From owner-freebsd-security@freebsd.org Sun Nov 13 09:39:14 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 90DD7C3B989 for ; Sun, 13 Nov 2016 09:39:14 +0000 (UTC) (envelope-from ahicks@p-o.co.uk) Received: from cl-1954.lon-02.gb.sixxs.net (cl-1954.lon-02.gb.sixxs.net [IPv6:2a01:348:6:7a1::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5413D8F3 for ; Sun, 13 Nov 2016 09:39:14 +0000 (UTC) (envelope-from ahicks@p-o.co.uk) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=p-o.co.uk; s=mail; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version: Date:Message-ID:From:References:To:Subject:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=izyfBG28CCqMj1mCc4igBNHlzZDW/FcTFPQUfL/qX0U=; b=cmwZkwz2ngFDNncSwJkZ6Ul+sU fNVk8EVpqf+XSDdfSGdUY+lpkm/OwCK5450S3+wSWXPj7PGBaVQ2BKCrXTLMsouKz1tezXQ1c86fP XIYd3HAA4sZHnd9cIrapmNN0MI2oM/pznO9JgGDwAweLZDVvDBgZ0ccRn4XMq8xFUspY=; Received: from verdi.p-o.co.uk ([2a01:348:6:87a1::5]) by p-o.co.uk with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.87 (FreeBSD)) (envelope-from ) id 1c5rEP-0003y7-TJ; Sun, 13 Nov 2016 09:37:48 +0000 Subject: Re: I have no name prompt and no passwords recognized To: Ronny Forberger , freebsd-security@freebsd.org References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> From: Alan Hicks Organization: Persistent Objects Ltd Message-ID: <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> Date: Sun, 13 Nov 2016 09:37:44 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Authenticated-As: uid=alan X-Spam-Score: -3.9 (---) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Nov 2016 09:39:14 -0000 On 12/11/2016 17:07, Ronny Forberger wrote: > Hi, > I am using SSSD and FreeBSD to authenticate against samba4. > I used this howto setting all up: > http://serverfault.com/questions/599200/how-to-integrate-active-directory-with-freebsd-10-0-using-security-sssd > > But when I want to logon using password, i.e. via dovecot I get wrong password. > Neigher can I use sudo typing the correct samba4 password. > > Also I get a prompt [I have no name!@HOSTNAME] and my files, which I chowned & > chgrped to the samba user and group only show IDs as owner. This means the system does not know who you are. What authentication system are you using? For example using net/nss-pam-ldap here gives the same error when ldap goes away or upgrading ports. Restarting the authentication service restores access here. > > Any ideas how to solve this? Can this maybe be a permission problem with some > file for sssd / NSS which an unprivileged user cannot read? > > Best regards, > Ronny Forberger > ___________________________________ > Ronny Forberger > ronnyforberger at ronnyforberger.de > PGP: http://www.ronnyforberger.de/pgp/email-encryption.html > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > Regards, Alan From owner-freebsd-security@freebsd.org Sun Nov 13 10:29:14 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 31205C3DF76 for ; Sun, 13 Nov 2016 10:29:14 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from wp112.webpack.hosteurope.de (wp112.webpack.hosteurope.de [80.237.132.119]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E9D671931 for ; Sun, 13 Nov 2016 10:29:13 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from app03.ox.hosteurope.de ([92.51.170.10]); authenticated by wp112.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:128) id 1c5s2A-00048T-Gr; Sun, 13 Nov 2016 11:29:10 +0100 Date: Sun, 13 Nov 2016 11:29:10 +0100 (CET) From: Ronny Forberger Reply-To: Ronny Forberger To: Alan Hicks , Alan Hicks via freebsd-security Message-ID: <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> In-Reply-To: <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> Subject: Re: I have no name prompt and no passwords recognized MIME-Version: 1.0 X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.6.2-Rev61 X-Originating-Client: com.openexchange.ox.gui.dhtml X-bounce-key: webpack.hosteurope.de; ronnyforberger@ronnyforberger.de; 1479032954; 3135f182; Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Nov 2016 10:29:14 -0000 Hi, > Alan Hicks via freebsd-security hat am 13. > November 2016 um 10:37 geschrieben: > > > > On 12/11/2016 17:07, Ronny Forberger wrote: > > Hi, > > I am using SSSD and FreeBSD to authenticate against samba4. > > I used this howto setting all up: > > http://serverfault.com/questions/599200/how-to-integrate-active-directory-with-freebsd-10-0-using-security-sssd > > > > But when I want to logon using password, i.e. via dovecot I get wrong > > password. > > Neigher can I use sudo typing the correct samba4 password. > > > > Also I get a prompt [I have no name!