Bug#756812: nfs-common: rpc.gssd crashes while mounting an encrypted nfs4 filesystem

2014-08-05 Thread Eugeniy Meshcheryakov 
3 серпня 2014 о 13:17 +1000 Aníbal Monsalve Salazar написав(-ла):
 Hello,
 
 Could you please help me testing:
 
 · libtirpc1 0.2.4-2
 · rpcbind 0.2.1-5
 · nfs-common 1:1.2.8-7
 · nfs-kernel-server 1:1.2.8-7
 
 You will find them in experimental.
The packages work for me on client. I didn't test on server yet.

Regards,
Eugeniy Meshcheryakov


signature.asc
Description: Digital signature

Bug#756812: nfs-common: rpc.gssd crashes while mounting an encrypted nfs4 filesystem

2014-08-02 Thread Aníbal Monsalve Salazar 
On Fri, 2014-08-01 23:41:12 +0200, eu...@debian.org wrote:
 
 rpc.gssd started crashing again when mounting an encrypted nfs4
 filesystem.

Hello,

Could you please help me testing:

· libtirpc1 0.2.4-2
· rpcbind 0.2.1-5
· nfs-common 1:1.2.8-7
· nfs-kernel-server 1:1.2.8-7

You will find them in experimental.

Thank you,

Aníbal


signature.asc
Description: Digital signature

Bug#756812: nfs-common: rpc.gssd crashes while mounting an encrypted nfs4 filesystem

2014-08-01 Thread Євгеній Мещеряков 
Package: nfs-common
Version: 1:1.2.8-6
Severity: serious

Hello,

rpc.gssd started crashing again when mounting an encrypted nfs4
filesystem.

The dmesg contains:

  [  391.284130] rpc.gssd[1756]: segfault at b5a ip 7f70bb3d772f sp 
7fff5765a080 error 4 in libgssapi_krb5.so.2.2[7f70bb3c4000+45000]
  [  391.284935] NFS: nfs4_discover_server_trunking unhandled error -32. 
Exiting with error EIO

The output from the rpc.gssd and gdb follows:

handling gssd upcall (/run/rpc_pipefs/nfs/clnte)
handle_gssd_upcall: 'mech=krb5 uid=0 service=* enctypes=18,17,16,23,3,1,2 '
handling krb5 upcall (/run/rpc_pipefs/nfs/clnte)
process_krb5_upcall: service is '*'
Full hostname for 'thor.kazna.de' is 'thor.kazna.de'
Full hostname for 'loki.local' is 'loki.local'
No key table entry found for LOKI$@KAZNA.DE while getting keytab entry for 
'LOKI$@KAZNA.DE'
No key table entry found for root/loki.lo...@kazna.de while getting keytab 
entry for 'root/loki.lo...@kazna.de'
No key table entry found for nfs/loki.lo...@kazna.de while getting keytab entry 
for 'nfs/loki.lo...@kazna.de'
No key table entry found for host/loki.lo...@kazna.de while getting keytab 
entry for 'host/loki.lo...@kazna.de'
Processing keytab entry for principal 'nfs/loki.kazna...@kazna.de'
We will NOT use this entry (nfs/loki.kazna...@kazna.de)
Processing keytab entry for principal 'nfs/loki.kazna...@kazna.de'
We will NOT use this entry (nfs/loki.kazna...@kazna.de)
Processing keytab entry for principal 'nfs/loki.kazna...@kazna.de'
We will NOT use this entry (nfs/loki.kazna...@kazna.de)
Processing keytab entry for principal 'nfs/loki.kazna...@kazna.de'
We will NOT use this entry (nfs/loki.kazna...@kazna.de)
Processing keytab entry for principal 'nfs/loki.kazna...@kazna.de'
We WILL use this entry (nfs/loki.kazna...@kazna.de)
Success getting keytab entry for nfs/*@KAZNA.DE
Successfully obtained machine credentials for principal 
'nfs/loki.kazna...@kazna.de' stored in ccache 'FILE:/tmp/krb5ccmachine_KAZNA.DE'
INFO: Credentials in CC 'FILE:/tmp/krb5ccmachine_KAZNA.DE' are good until 
1406965169
using FILE:/tmp/krb5ccmachine_KAZNA.DE as credentials cache for machine creds
using environment variable to select krb5 ccache 
FILE:/tmp/krb5ccmachine_KAZNA.DE
creating context using fsuid 0 (save_uid 0)
creating tcp client for server thor.kazna.de
DEBUG: port already set to 2049
creating context with server n...@thor.kazna.de

Program received signal SIGSEGV, Segmentation fault.
0x76ac272f in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
(gdb) bt
#0  0x76ac272f in ?? () from 
/usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#1  0x76ac33e2 in gss_init_sec_context () from 
/usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#2  0x77bcf863 in ?? () from /lib/x86_64-linux-gnu/libtirpc.so.1
#3  0x77bcfbf9 in authgss_create () from 
/lib/x86_64-linux-gnu/libtirpc.so.1
#4  0x77bcfcfc in authgss_create_default () from 
/lib/x86_64-linux-gnu/libtirpc.so.1
#5  0x00405126 in ?? ()
#6  0x00405bf2 in ?? ()
#7  0x0040685a in ?? ()
#8  0x00404aac in ?? ()
#9  0x00403941 in ?? ()
#10 0x76d18b45 in __libc_start_main (main=0x403690, argc=2, 
argv=0x7fffe0e8, init=optimized out, fini=optimized out, 
rtld_fini=optimized out, stack_end=0x7fffe0d8) at libc-start.c:287
#11 0x004039ae in ?? ()


