On Mon, 12 Dec 2022 12:10:42 -0500 Conrad Knight <iestynap...@gmail.com> said:
so .. all i can say is... everything e passes in to pam is correct. the pam
conversation only asks for a password and e ckpasswd provides it with:
case PAM_PROMPT_ECHO_OFF:
reply[replies].resp_retcode = PAM_SUCCESS;
reply[replies].resp = strdup(ai->pw);
so any pointers passwd in by e are correct. this conversation func ptr was one
thing that could be but it was and is set up right:
typedef struct
{
const char *user;
const char *pw;
} Authinfo;
...
Authinfo ai;
struct pam_conv conv;
...
ai.user = user;
ai.pw = pw; Authinfo ai;
...
conv.conv = _conv_cb;
conv.appdata_ptr = &ai;
if (pam_start(prof, user, &conv, &handle) != PAM_SUCCESS) return -1;
if (pam_set_item(handle, PAM_USER, user) != PAM_SUCCESS) return -1;
if (pam_set_item(handle, PAM_RHOST, host) != PAM_SUCCESS) return -1;
pamerr = pam_authenticate(handle, 0);
it's this above function (pam_authenticate) that dies internally if and only if
you build e (specifically e's ckpasswd util) with asan. i can only imagine that
pam does something internally - possibly due to security reasons, to make it
not work with asan. at this point i'd need to build pam and all modules it uses
with gdb debug and possibly asan support to find out more. but all of this
fails because ckpasswd is built with asan enabled. everything e does on its end
in the code (read e_ckpasswd_main.c) is correct here. it's passing in
everything as it should in the way it should. pam barfs somewhere inside -
possibly can't load some module or find some symbol or something and the error
handling is bad as it never expects this to fail and ends up calling a null
address. gnome's polkit tool works because it's not built with asan ... and
it's not using pam directly itself to do the auth checks.
so - build e/efl without asan and it'll all work fine. or ... get digging deep,
built pam with asan and find out just what on earth is really going on.
but ...all is fine without asan. :)
> I'm having a problem with E's polkit module. I was running
> pamac-manager and it asked for authentication. The password dialog box
> popped up, i entered my password, but then got an authentication
> failure error message.
>
> There's some output in .e-log.log that looks relevant:
>
> AUTH: POLKIT:
> [3-85675816164cbd241ec6e8b4f92b0e4f-3-a4ac0b07e510e40440dbf83b5e4bcfb8] AUTH:
> UID: [1000] AUTH: readpass...
> AddressSanitizer:DEADLYSIGNAL
> =================================================================
> ==99121==ERROR: AddressSanitizer: SEGV on unknown address
> 0x000000000000 (pc 0x000000000000 bp 0x7fffdece1aa0 sp 0x7fffd
> ece1228 T0)
> ==99121==Hint: pc points to the zero page.
> ==99121==The signal is caused by a READ memory access.
> ==99121==Hint: address points to the zero page.
> #0 0x0 (<unknown module>)
> #1 0x7fb5b6ceb74b (/usr/lib/security/pam_unix.so+0x574b)
>
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV (<unknown module>)
> ==99121==ABORTING
>
> If i unload the polkit module and manually start
> polkit-gnome-authentication-agent-1 instead, and then try again,
> everything works: i get a gnome password dialog box instead of an E
> one, i enter my password, and pamac starts its update process.
>
> I don't know when this problem may have started, as i rarely use
> pamac. Hmm, it just occurred to me that gparted also asks for
> authentication with polkit. Tried running that, and the same thing
> happens. After entering my password, i get an E error dialog telling
> me "Enlightenment was unable to run the application...". And there's
> another, similar message in .e-log.log.
>
> Any ideas what might be wrong?
>
> Thanks,
> -Conrad.
>
> --
> Shine like thunder
> Cry like rain
>
>
> _______________________________________________
> enlightenment-users mailing list
> enlightenment-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/enlightenment-users
>
--
------------- Codito, ergo sum - "I code, therefore I am" --------------
Carsten Haitzler - ras...@rasterman.com
_______________________________________________
enlightenment-users mailing list
enlightenment-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-users