@HOSTNAME] and my files, which I chowned > > & > > chgrped to the samba user and group only show IDs as owner. > This means the system does not know who you are. What authentication > system are you using? For example using net/nss-pam-ldap here gives the > same error when ldap goes away or upgrading ports. Restarting the > authentication service restores access here. I am using sssd but restarting sssd didn't help. Any other ideas? > > > > > Any ideas how to solve this? Can this maybe be a permission problem with > > some > > file for sssd / NSS which an unprivileged user cannot read? > > > > Best regards, > > Ronny Forberger > > ___________________________________ > > Ronny Forberger > > ronnyforberger at ronnyforberger.de > > PGP: http://www.ronnyforberger.de/pgp/email-encryption.html > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > > > > Regards, > Alan > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > Best regards, Ronny ___________________________________ Ronny Forberger ronnyforberger at ronnyforberger.de PGP: http://www.ronnyforberger.de/pgp/email-encryption.html From owner-freebsd-security@freebsd.org Sun Nov 13 16:05:00 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E370BC3FB72 for ; Sun, 13 Nov 2016 16:05:00 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from wp112.webpack.hosteurope.de (wp112.webpack.hosteurope.de [80.237.132.119]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A726013DC for ; Sun, 13 Nov 2016 16:05:00 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from app03.ox.hosteurope.de ([92.51.170.10]); authenticated by wp112.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:128) id 1c5xH7-0005Jm-2z; Sun, 13 Nov 2016 17:04:57 +0100 Date: Sun, 13 Nov 2016 17:04:57 +0100 (CET) From: Ronny Forberger Reply-To: Ronny Forberger To: Alan Hicks , Alan Hicks via freebsd-security Message-ID: <1803625585.420825.1479053097091.JavaMail.open-xchange@app03.ox.hosteurope.de> In-Reply-To: <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> Subject: Re: I have no name prompt and no passwords recognized MIME-Version: 1.0 X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.6.2-Rev61 X-Originating-Client: com.openexchange.ox.gui.dhtml X-bounce-key: webpack.hosteurope.de; ronnyforberger@ronnyforberger.de; 1479053100; ef3cf6b1; Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Nov 2016 16:05:01 -0000 > Ronny Forberger hat am 13. November 2016 um > 11:29 geschrieben: > > Hi, > > > Alan Hicks via freebsd-security hat am 13. > > November 2016 um 10:37 geschrieben: > > > > > > > > On 12/11/2016 17:07, Ronny Forberger wrote: > > > Hi, > > > I am using SSSD and FreeBSD to authenticate against samba4. > > > I used this howto setting all up: > > > http://serverfault.com/questions/599200/how-to-integrate-active-directory-with-freebsd-10-0-using-security-sssd > > > > > > But when I want to logon using password, i.e. via dovecot I get wrong > > > password. > > > Neigher can I use sudo typing the correct samba4 password. > > > > > > Also I get a prompt [I have no name!@HOSTNAME] and my files, which I > > > chowned & > > > chgrped to the samba user and group only show IDs as owner. > > This means the system does not know who you are. What authentication > > system are you using? For example using net/nss-pam-ldap here gives the > > same error when ldap goes away or upgrading ports. Restarting the > > authentication service restores access here. > > I am using sssd but restarting sssd didn't help. Any other ideas? > I found out, that /var/run/sss needed mode 0755. But I still can't use passwords. My /etc/pam.d/system looks like: # auth auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn allow_local #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass auth sufficient /usr/local/lib/pam_sss.so auth required pam_unix.so no_warn try_first_pass nullok # account #account required pam_krb5.so account required pam_login_access.so account required pam_unix.so account required /usr/local/lib/pam_sss.so ignore_unknown_user # session #session optional pam_ssh.so want_agent session required pam_lastlog.so no_fail session optional /usr/local/lib/pam_sss.so # password #password sufficient pam_krb5.so no_warn try_first_pass password sufficient /usr/local/lib/pam_sss.so use_authtok password required pam_unix.so no_warn try_first_pass What am I doing wrong? Best regards, Ronny > > > > > > > > Any ideas how to solve this? Can this maybe be a permission problem with > > > some > > > file for sssd / NSS which an unprivileged user cannot read? > > > > > > Best regards, > > > Ronny Forberger > > > ___________________________________ > > > Ronny Forberger > > > ronnyforberger at ronnyforberger.de > > > PGP: http://www.ronnyforberger.de/pgp/email-encryption.html > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > https://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to > > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > > Regards, > > Alan > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > > > Best regards, > Ronny > ___________________________________ > Ronny Forberger > ronnyforberger at ronnyforberger.de > PGP: http://www.ronnyforberger.de/pgp/email-encryption.html > ___________________________________ Ronny Forberger ronnyforberger at ronnyforberger.de PGP: http://www.ronnyforberger.de/pgp/email-encryption.html From owner-freebsd-security@freebsd.org Sun Nov 13 16:06:00 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 18EEEC3FC4D for ; Sun, 13 Nov 2016 16:06:00 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from wp112.webpack.hosteurope.de (wp112.webpack.hosteurope.de [80.237.132.119]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D1C451598 for ; Sun, 13 Nov 2016 16:05:59 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from app03.ox.hosteurope.de ([92.51.170.10]); authenticated by wp112.