Bug#877091: getent crashes while trying to display a group provided by sssd

Petr Zaytsev Thu, 28 Sep 2017 08:21:21 -0700

Package: sssd
Version: 1.15.3-1
Severity: serious



-- System Information:
Debian Release: buster/sid
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'testing'), (500, 'oldstable'), 
(1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/16 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages sssd depends on:
ii  python-sss   1.15.3-1
ii  sssd-ad      1.15.3-1
ii  sssd-common  1.15.3-1
ii  sssd-ipa     1.15.3-1
ii  sssd-krb5    1.15.3-1
ii  sssd-ldap    1.15.3-1
ii  sssd-proxy   1.15.3-1

sssd recommends no packages.

sssd suggests no packages.

-- no debconf information



Additional information:

cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat sss
group:          compat sss
shadow:         compat sss
gshadow:        files

hosts:          files dns
networks:       files

protocols:      db files
services:       db files sss
ethers:         db files
rpc:            db files

netgroup:       nis sss
sudoers:        sss files



cat /etc/sssd/sssd.conf

root@ch01:~# cat /etc/sssd/sssd.conf 
[domain/DOMAIN.COM]
ldap_idmap_range_size = 2000000
reconnection_retries = 0
client_idle_timeout = 2
offline_timeout = 2
debug_level = 3
auth_provider = krb5
cache_credentials = false
krb5_auth_timeout = 2
krb5_realm = DOMAIN.COM
krb5_server = master1.domain.com, master2.domain.com, master3.domain.com, 
master4.domain.com
krb5_kpasswd = master1.domain.com, master2.domain.com, master3.domain.com, 
master4.domain.com
chpass_provider = krb5
access_provider = simple
timeout = 2
ldap_search_timeout = 2
ldap_network_timeout = 1
sudo_provider = ldap
ldap_sudo_search_base = ou=sudoers,dc=domain,dc=com

id_provider = ldap
ldap_search_base = dc=domain,dc=com
ldap_sasl_mech = GSSAPI
ldap_tls_cacert = /etc/ldap/certs/x.domain.com.ca
ldap_uri = ldaps://master1.domain.com, ldaps://master2.domain.com, 
ldaps://master3.domain.com, ldaps://master4.domain.com
ldap_opt_timeout = 2

[sssd]
get_domains_timeout = 2
force_timeout = 2
config_file_version = 2
services = nss, pam, sudo
domains = DOMAIN.COM

filter_users = root, loader, sphinx, ftp_user
filter_groups = root, loader, sphinx, ftp_user

[pam]

[sudo]






And the actual error:

root@ch01:~# getent group admin
error writing group entry: Invalid argument


How it should perform:
[root@centos7-host ~]# getent group admin
admin:*:20100:uid=someuser,ou=people,cn=krbContainer,ou=krb5,dc=domain,dc=com



The same via strace:

