Skip site navigation (1) Skip section navigation (2)

BUG #5121: Segmentation Fault when using pam w/ krb5

From: "Ryan Douglas" <rdouglas(at)arbinet(dot)com>
To: pgsql-bugs(at)postgresql(dot)org
Subject: BUG #5121: Segmentation Fault when using pam w/ krb5
Date: 2009-10-15 20:45:54
Message-ID: 200910152045.n9FKjsMX090679@wwwmaster.postgresql.org (view raw or flat)
Thread:
Lists: pgsql-bugs
The following bug has been logged online:

Bug reference:      5121
Logged by:          Ryan Douglas
Email address:      rdouglas(at)arbinet(dot)com
PostgreSQL version: 8.4.1
Operating system:   Fedora 11
Description:        Segmentation Fault when using pam w/ krb5
Details: 

Whenever I use psql to remotely connect to the database the server crashes
(see log below). If I use psql with the '-W' option then it's fine. 

I also tested with pam_tacplus.so and in both cases the db didn't crash. It
just complained about not having credentials to authenticate when the -W
option is not used.

I can reproduce at will so let me know if you need more information.




----- pam configuration

auth       sufficient           pam_krb5.so no_user_check
account    required             pam_permit.so
session    required             pam_permit.so



-------- postgresql log -with krb5 configured in pam ------

<[unknown](at)[unknown]  2009-10-15 16:21:11.939 EDT>LOG:  connection received:
host=10.0.20.38 port=42662
<rdouglas(at)tacacs 10.0.20.38(42662) 2009-10-15 16:21:11.982 EDT>LOG:  could
not receive data from client: Connection reset by peer
<@  2009-10-15 16:21:11.987 EDT>LOG:  server process (PID 16978) was
terminated by signal 11: Segmentation fault
<@  2009-10-15 16:21:11.987 EDT>LOG:  terminating any other active server
processes
<@  2009-10-15 16:21:11.989 EDT>LOG:  all server processes terminated;
reinitializing
<@  2009-10-15 16:21:12.109 EDT>LOG:  database system was interrupted; last
known up at 2009-10-15 16:21:07 EDT
<@  2009-10-15 16:21:12.109 EDT>LOG:  database system was not properly shut
down; automatic recovery in progress
<@  2009-10-15 16:21:12.110 EDT>LOG:  record with zero length at 3/B7C396B8
<@  2009-10-15 16:21:12.110 EDT>LOG:  redo is not required
<@  2009-10-15 16:21:12.137 EDT>LOG:  database system is ready to accept
connections
<@  2009-10-15 16:21:12.137 EDT>LOG:  autovacuum launcher started



-------- postgresql log -with tacplus configured in pam ------

<[unknown](at)[unknown]  2009-10-15 16:41:01.544 EDT>LOG:  connection received:
host=10.0.20.38 port=58894
<rdouglas(at)tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.575 EDT>LOG:  could
not receive data from client: Connection reset by peer
<rdouglas(at)tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.576 EDT>LOG: 
pam_authenticate failed: Insufficient credentials to access authentication
data
<rdouglas(at)tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.576 EDT>FATAL:  PAM
authentication failed for user "rdouglas"
<[unknown](at)[unknown]  2009-10-15 16:41:05.298 EDT>LOG:  connection received:
host=10.0.20.38 port=58895
<rdouglas(at)tacacs 10.0.20.38(58895) 2009-10-15 16:41:05.681 EDT>LOG: 
connection authorized: user=rdouglas database=tacacs



---- /var/log/messages ----

Oct 15 16:21:07 va-mp-db02 kernel: postgres[16971]: segfault at 0 ip
0000000000559624 sp 00007fff43dbe180 error 4 in postgres[400000+439000]
Oct 15 16:21:11 va-mp-db02 kernel: postgres[16978]: segfault at 0 ip
0000000000559624 sp 00007fff43dbe180 error 4 in postgres[400000+439000]
-

Responses

pgsql-bugs by date

Next:From: Steve McLellanDate: 2009-10-15 21:07:09
Subject: Re: BUG #5120: Performance difference between running a query with named cursor and straight SELECT
Previous:From: Tom LaneDate: 2009-10-15 20:36:04
Subject: Re: BUG #5120: Performance difference between running a query with named cursor and straight SELECT

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group