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:128) id 1c5xI6-0005Tc-6X; Sun, 13 Nov 2016 17:05:58 +0100 Date: Sun, 13 Nov 2016 17:05:58 +0100 (CET) From: Ronny Forberger Reply-To: Ronny Forberger To: Alan Hicks via freebsd-security Message-ID: <1177095935.420844.1479053158201.JavaMail.open-xchange@app03.ox.hosteurope.de> In-Reply-To: <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> Subject: Re: I have no name prompt and no passwords recognized MIME-Version: 1.0 X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.6.2-Rev61 X-Originating-Client: com.openexchange.ox.gui.dhtml X-bounce-key: webpack.hosteurope.de; ronnyforberger@ronnyforberger.de; 1479053159; b270eb9d; Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Nov 2016 16:06:00 -0000 > Ronny Forberger hat am 13. November 2016 um > 11:29 geschrieben: > > Hi, > > > Alan Hicks via freebsd-security hat am 13. > > November 2016 um 10:37 geschrieben: > > > > > > > > On 12/11/2016 17:07, Ronny Forberger wrote: > > > Hi, > > > I am using SSSD and FreeBSD to authenticate against samba4. > > > I used this howto setting all up: > > > http://serverfault.com/questions/599200/how-to-integrate-active-directory-with-freebsd-10-0-using-security-sssd > > > > > > But when I want to logon using password, i.e. via dovecot I get wrong > > > password. > > > Neigher can I use sudo typing the correct samba4 password. > > > > > > Also I get a prompt [I have no name!@HOSTNAME] and my files, which I > > > chowned & > > > chgrped to the samba user and group only show IDs as owner. > > This means the system does not know who you are. What authentication > > system are you using? For example using net/nss-pam-ldap here gives the > > same error when ldap goes away or upgrading ports. Restarting the > > authentication service restores access here. > > I am using sssd but restarting sssd didn't help. Any other ideas? > I found out, that /var/run/sss needed mode 0755. But I still can't use passwords. My /etc/pam.d/system looks like: # auth auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn allow_local #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass auth sufficient /usr/local/lib/pam_sss.so auth required pam_unix.so no_warn try_first_pass nullok # account #account required pam_krb5.so account required pam_login_access.so account required pam_unix.so account required /usr/local/lib/pam_sss.so ignore_unknown_user # session #session optional pam_ssh.so want_agent session required pam_lastlog.so no_fail session optional /usr/local/lib/pam_sss.so # password #password sufficient pam_krb5.so no_warn try_first_pass password sufficient /usr/local/lib/pam_sss.so use_authtok password required pam_unix.so no_warn try_first_pass What am I doing wrong? Best regards, Ronny > > > > > > > > Any ideas how to solve this? Can this maybe be a permission problem with > > > some > > > file for sssd / NSS which an unprivileged user cannot read? > > > > > > Best regards, > > > Ronny Forberger > > > ___________________________________ > > > Ronny Forberger > > > ronnyforberger at ronnyforberger.de > > > PGP: http://www.ronnyforberger.de/pgp/email-encryption.html > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > https://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to > > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > > Regards, > > Alan > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > > > Best regards, > Ronny > ___________________________________ > Ronny Forberger > ronnyforberger at ronnyforberger.de > PGP: http://www.ronnyforberger.de/pgp/email-encryption.html > ___________________________________ Ronny Forberger ronnyforberger at ronnyforberger.de PGP: http://www.ronnyforberger.de/pgp/email-encryption.html From owner-freebsd-security@freebsd.org Sun Nov 13 22:22:51 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 087B2C4078B for ; Sun, 13 Nov 2016 22:22:51 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EC7C0194F for ; Sun, 13 Nov 2016 22:22:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uADMMoUp095428 for ; Sun, 13 Nov 2016 22:22:50 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-security@FreeBSD.org Subject: [Bug 214488] mqueuefs mq_setattr() leaks stack memory Date: Sun, 13 Nov 2016 22:22:50 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vlad902+spam@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter cc attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Mailman-Approved-At: Sun, 13 Nov 2016 23:13:33 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Nov 2016 22:22:51 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214488 Bug ID: 214488 Summary: mqueuefs mq_setattr() leaks stack memory Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: vlad902+spam@gmail.com CC: freebsd-security@FreeBSD.org Created attachment 176971 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D176971&action= =3Dedit Example trigger In kern/uipc_mqueue.c, sys_kmq_setattr() calls kern_kmq_setattr() to fill o= ut a struct mq_attr before copying it back to userland; however, kern_kmq_setatt= r() does not zero the struct or clear the __reserved field, leaking 4 words wor= th of uninitialized stack memory. The same goes for freebsd32_kmq_setattr exce= pt it's mq_attr_to32() that does not clear __reserved in struct mq_attr32. The mqueuefs kernel module needs to be loaded to reach this code. Example c= ode is attached to dump leaked memory. