Package: libapache2-mod-auth-pam
Version: 1.1.1-6.1
Severity: important
When running with the apache2-mpm-worker engine, and with
/etc/pam.d/apache2 using pam_ldap.so for auth and account, server
threads frequently die with double-free errors in the apache error log.
Usually only happens when the server is getting hit with heavier loads.
Errors disappear when switching over to apache2-mpm-prefork.
Recommend stopgap resolution is to force a conflict between
libapache2-mod-auth-pam and apache2-mpm-worker, thus requiring the user
to use the prefork engine.
I expect this issue is actually a bug in pam_ldap or the LDAP libraries,
which may not be thread-safe, but I'm submitting it here because this is
the only location I see the problem manifesting itself.
Backtrace printed (from apache error.log):
*** glibc detected *** /usr/sbin/apache2: double free or corruption
(fasttop): 0x00007f2f8800d050 ***
======= Backtrace: =========
/lib/libc.so.6[0x7f2f954179a8]
/lib/libc.so.6(cfree+0x76)[0x7f2f95419ab6]
/usr/lib/libldap_r-2.4.so.2(ldap_pvt_tls_set_option+0x240)[0x7f2f95190d40]
/usr/lib/libldap_r-2.4.so.2(ldap_set_option+0x20d)[0x7f2f95186dbd]
/lib/security/pam_ldap.so[0x7f2f8d4d48fd]
/lib/security/pam_ldap.so[0x7f2f8d4d4ef3]
/lib/security/pam_ldap.so[0x7f2f8d4d52de]
/lib/security/pam_ldap.so[0x7f2f8d4d6b43]
/lib/security/pam_ldap.so(pam_sm_authenticate+0x26c)[0x7f2f8d4d6dbc]
/lib/libpam.so.0[0x7f2f90ce3c42]
/lib/libpam.so.0(pam_authenticate+0x43)[0x7f2f90ce3523]
/usr/lib/apache2/modules/mod_auth_pam.so[0x7f2f90eecff0]
/usr/sbin/apache2(ap_run_check_user_id+0x83)[0x434123]
/usr/sbin/apache2(ap_process_request_internal+0x2c4)[0x4363a4]
/usr/sbin/apache2(ap_sub_req_method_uri+0x108)[0x436bd8]
/usr/lib/apache2/modules/mod_dav_svn.so[0x7f2f8fa972f9]
/usr/lib/apache2/modules/mod_dav_svn.so[0x7f2f8fa9747d]
/usr/lib/libsvn_repos-1.so.1[0x7f2f8f8781ac]
/usr/lib/libsvn_repos-1.so.1[0x7f2f8f87934d]
/usr/lib/libsvn_repos-1.so.1(svn_repos_get_logs4+0x2b5)[0x7f2f8f87a135]
/usr/lib/apache2/modules/mod_dav_svn.so(dav_svn__log_report+0x233)[0x7f2f8fa9d443]
/usr/lib/apache2/modules/mod_dav.so[0x7f2f8fcbbdca]
/usr/sbin/apache2(ap_run_handler+0x83)[0x439153]
/usr/sbin/apache2(ap_invoke_handler+0x9f)[0x43c71f]
/usr/sbin/apache2(ap_process_request+0x18e)[0x44963e]
/usr/sbin/apache2[0x446768]
/usr/sbin/apache2(ap_run_process_connection+0x83)[0x440673]
/usr/sbin/apache2[0x44e521]
/usr/lib/libapr-1.so.0[0x7f2f9593aa5d]
/lib/libpthread.so.0[0x7f2f956fdfc7]
/lib/libc.so.6(clone+0x6d)[0x7f2f9547364d]
-- System Information:
Debian Release: 5.0.6
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.35 (SMP w/16 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages libapache2-mod-auth-pam depends on:
ii apache2.2-common 2.2.9-10+lenny8 Apache HTTP Server common files
ii libc6 2.7-18lenny6 GNU C Library: Shared libraries
ii libpam0g 1.0.1-5+lenny1 Pluggable Authentication
Modules l
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
