[Bug 1779962] Re: rpc.gssd truncates 32-bit UIDs/GIDs to 16 bits, leading to "Key has expired" errors when using kerberos
Steve Dickson
1779962 at bugs.launchpad.net
Tue Jul 17 19:25:38 UTC 2018
Here is the patch I'm about to propose to upstream.
Sree, if possible, could please test this patch?
Also I would like to give you the "Author" credit
but I don't see a public email address.
** Patch added: "0001-rpc.gssd-truncates-32-bit-UIDs-GIDs-to-16-bits-archi.patch"
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1779962/+attachment/5164628/+files/0001-rpc.gssd-truncates-32-bit-UIDs-GIDs-to-16-bits-archi.patch
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to nfs-utils in Ubuntu.
https://bugs.launchpad.net/bugs/1779962
Title:
rpc.gssd truncates 32-bit UIDs/GIDs to 16 bits, leading to "Key has
expired" errors when using kerberos
Status in nfs-utils package in Ubuntu:
Confirmed
Bug description:
utils/gssd_proc.c uses SYS_setresuid and SYS_setresgid in
change_identity when it should use SYS_setresuid32 and SYS_setresgid32
instead. This causes it to truncate UIDs/GIDs > 65536.
Symptoms: rpc.gssd is unable to read kerberos credentials files after
changing identity, failing with a cryptic error message:
CC 'FILE:/tmp/krb5cc_100001_J5kIrv' is expired or corrupt
(note the UID 100001 here, rpc.gssd was actually using UID 34465 to
access this file, and failing in krb5_util.c when calling
krb5_cc_get_principal)
The attached patch fixes the bug.
I'm using Ubuntu 18.04 LTS on an Odroid XU4 (armhf). This bug does not
exist in Ubuntu 16.04 LTS.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1779962/+subscriptions
More information about the foundations-bugs
mailing list