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-security@freebsd.org Mon Nov 14 09:26:39 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0B3BAC40A06 for ; Mon, 14 Nov 2016 09:26:39 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id CA1F41F41 for ; Mon, 14 Nov 2016 09:26:38 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 8ACCEB795; Mon, 14 Nov 2016 09:26:30 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id 842F2420E; Mon, 14 Nov 2016 10:26:25 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Ronny Forberger Cc: Alan Hicks via freebsd-security Subject: Re: I have no name prompt and no passwords recognized References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> <1177095935.420844.1479053158201.JavaMail.open-xchange@app03.ox.hosteurope.de> Date: Mon, 14 Nov 2016 10:26:25 +0100 Message-ID: <8660nq9zum.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2016 09:26:39 -0000 Ronny Forberger writes: > # auth > auth sufficient pam_opie.so no_warn no_fake_prompts > auth requisite pam_opieaccess.so no_warn allow_local > #auth sufficient pam_krb5.so no_warn try_first_pass > #auth sufficient pam_ssh.so no_warn try_first_pass > auth sufficient /usr/local/lib/pam_sss.so > auth required pam_unix.so no_warn try_first_pass nullok I don't have the answer to your question, but I'd like to point out that you don't need to include the full path to the module. PAM will look in /usr/local/lib if it can't find the module in /usr/lib. You can even leave out the .so suffix (since OpenPAM Nummularia / FreeBSD 9.3) Two other things: 1) make sure the service you're trying to use actually uses the system policy or a policy that includes it (sshd doesn't) and 2) if you add the "debug" keyword to every pam_sss line in your PAM policy, OpenPAM will log every call to the pam_sss module, everything it does on behalf of that module, and the outcome of the call through syslog (by default, it should go to /var/log/debug.log). DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Mon Nov 14 10:32:17 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9DC31C3EBCF for ; Mon, 14 Nov 2016 10:32:17 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from wp112.webpack.hosteurope.de (wp112.webpack.hosteurope.de [80.237.132.119]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6183A1C7D for ; Mon, 14 Nov 2016 10:32:16 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from app09.ox.hosteurope.de ([92.51.170.23]); authenticated by wp112.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:128) id 1c6EYZ-0001Q6-KP; Mon, 14 Nov 2016 11:32:07 +0100 Date: Mon, 14 Nov 2016 11:32:07 +0100 (CET) From: Ronny Forberger Reply-To: Ronny Forberger To: =?UTF-8?Q?Dag-Erling_Sm=C3=B8rgrav?= Cc: Alan Hicks via freebsd-security Message-ID: <2044110189.404917.1479119527631.JavaMail.open-xchange@app09.ox.hosteurope.de> In-Reply-To: <8660nq9zum.fsf@desk.des.no> References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> <1177095935.420844.1479053158201.JavaMail.open-xchange@app03.ox.hosteurope.de> <8660nq9zum.fsf@desk.des.no> Subject: Re: I have no name prompt and no passwords recognized MIME-Version: 1.0 X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.6.2-Rev61 X-Originating-Client: com.openexchange.ox.gui.dhtml X-bounce-key: webpack.hosteurope.de; ronnyforberger@ronnyforberger.de; 1479119537; 3ddb98dc; Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2016 10:32:17 -0000 =20 > Dag-Erling Sm=C3=B8rgrav hat am 14. November 2016 um 10:26 > geschrieben: > > > Ronny Forberger writes: > > # auth > > auth sufficient pam_opie.so no_warn no_fake_prompts > > auth requisite pam_opieaccess.so no_warn allow_local > > #auth sufficient pam_krb5.so no_warn try_first_pass > > #auth sufficient pam_ssh.so no_warn try_first_pass > > auth sufficient /usr/local/lib/pam_sss.so > > auth required pam_unix.so no_warn try_first_pass nullok > > I don't have the answer to your question, but I'd like to point out that > you don't need to include the full path to the module. PAM will look in > /usr/local/lib if it can't find the module in /usr/lib. You can even > leave out the .so suffix (since OpenPAM Nummularia / FreeBSD 9.3) ok > > Two other things: 1) make sure the service you're trying to use actually > uses the system policy or a policy that includes it (sshd doesn't) and =20 I am using sudo with password and it should use the system policy. > 2) if you add the "debug" keyword to every pam_sss line in your PAM > policy, OpenPAM will log every call to the pam_sss module, everything it > does on behalf of that module, and the outcome of the call through > syslog (by default, it should go to /var/log/debug.log). =20 My /var/log/debug.log only says: =20 Nov 13 17:31:59 macy sudo: in openpam_dispatch(): /usr/local/lib/pam_sss.so= : pam_sm_authenticate(): authentication error Nov 13 17:32:01 macy su: in openpam_dispatch(): calling pam_sm_setcred() in /usr/local/lib/pam_sss.so Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_SERVICE Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_USER Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_TTY Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_RUSER Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_RHOST Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_set_data(): entering: 'pam_sss:fd_destructo= r' Nov 13 17:32:01 