Date: Tue, 15 May 2007 23:00:23 GMT From: Chris Cowart<ccowart@rescomp.berkeley.edu> To: freebsd-gnats-submit@FreeBSD.org Subject: i386/112695: segfault in pam_lastlog on sshd exit when no pty allocated Message-ID: <200705152300.l4FN0Nl6014039@www.freebsd.org> Resent-Message-ID: <200705152310.l4FNA7Ae077535@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 112695 >Category: i386 >Synopsis: segfault in pam_lastlog on sshd exit when no pty allocated >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue May 15 23:10:06 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Chris Cowart >Release: 6_1_RELEASE >Organization: RSSP-IT, UC Berkeley >Environment: FreeBSD mug.rescomp.berkeley.edu 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Sun May 21 23:35:28 PDT 2006 root@mug.rescomp.berkeley.edu:/usr/obj/usr/src/sys/NEWMUG0 i386 >Description: When I ssh into FreeBSD hosts without allocating a tty, sshd segfaults after the process terminates. This problem occurs on both 6_1_REL and 6_2_REL installations at all sorts of patch levels. Examples: Client: `ssh -t server ls` Server Logs: | May 9 15:33:44 server sshd[1503]: Accepted publickey for ccowart from | client port 43604 ssh2 | May 9 15:33:45 server sshd[1505]: pam_sm_close_session(): no utmp | record for ttyp5 Client: `ssh server ls` Server Logs: | May 9 15:33:50 server sshd[1509]: Accepted publickey for ccowart from | client port 42119 ssh2 | May 9 15:33:51 server pid 1511 (sshd), uid 1225: exited on signal 11 In either example, the client thinks the command has completed successfully, shows proper output, and propogates the return value from the remote command. The main problem is I don't like seeing a bunch of segfaults being logged in the daily run output. >How-To-Repeat: Uncommenting one rule at a time in my pam stack, I discovered the culprit: pam_lastlog The session section of my system pam configuration looks like this: | # session | session required pam_lastlog.so no_fail | session optional /usr/local/lib/pam_ldap.so no_warn When I comment out the pam_lastlog, the segfaults vanish. When I change the entire pam stack to pam_permit, with the exception of pam_lastlog, the segfaults still occur. >Fix: No known solution. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200705152300.l4FN0Nl6014039>