ?? ()
#31 0x00000000 in ?? ()
#32 0x00000004 in ?? ()
#33 0xffffffe0 in ?? ()
#34 0x0813f228 in ?? ()
#35 0x4114c0b8 in buffer_size.0 () from /lib/tls/i686/cmov/libc.so.6
#36 0xbff1f5f8 in ?? ()
#37 0x0804addb in ?? ()
#38 0x0813f228 in ?? ()
#39 0x00000000 in ?? ()
#40 0xbff1d138 in ?? ()
#41 0xbff1d240 in ?? ()
#42 0x00000000 in ?? ()
#43 0x00000000 in ?? ()
#44 0x00000000 in ?? ()
#45 0x00000000 in ?? ()
#46 0x08146e58 in ?? ()
#47 0x00000001 in ?? ()
#48 0x00000005 in ?? ()
#49 0x00000003 in ?? ()
#50 0x00000000 in ?? ()
#51 0x00000000 in ?? ()
#52 0x0813f2d8 in ?? ()
#53 0x00000000 in ?? ()
#54 0x76726573 in ?? ()
#55 0x6c207265 in ?? ()
#56 0x6e69676f in ?? ()
#57 0x0000203a in ?? ()
#58 0x00000000 in ?? ()
...
#118 0x76726573 in ?? ()
#119 0x00007265 in ?? ()
#120 0x00000000 in ?? ()
...
#182 0x206e6f20 in ?? ()
#183 0x79747460 in ?? ()
#184 0x00002738 in ?? ()
#185 0x00000000 in ?? ()
...
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12.3-execshield-k7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages libpam-umask depends on:
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
libpam-umask recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