macy su: in pam_set_data(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in openpam_dispatch(): /usr/local/lib/pam_sss.so: pam_sm_setcred(): success =20 What can be wrong? =20 Best regards, Ronny > > DES > -- > Dag-Erling Sm=C3=B8rgrav - des@des.no > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g" ___________________________________ Ronny Forberger ronnyforberger at ronnyforberger.de PGP: http://www.ronnyforberger.de/pgp/email-encryption.html From owner-freebsd-security@freebsd.org Mon Nov 14 11:34:41 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88592C4146C for ; Mon, 14 Nov 2016 11:34:41 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 50295136 for ; Mon, 14 Nov 2016 11:34:40 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 93F78B9EA; Mon, 14 Nov 2016 11:34:39 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id 68E75421F; Mon, 14 Nov 2016 12:34:34 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Ronny Forberger Cc: Alan Hicks via freebsd-security Subject: Re: I have no name prompt and no passwords recognized References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> <1177095935.420844.1479053158201.JavaMail.open-xchange@app03.ox.hosteurope.de> <8660nq9zum.fsf@desk.des.no> <2044110189.404917.1479119527631.JavaMail.open-xchange@app09.ox.hosteurope.de> Date: Mon, 14 Nov 2016 12:34:34 +0100 In-Reply-To: <2044110189.404917.1479119527631.JavaMail.open-xchange@app09.ox.hosteurope.de> (Ronny Forberger's message of "Mon, 14 Nov 2016 11:32:07 +0100 (CET)") Message-ID: <861sye9tx1.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2016 11:34:41 -0000 Ronny Forberger writes: > My /var/log/debug.log only says: > > Nov 13 17:31:59 macy sudo: in openpam_dispatch(): /usr/local/lib/pam_sss.= so: pam_sm_authenticate(): authentication error There's a whole lot missing here. It should start with "calling pam_sm_authenticate()". DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Mon Nov 14 13:15:42 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BA0F5C3DDA2 for ; Mon, 14 Nov 2016 13:15:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A91A01F82 for ; Mon, 14 Nov 2016 13:15:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uAEDFghs032356 for ; Mon, 14 Nov 2016 13:15:42 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-security@FreeBSD.org Subject: [Bug 214488] mqueuefs mq_setattr() leaks stack memory Date: Mon, 14 Nov 2016 13:15:42 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: needs-qa, security X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: koobs@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: secteam@FreeBSD.org X-Bugzilla-Flags: mfc-stable9? mfc-stable10? mfc-stable11? X-Bugzilla-Changed-Fields: keywords flagtypes.name bug_status assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Mailman-Approved-At: Mon, 14 Nov 2016 15:31:58 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2016 13:15:42 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214488 Kubilay Kocak changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |needs-qa, security Flags| |mfc-stable9?, | |mfc-stable10?, | |mfc-stable11? Status|New |Open Assignee|freebsd-bugs@FreeBSD.org |secteam@FreeBSD.org --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-security@freebsd.org Mon Nov 14 13:20:47 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B77F8C3DED3 for ; Mon, 14 Nov 2016 13:20:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A6AD125D for ; Mon, 14 Nov 2016 13:20:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uAEDKlaH039209 for ; Mon, 14 Nov 2016 13:20:47 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-security@FreeBSD.org Subject: [Bug 214488] mqueuefs mq_setattr() leaks stack memory Date: Mon, 14 Nov 2016 13:20:47 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: needs-qa, security X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: secteam@FreeBSD.org X-Bugzilla-Flags: mfc-stable9? mfc-stable10? mfc-stable11? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Mailman-Approved-At: Mon, 14 Nov 2016 15:32:07 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2016 13:20:47 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214488 --- Comment #1 from commit-hook@freebsd.org --- A commit references this bug: Author: kib Date: Mon Nov 14 13:20:10 UTC 2016 New revision: 308642 URL: https://svnweb.freebsd.org/changeset/base/308642 Log: Initialize reserved bytes in struct mq_attr and its 32compat counterpart, to avoid kernel stack content leak in kmq_setattr(2) syscall. Also slightly simplify the checks around copyout()s. Reported by: Vlad Tsyrklevich PR: 214488 MFC after: 1 week Changes: head/sys/kern/uipc_mqueue.c --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-security@freebsd.org Mon Nov 14 16:04:03 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9D99CC401E9 for ; Mon, 14 Nov 2016 16:04:03 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from wp112.webpack.hosteurope.de (wp112.webpack.hosteurope.de [80.237.132.119]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 490ED22B for ; Mon, 14 Nov 2016 16:04:02 +0000 (UTC) (envelope-from ronnyforberger@ronnyforberger.de) Received: from app01.ox.hosteurope.de ([92.51.170.8]); authenticated by wp112.