-- Package-specific info:
-- rpcinfo --
   program vers proto   port  service
104   tcp111  portmapper
103   tcp111  portmapper
102   tcp111  portmapper
104   udp111  portmapper
103   udp111  portmapper
102   udp111  portmapper
-- /etc/default/nfs-common --
NEED_STATD=no
STATDOPTS=
NEED_IDMAPD=yes
NEED_GSSD=yes
-- /etc/idmapd.conf --
[General]
Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
Domain = kazna.de
[Mapping]
Nobody-User = nobody
Nobody-Group = nogroup
-- /etc/fstab --
#thor.kazna.de:/  /srv/backups nfs   
sec=krb5p,rw,noatime,nodiratime,nodev,nosuid,noexec,proto=tcp,noauto,x-systemd.automount,x-systemd.device-timeout=60
  0 0
-- /proc/mounts --

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=uk_UA.UTF-8, LC_CTYPE=uk_UA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages nfs-common depends on:
ii  adduser 3.113+nmu3
ii  initscripts 2.88dsf-53.2
ii  libc6   2.19-7
ii  libcap2 1:2.24-3
ii  libcomerr2  1.42.11-2
ii  libdevmapper1.02.1  2:1.02.85-2
ii  libevent-2.0-5  2.0.21-stable-1
ii  libgssglue1 0.4-2
ii  libk5crypto31.12.1+dfsg-5
ii  libkeyutils11.5.9-4
ii  libkrb5-3   1.12.1+dfsg-5
ii  libmount1   2.20.1-5.8
ii  libnfsidmap20.25-5
ii  libtirpc1

Bug#756812: nfs-common: rpc.gssd crashes while mounting an encrypted nfs4 filesystem

2014-08-01 Thread Steve Langasek 
Control: reassign -1 libtirpc1
Control: found -1 0.2.4-1

On Fri, Aug 01, 2014 at 11:41:12PM +0200, Євгеній Мещеряков wrote:
 rpc.gssd started crashing again when mounting an encrypted nfs4
 filesystem.

 The dmesg contains:

   [  391.284130] rpc.gssd[1756]: segfault at b5a ip 7f70bb3d772f sp 
 7fff5765a080 error 4 in libgssapi_krb5.so.2.2[7f70bb3c4000+45000]
   [  391.284935] NFS: nfs4_discover_server_trunking unhandled error -32. 
 Exiting with error EIO

This is a regression in libtirpc, which is no longer linked against gssglue
like it's supposed to be.

$ debdiff ftp/pool/main/libt/libtirpc/libtirpc1_0.2.{3-2,4-1}_i386.deb 
File lists identical (after any substitutions)

Control files: lines which differ (wdiff format)

Depends: libc6 (= 2.16), [-libgssglue1-] {+libcomerr2 (= 1.01), 
libgssapi-krb5-2 (= 1.10+dfsg~), libk5crypto3 (= 1.6.dfsg.2), libkrb5-3 (= 
1.6.dfsg.2)+}
Installed-Size: [-203-] {+251+}
Maintainer: [-Debian QA Group packa...@qa.debian.org-] {+Anibal Monsalve 
Salazar ani...@debian.org+}
Version: [-0.2.3-2-] {+0.2.4-1+}
$

Aníbal, I see that you have applied a patch in your most recent upload in
order to get the package to build against gssglue.  This patch appears to be
incomplete, because regardless of the headers used at compile time, libtirpc
is clearly linking against MIT KRB5 directly.  This is a bug; libtirpc and
nfs-utils need to be linking against the same provider of GSS, or segfaults
ensue.  If there is a reason for switching the linkage away from gssglue,
then a coordinated transition would be needed.

libtirpc has two reverse dependencies in the archive, rpcbind and nfs-utils.
I would appreciate it if you would test both of them when making changes to
libtirpc.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: Digital signature

Processed: Re: Bug#756812: nfs-common: rpc.gssd crashes while mounting an encrypted nfs4 filesystem

2014-08-01 Thread Debian Bug Tracking System 
Processing control commands:

 reassign -1 libtirpc1
Bug #756812 [nfs-common] nfs-common: rpc.gssd crashes while mounting an 
encrypted nfs4 filesystem
Bug reassigned from package 'nfs-common' to 'libtirpc1'.
No longer marked as found in versions nfs-utils/1:1.2.8-6.
Ignoring request to alter fixed versions of bug #756812 to the same values 
previously set
 found -1 0.2.4-1
Bug #756812 [libtirpc1] nfs-common: rpc.gssd crashes while mounting an 
encrypted nfs4 filesystem
Marked as found in versions libtirpc/0.2.4-1.

-- 
756812: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756812
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org