[Bug 1788459] Re: gssproxy crashes in libselinux.so.1 on Ubuntu 18.04 when called by rpc.gssd

Mon, 28 Jun 2021 08:06:06 -0700 

Trying to get gssproxy working with NFS (rpc-gssd and rpc-svcgssd) on Ubuntu 
20.04
Following https://github.com/gssapi/gssproxy/blob/main/docs/NFS.md

/etc/gssproxy/gssproxy.conf
      [gssproxy]
      debug = true
      debug_level = 3

/etc/gssproxy/25-nfs-server.conf
      [service/nfs-server]
        mechs = krb5
        socket = /run/gssproxy.sock
        cred_store = keytab:/etc/krb5.keytab
        trusted = yes
        kernel_nfsd = yes
        euid = 0

When I start the gssproxy service, either through systemd 
or manually with: /usr/sbin/gssproxy --interactive --debug --debug-level=3 
--socket=/run/gssproxy.sock

I get this result:
[2021/06/28 14:49:19]: Debug Enabled (level: 3)
[2021/06/28 14:49:19]: Service: nfs-client, Keytab: /etc/krb5.keytab, Enctype: 
23
[2021/06/28 14:49:19]: Service: nfs-server, Keytab: /etc/krb5.keytab, Enctype: 
23
[2021/06/28 14:49:19]: Client [2021/06/28 14:49:19]: (/usr/sbin/gssproxy) 
[2021/06/28 14:49:19]:  connected (fd = 13)[2021/06/28 14:49:19]:  (pid = 7821) 
(uid = 0) (gid = 0)Segmentation fault (core dumped)

It is the kernel_nfsd = yes config part that causes the segfault
What it does (from the docs linked above)
  ...
  The gssproxy client registers to the kernel by performing 2 actions in the 
following order:
  * creates a unix socket for kernel communication in /var/run/gssproxy.sock 
(this path is hardcoded in the kernel and cannot be changed at this time)
  * writes 1 byte in the proc file /proc/net/rpc/use-gss-proxy (the client must 
be ready to accept a connection from the kernel when this is done, as the 
kernel we check that the socket is available)
  ...
  It enables the kernel extensions to the protocol (the context is exported as 
a lucid context for example, and a list of resolved credentials is returned if 
authentication succeeds)

The proc files seems ok (it was -1 before)
cat /proc/net/rpc/use-gss-proxy
1

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1788459

Title:
  gssproxy  crashes in libselinux.so.1 on Ubuntu 18.04 when called by
  rpc.gssd

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gssproxy/+bug/1788459/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to