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:128) id 1c6Jjj-0003lK-2m; Mon, 14 Nov 2016 17:03:59 +0100 Date: Mon, 14 Nov 2016 17:03:59 +0100 (CET) From: Ronny Forberger Reply-To: Ronny Forberger To: =?UTF-8?Q?Dag-Erling_Sm=C3=B8rgrav?= Cc: Alan Hicks via freebsd-security Message-ID: <856562678.439183.1479139439084.JavaMail.open-xchange@app01.ox.hosteurope.de> In-Reply-To: <861sye9tx1.fsf@desk.des.no> References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> <1177095935.420844.1479053158201.JavaMail.open-xchange@app03.ox.hosteurope.de> <8660nq9zum.fsf@desk.des.no> <2044110189.404917.1479119527631.JavaMail.open-xchange@app09.ox.hosteurope.de> <861sye9tx1.fsf@desk.des.no> Subject: Re: I have no name prompt and no passwords recognized MIME-Version: 1.0 X-Priority: 3 Importance: Medium X-Mailer: Open-Xchange Mailer v7.6.2-Rev61 X-Originating-Client: com.openexchange.ox.gui.dhtml X-bounce-key: webpack.hosteurope.de; ronnyforberger@ronnyforberger.de; 1479139443; 85367a10; Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2016 16:04:03 -0000 =20 > Dag-Erling Sm=C3=B8rgrav hat am 14. November 2016 um 12:34 > geschrieben: > > > Ronny Forberger writes: > > My /var/log/debug.log only says: > > > > Nov 13 17:31:59 macy sudo: in openpam_dispatch(): /usr/local/lib/pam_ss= s.so: > > pam_sm_authenticate(): authentication error > > There's a whole lot missing here. It should start with "calling > pam_sm_authenticate()". =20 OK, here is the full log: =20 Nov 13 16:54:19 macy su: in openpam_dispatch(): calling pam_sm_setcred() in /usr/local/lib/pam_sss.so Nov 13 16:54:19 macy su: in pam_get_item(): entering: PAM_SERVICE Nov 13 16:54:19 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:19 macy su: in pam_get_item(): entering: PAM_USER Nov 13 16:54:19 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:19 macy su: in pam_get_item(): entering: PAM_TTY Nov 13 16:54:19 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:19 macy su: in pam_get_item(): entering: PAM_RUSER Nov 13 16:54:19 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:19 macy su: in pam_get_item(): entering: PAM_RHOST Nov 13 16:54:19 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:19 macy su: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 16:54:19 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:19 macy su: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 16:54:19 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:19 macy su: in pam_set_data(): entering: 'pam_sss:fd_destructo= r' Nov 13 16:54:19 macy su: in pam_set_data(): returning PAM_SUCCESS Nov 13 16:54:19 macy su: in openpam_dispatch(): /usr/local/lib/pam_sss.so: pam_sm_setcred(): success Nov 13 16:54:21 macy sudo: in openpam_dispatch(): calling pam_sm_authentica= te() in /usr/local/lib/pam_sss.so Nov 13 16:54:21 macy sudo: in pam_get_item(): entering: PAM_SERVICE Nov 13 16:54:21 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:21 macy sudo: in pam_get_item(): entering: PAM_USER Nov 13 16:54:21 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:21 macy sudo: in pam_get_item(): entering: PAM_TTY Nov 13 16:54:21 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:21 macy sudo: in pam_get_item(): entering: PAM_RUSER Nov 13 16:54:21 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:21 macy sudo: in pam_get_item(): entering: PAM_RHOST Nov 13 16:54:21 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:21 macy sudo: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 16:54:21 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:21 macy sudo: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 16:54:21 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:21 macy sudo: in pam_get_item(): entering: PAM_CONV Nov 13 16:54:21 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:24 macy sudo: in pam_set_data(): entering: 'pam_sss:fd_destruc= tor' Nov 13 16:54:24 macy sudo: in pam_set_data(): returning PAM_SUCCESS Nov 13 16:54:24 macy sudo: in openpam_dispatch(): /usr/local/lib/pam_sss.so= : pam_sm_authenticate(): system error Nov 13 16:54:26 macy su: in openpam_dispatch(): calling pam_sm_setcred() in /usr/local/lib/pam_sss.so Nov 13 16:54:26 macy su: in pam_get_item(): entering: PAM_SERVICE Nov 13 16:54:26 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:26 macy su: in pam_get_item(): entering: PAM_USER Nov 13 16:54:26 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:26 macy su: in pam_get_item(): entering: PAM_TTY Nov 13 16:54:26 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:26 macy su: in pam_get_item(): entering: PAM_RUSER Nov 13 16:54:26 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:26 macy su: in pam_get_item(): entering: PAM_RHOST Nov 13 16:54:26 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:26 macy su: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 16:54:26 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:26 macy su: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 16:54:26 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 16:54:26 macy su: in pam_set_data(): entering: 'pam_sss:fd_destructo= r' Nov 13 16:54:26 macy su: in pam_set_data(): returning PAM_SUCCESS Nov 13 16:54:26 macy su: in openpam_dispatch(): /usr/local/lib/pam_sss.so: pam_sm_setcred(): success Nov 13 17:31:50 macy su: in openpam_dispatch(): calling pam_sm_setcred() in /usr/local/lib/pam_sss.so Nov 13 17:31:50 macy