root@ch01:~# strace getent group admin
execve("/usr/bin/getent", ["getent", "group", "admin"], [/* 22 vars */]) = 0
brk(NULL)                               = 0x1241000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x7f1bcfa76000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=58985, ...}) = 0
mmap(NULL, 58985, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f1bcfa67000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\4\2\0\0\0\0\0"..., 
832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1681176, ...}) = 0
mmap(NULL, 3787104, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x7f1bcf4b9000
mprotect(0x7f1bcf64c000, 2097152, PROT_NONE) = 0
mmap(0x7f1bcf84c000, 24576, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x193000) = 0x7f1bcf84c000
mmap(0x7f1bcf852000, 14688, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1bcf852000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x7f1bcfa65000
arch_prctl(ARCH_SET_FS, 0x7f1bcfa65700) = 0
mprotect(0x7f1bcf84c000, 16384, PROT_READ) = 0
mprotect(0x604000, 4096, PROT_READ)     = 0
mprotect(0x7f1bcfa79000, 4096, PROT_READ) = 0
munmap(0x7f1bcfa67000, 58985)           = 0
brk(NULL)                               = 0x1241000
brk(0x1262000)                          = 0x1262000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=1679776, ...}) = 0
mmap(NULL, 1679776, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f1bcf8ca000
close(3)                                = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 
ENOENT (No such file or directory)
close(3)                                = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 
ENOENT (No such file or directory)
close(3)                                = 0
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=543, ...}) = 0
read(3, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 543
read(3, "", 4096)                       = 0
close(3)                                = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=58985, ...}) = 0
mmap(NULL, 58985, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f1bcfa67000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnss_compat.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\22\0\0\0\0\0\0"..., 
832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=31616, ...}) = 0
mmap(NULL, 2126944, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x7f1bcf2b1000
mprotect(0x7f1bcf2b8000, 2093056, PROT_NONE) = 0
mmap(0x7f1bcf4b7000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f1bcf4b7000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnsl.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320?\0\0\0\0\0\0"..., 
832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=84968, ...}) = 0
mmap(NULL, 2189912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x7f1bcf09a000
mprotect(0x7f1bcf0ae000, 2093056, PROT_NONE) = 0
mmap(0x7f1bcf2ad000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13000) = 0x7f1bcf2ad000
mmap(0x7f1bcf2af000, 6744, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1bcf2af000
close(3)                                = 0
mprotect(0x7f1bcf2ad000, 4096, PROT_READ) = 0
mprotect(0x7f1bcf4b7000, 4096, PROT_READ) = 0
munmap(0x7f1bcfa67000, 58985)           = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=58985, ...}) = 0
mmap(NULL, 58985, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f1bcfa67000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340 \0\0\0\0\0\0"..., 
832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=47688, ...}) = 0
mmap(NULL, 2143656, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x7f1bcee8e000
mprotect(0x7f1bcee99000, 2093056, PROT_NONE) = 0
mmap(0x7f1bcf098000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa000) = 0x7f1bcf098000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320!\0\0\0\0\0\0"..., 
832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=47632, ...}) = 0
mmap(NULL, 2168600, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x7f1bcec7c000
mprotect(0x7f1bcec86000, 2097152, PROT_NONE) = 0
mmap(0x7f1bcee86000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa000) = 0x7f1bcee86000
mmap(0x7f1bcee88000, 22296, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1bcee88000
close(3)                                = 0
mprotect(0x7f1bcee86000, 4096, PROT_READ) = 0
mprotect(0x7f1bcf098000, 4096, PROT_READ) = 0
munmap(0x7f1bcfa67000, 58985)           = 0
open("/etc/group", O_RDONLY|O_CLOEXEC)  = 3
lseek(3, 0, SEEK_CUR)                   = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=821, ...}) = 0
mmap(NULL, 821, PROT_READ, MAP_SHARED, 3, 0) = 0x7f1bcfa75000
lseek(3, 821, SEEK_SET)                 = 821
fstat(3, {st_mode=S_IFREG|0644, st_size=821, ...}) = 0
munmap(0x7f1bcfa75000, 821)             = 0
close(3)                                = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=58985, ...}) = 0
mmap(NULL, 58985, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f1bcfa67000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnss_sss.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\25\0\0\0\0\0\0"..., 
832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=35440, ...}) = 0
mmap(NULL, 2131024, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 
0x7f1bcea73000
mprotect(0x7f1bcea7b000, 2093056, PROT_NONE) = 0
mmap(0x7f1bcec7a000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7f1bcec7a000
close(3)                                = 0
mprotect(0x7f1bcec7a000, 4096, PROT_READ) = 0
munmap(0x7f1bcfa67000, 58985)           = 0
open("/var/lib/sss/mc/group", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=6406312, ...}) = 0
mmap(NULL, 6406312, PROT_READ, MAP_SHARED, 3, 0) = 0x7f1bce456000
fstat(3, {st_mode=S_IFREG|0644, st_size=6406312, ...}) = 0
open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=2995, ...}) = 0
read(4, "# Locale name alias data base.\n#"..., 4096) = 2995
read(4, "", 4096)                       = 0
close(4)                                = 0
open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT 
(No such file or directory)
open("/usr/share/locale/en_US.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT 
(No such file or directory)
open("/usr/share/locale/en_US/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No 
such file or directory)
open("/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT 
(No such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No 
such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such 
file or directory)
write(2, "error writing group entry: Inval"..., 44error writing group entry: 
Invalid argument
) = 44
exit_group(0)                           = ?
+++ exited with 0 +++

Bug#877091: getent crashes while trying to display a group provided by sssd

Reply via email to