reassign 495806 pam retitle segfault in pam_unix.so on pam_authenticate call thanks
Hi Steve,
* Steve Langasek <[EMAIL PROTECTED]> [2008-08-20 19:53]:
> On Wed, Aug 20, 2008 at 10:13:25AM -0500, Troy Davis wrote:
[...]
> > Screen has started accepting any password at all at the locked screen prompt
> > on my testing box. I do not know when exactly this behavior started; I just
> > noticed it today. A different box running etch works as expected, i.e. only
> > unlocking when the user's system password is entered.
>
> > I have tested this with multiple users on the lenny box. Searching the
> > Debian screen bug reports and the screen-users mailing list turns up
> > nothing. The only thing I can guess right now is that it might have
> > something to do with new pam packages in testing. User error is always a
> > possibility, too. ;-)
>
> I've had a look to see if this is reproducible here, and it is. Poking
> around in the logs, I see:
>
> Aug 20 10:13:51 borges kernel: [336995.492721] screen[16067]: segfault at 0
> ip 7f69c4ff90fa sp 7fffcfcbcc50 error 4 in pam_unix.so[7f69c4fef000+c000]
>
> So it looks like the auth process is segfaulting, resulting in the unlocking
> of the screen.
>
> Will continue investigating.
It looks like a pam problem. I couldn't reproduce this with
pam 0.99.7.1-7 but can with 1.0.1-2.
From screen (attacher.c):
875 #ifdef USE_PAM
876 PAM_conversation.appdata_ptr = cp1;
877 pam_error = pam_start("screen", ppp->pw_name, &PAM_conversation,
&pamh);
878 if (pam_error != PAM_SUCCESS)
879 AttacherFinit(SIGARG); /* goodbye */
880 pam_error = pam_authenticate(pamh, 0);
881 pam_end(pamh, pam_error);
882 PAM_conversation.appdata_ptr = 0;
883 if (pam_error == PAM_SUCCESS)
884 break;
885 #else
This is done in a loop to check the password.
A similar piece of code exists in
/usr/share/doc/libpam0g-dev/examples/check_user.c.
[EMAIL PROTECTED]:/tmp$] cp /usr/share/doc/libpam0g-dev/examples/check_user.c .
[EMAIL PROTECTED]:/tmp$] gcc -lpam -lpam_misc check_user.c -o check_user
[EMAIL PROTECTED]:/tmp$] ./check_user nion; date; tail -1 /var/log/kern.log
Authenticated
Mi 20. Aug 20:01:40 CEST 2008
Aug 20 20:01:40 coredump kernel: [1073387.605090] check_user[20665]: segfault
at 0 ip 7f9a2ebf40f9 sp 7fff37983980 error 4 in pam_unix.so[7f9a2ebea000+c000]
The segfault happens on the pam_authenticate call as far as I can see.
Reassigning to pam...
HTH,
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpTSPB52zqVW.pgp
Description: PGP signature