su: in pam_get_item(): entering: PAM_SERVICE Nov 13 17:31:50 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:50 macy su: in pam_get_item(): entering: PAM_USER Nov 13 17:31:50 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:50 macy su: in pam_get_item(): entering: PAM_TTY Nov 13 17:31:50 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:50 macy su: in pam_get_item(): entering: PAM_RUSER Nov 13 17:31:50 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:50 macy su: in pam_get_item(): entering: PAM_RHOST Nov 13 17:31:50 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:50 macy su: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 17:31:50 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:50 macy su: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 17:31:50 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:50 macy su: in pam_set_data(): entering: 'pam_sss:fd_destructo= r' Nov 13 17:31:50 macy su: in pam_set_data(): returning PAM_SUCCESS Nov 13 17:31:50 macy su: in openpam_dispatch(): /usr/local/lib/pam_sss.so: pam_sm_setcred(): success Nov 13 17:31:52 macy sudo: in openpam_dispatch(): calling pam_sm_authentica= te() in /usr/local/lib/pam_sss.so Nov 13 17:31:52 macy sudo: in pam_get_item(): entering: PAM_SERVICE Nov 13 17:31:52 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:52 macy sudo: in pam_get_item(): entering: PAM_USER Nov 13 17:31:52 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:52 macy sudo: in pam_get_item(): entering: PAM_TTY Nov 13 17:31:52 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:52 macy sudo: in pam_get_item(): entering: PAM_RUSER Nov 13 17:31:52 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:52 macy sudo: in pam_get_item(): entering: PAM_RHOST Nov 13 17:31:52 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:52 macy sudo: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 17:31:52 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:52 macy sudo: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 17:31:52 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:52 macy sudo: in pam_set_data(): entering: 'pam_sss:fd_destruc= tor' Nov 13 17:31:52 macy sudo: in pam_set_data(): returning PAM_SUCCESS Nov 13 17:31:52 macy sudo: in openpam_dispatch(): /usr/local/lib/pam_sss.so= : pam_sm_authenticate(): authentication error Nov 13 17:31:55 macy sudo: in openpam_dispatch(): calling pam_sm_authentica= te() in /usr/local/lib/pam_sss.so Nov 13 17:31:55 macy sudo: in pam_get_item(): entering: PAM_SERVICE Nov 13 17:31:55 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:55 macy sudo: in pam_get_item(): entering: PAM_USER Nov 13 17:31:55 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:55 macy sudo: in pam_get_item(): entering: PAM_TTY Nov 13 17:31:55 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:55 macy sudo: in pam_get_item(): entering: PAM_RUSER Nov 13 17:31:55 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:55 macy sudo: in pam_get_item(): entering: PAM_RHOST Nov 13 17:31:55 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:55 macy sudo: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 17:31:55 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:55 macy sudo: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 17:31:55 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:55 macy sudo: in pam_set_data(): entering: 'pam_sss:fd_destruc= tor' Nov 13 17:31:55 macy sudo: in pam_set_data(): returning PAM_SUCCESS Nov 13 17:31:55 macy sudo: in openpam_dispatch(): /usr/local/lib/pam_sss.so= : pam_sm_authenticate(): authentication error Nov 13 17:31:59 macy sudo: in openpam_dispatch(): calling pam_sm_authentica= te() in /usr/local/lib/pam_sss.so Nov 13 17:31:59 macy sudo: in pam_get_item(): entering: PAM_SERVICE Nov 13 17:31:59 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:59 macy sudo: in pam_get_item(): entering: PAM_USER Nov 13 17:31:59 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:59 macy sudo: in pam_get_item(): entering: PAM_TTY Nov 13 17:31:59 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:59 macy sudo: in pam_get_item(): entering: PAM_RUSER Nov 13 17:31:59 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:59 macy sudo: in pam_get_item(): entering: PAM_RHOST Nov 13 17:31:59 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:59 macy sudo: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 17:31:59 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:59 macy sudo: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 17:31:59 macy sudo: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:31:59 macy sudo: in pam_set_data(): entering: 'pam_sss:fd_destruc= tor' Nov 13 17:31:59 macy sudo: in pam_set_data(): returning PAM_SUCCESS Nov 13 17:31:59 macy sudo: in openpam_dispatch(): /usr/local/lib/pam_sss.so= : pam_sm_authenticate(): authentication error Nov 13 17:32:01 macy su: in openpam_dispatch(): calling pam_sm_setcred() in /usr/local/lib/pam_sss.so Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_SERVICE Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_USER Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_TTY Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_RUSER Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_RHOST Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_AUTHTOK Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_get_item(): entering: