[Bug 1327268] [NEW] sudo-ldap segfaults in 14.04 if ldap is being used
Raubvogel
1327268 at bugs.launchpad.net
Fri Jun 6 15:49:53 UTC 2014
Public bug reported:
NOTE: I was asked in
https://answers.launchpad.net/ubuntu/+source/sudo/+question/249819 to
report this as a bug.
raub at testfirewall:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04 LTS
Release: 14.04
Codename: trusty
raub at testfirewall:~$ uname -a
Linux testfirewall 3.13.0-27-generic #50-Ubuntu SMP Thu May 15 18:06:16 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
raub at testfirewall:~$
and have before upgrading to 14.04 been using sudo-ldap so network
admins can do some work. However, in 14.04, I am seeing
raub at testfirewall:~$ sudo pwd
sudo: LDAP Config Summary
sudo: ===================
sudo: uri ldap://kdc.domain.com ldap://kdc2.domain.com
sudo: ldap_version 3
sudo: sudoers_base ou=SUDOers,dc=domain,dc=com
sudo: binddn (anonymous)
sudo: bindpw (anonymous)
sudo: bind_timelimit 3
sudo: timelimit 3
sudo: deref 0
sudo: ssl start_tls
sudo: tls_cacertfile /etc/ssl/certs/ca-certificates.crt
sudo: use_sasl yes
sudo: sasl_auth_id (NONE)
sudo: rootuse_sasl -1
sudo: rootsasl_auth_id (NONE)
sudo: sasl_secprops (NONE)
sudo: krb5_ccname FILE:/tmp/host.tkt
sudo: ===================
sudo: ldap_set_option: debug -> 0
sudo: ldap_set_option: tls_cacertfile -> /etc/ssl/certs/ca-certificates.crt
sudo: ldap_set_option: tls_cacert -> /etc/ssl/certs/ca-certificates.crt
sudo: ldap_initialize(ld, ldap://kdc.domain.com ldap://kdc2.domain.com)
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_set_option: timelimit -> 3
sudo: ldap_set_option(LDAP_OPT_TIMEOUT, 3)
sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 3)
sudo: ldap_start_tls_s() ok
sudo: sudo_ldap_sasl_interact: SASL_CB_USER
Segmentation fault (core dumped)
raub at testfirewall:~$
>From syslog:
Jun 5 15:16:26 testfirewall kernel: [2068248.457275] sudo[22925]: segfault at 0 ip 00007f2feb02692a sp 00007ffff55073b8 error 4 in libc-2.19.so[7f2feaf9d000+1bc000]
That affects both local and network users *and* was observed in a new
install and an upgrade from 12.04LTS. Now, if I disable ldap for sudoers
in /etc/nsswitch.conf,
# sudoers: files ldap
sudoers: files
I can sudo from a local user with sudo rights. What am I missing here?
** Affects: sudo (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1327268
Title:
sudo-ldap segfaults in 14.04 if ldap is being used
Status in “sudo” package in Ubuntu:
New
Bug description:
NOTE: I was asked in
https://answers.launchpad.net/ubuntu/+source/sudo/+question/249819 to
report this as a bug.
raub at testfirewall:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04 LTS
Release: 14.04
Codename: trusty
raub at testfirewall:~$ uname -a
Linux testfirewall 3.13.0-27-generic #50-Ubuntu SMP Thu May 15 18:06:16 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
raub at testfirewall:~$
and have before upgrading to 14.04 been using sudo-ldap so network
admins can do some work. However, in 14.04, I am seeing
raub at testfirewall:~$ sudo pwd
sudo: LDAP Config Summary
sudo: ===================
sudo: uri ldap://kdc.domain.com ldap://kdc2.domain.com
sudo: ldap_version 3
sudo: sudoers_base ou=SUDOers,dc=domain,dc=com
sudo: binddn (anonymous)
sudo: bindpw (anonymous)
sudo: bind_timelimit 3
sudo: timelimit 3
sudo: deref 0
sudo: ssl start_tls
sudo: tls_cacertfile /etc/ssl/certs/ca-certificates.crt
sudo: use_sasl yes
sudo: sasl_auth_id (NONE)
sudo: rootuse_sasl -1
sudo: rootsasl_auth_id (NONE)
sudo: sasl_secprops (NONE)
sudo: krb5_ccname FILE:/tmp/host.tkt
sudo: ===================
sudo: ldap_set_option: debug -> 0
sudo: ldap_set_option: tls_cacertfile -> /etc/ssl/certs/ca-certificates.crt
sudo: ldap_set_option: tls_cacert -> /etc/ssl/certs/ca-certificates.crt
sudo: ldap_initialize(ld, ldap://kdc.domain.com ldap://kdc2.domain.com)
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_set_option: timelimit -> 3
sudo: ldap_set_option(LDAP_OPT_TIMEOUT, 3)
sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 3)
sudo: ldap_start_tls_s() ok
sudo: sudo_ldap_sasl_interact: SASL_CB_USER
Segmentation fault (core dumped)
raub at testfirewall:~$
From syslog:
Jun 5 15:16:26 testfirewall kernel: [2068248.457275] sudo[22925]: segfault at 0 ip 00007f2feb02692a sp 00007ffff55073b8 error 4 in libc-2.19.so[7f2feaf9d000+1bc000]
That affects both local and network users *and* was observed in a new
install and an upgrade from 12.04LTS. Now, if I disable ldap for
sudoers in /etc/nsswitch.conf,
# sudoers: files ldap
sudoers: files
I can sudo from a local user with sudo rights. What am I missing here?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1327268/+subscriptions
More information about the foundations-bugs
mailing list