PAM_OLDAUTHTOK Nov 13 17:32:01 macy su: in pam_get_item(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in pam_set_data(): entering: 'pam_sss:fd_destructo= r' Nov 13 17:32:01 macy su: in pam_set_data(): returning PAM_SUCCESS Nov 13 17:32:01 macy su: in openpam_dispatch(): /usr/local/lib/pam_sss.so: pam_sm_setcred(): success Best regards, Ronny > > DES > -- > Dag-Erling Sm=C3=B8rgrav - des@des.no > ___________________________________ Ronny Forberger ronnyforberger at ronnyforberger.de PGP: http://www.ronnyforberger.de/pgp/email-encryption.html From owner-freebsd-security@freebsd.org Mon Nov 14 16:10:43 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 32D59C40550 for ; Mon, 14 Nov 2016 16:10:43 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id EE5C08C0 for ; Mon, 14 Nov 2016 16:10:42 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 6F62ABF33; Mon, 14 Nov 2016 16:10:41 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id 5B6D64247; Mon, 14 Nov 2016 17:10:40 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Ronny Forberger Cc: Alan Hicks via freebsd-security Subject: Re: I have no name prompt and no passwords recognized References: <585949692.395252.1478970441730.JavaMail.open-xchange@app04.ox.hosteurope.de> <0ebb4aa6-58bd-4420-42fb-ba8bc2383243@p-o.co.uk> <1398329212.417534.1479032950521.JavaMail.open-xchange@app03.ox.hosteurope.de> <1177095935.420844.1479053158201.JavaMail.open-xchange@app03.ox.hosteurope.de> <8660nq9zum.fsf@desk.des.no> <2044110189.404917.1479119527631.JavaMail.open-xchange@app09.ox.hosteurope.de> <861sye9tx1.fsf@desk.des.no> <856562678.439183.1479139439084.JavaMail.open-xchange@app01.ox.hosteurope.de> Date: Mon, 14 Nov 2016 17:10:40 +0100 In-Reply-To: <856562678.439183.1479139439084.JavaMail.open-xchange@app01.ox.hosteurope.de> (Ronny Forberger's message of "Mon, 14 Nov 2016 17:03:59 +0100 (CET)") Message-ID: <86eg2eca9r.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Nov 2016 16:10:43 -0000 Ronny Forberger writes: > Nov 13 16:54:21 macy sudo: in openpam_dispatch(): calling pam_sm_authenti= cate() in /usr/local/lib/pam_sss.so > [...] > Nov 13 16:54:24 macy sudo: in openpam_dispatch(): /usr/local/lib/pam_sss.= so: pam_sm_authenticate(): system error So some sort of error occurred within the pam_sss module. Check /var/log/messages and /var/log/auth.log, and if there's nothing there you'll have to consult either the documentation or the code to see where it logs errors, or how to configure logging. As a last resort, you can try to ktrace a process that calls it and see what happens immediately before openpam_dispatch() logs that "system error" message. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Tue Nov 15 14:16:41 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0D10BC424AE for ; Tue, 15 Nov 2016 14:16:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ED1F9104C for ; Tue, 15 Nov 2016 14:16:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uAFEGd7k000531 for ; Tue, 15 Nov 2016 14:16:40 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-security@FreeBSD.org Subject: [Bug 214488] mqueuefs mq_setattr() leaks stack memory Date: Tue, 15 Nov 2016 14:16:40 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: security X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: koobs@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kib@FreeBSD.org X-Bugzilla-Flags: mfc-stable9? mfc-stable10? mfc-stable11? X-Bugzilla-Changed-Fields: assigned_to keywords bug_status cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Mailman-Approved-At: Tue, 15 Nov 2016 15:38:19 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Nov 2016 14:16:41 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214488 Kubilay Kocak changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|secteam@FreeBSD.org |kib@FreeBSD.org Keywords|needs-qa | Status|Open |In Progress CC| |secteam@FreeBSD.org --- Comment #2 from Kubilay Kocak --- Assign to committer resolving. Pending MFC --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-security@freebsd.org Tue Nov 15 14:17:31 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BAC88C4251C for ; Tue, 15 Nov 2016 14:17:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AA1A5107B for ; Tue, 15 Nov 2016 14:17:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uAFEHVtW001601 for ; Tue, 15 Nov 2016 14:17:31 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-security@FreeBSD.org Subject: [Bug 214488] mqueuefs mq_setattr() leaks stack memory Date: Tue, 15 Nov 2016 14:17:31 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: security X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: koobs@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kib@FreeBSD.org X-Bugzilla-Flags: mfc-stable9? mfc-stable10? mfc-stable11? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Mailman-Approved-At: Tue, 15 Nov 2016 15:38:30 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Nov 2016 14:17:31 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214488 --- Comment #3 from Kubilay Kocak --- @Konstantin If this needs an SA or other post-commit actions, please re-ass= ign as necessary. --=20 You are receiving this mail because: You are on the CC list for the bug.=