The following bug has been logged online:
Bug reference: 5121
Logged by: Ryan Douglas
Email address: rdouglas@arbinet.com
PostgreSQL version: 8.4.1
Operating system: Fedora 11
Description: Segmentation Fault when using pam w/ krb5
Details:
Whenever I use psql to remotely connect to the database the server crashes
(see log below). If I use psql with the '-W' option then it's fine.
I also tested with pam_tacplus.so and in both cases the db didn't crash. It
just complained about not having credentials to authenticate when the -W
option is not used.
I can reproduce at will so let me know if you need more information.
----- pam configuration
auth sufficient pam_krb5.so no_user_check
account required pam_permit.so
session required pam_permit.so
-------- postgresql log -with krb5 configured in pam ------
<[unknown]@[unknown] 2009-10-15 16:21:11.939 EDT>LOG: connection received:
host=10.0.20.38 port=42662
<rdouglas@tacacs 10.0.20.38(42662) 2009-10-15 16:21:11.982 EDT>LOG: could
not receive data from client: Connection reset by peer
<@ 2009-10-15 16:21:11.987 EDT>LOG: server process (PID 16978) was
terminated by signal 11: Segmentation fault
<@ 2009-10-15 16:21:11.987 EDT>LOG: terminating any other active server
processes
<@ 2009-10-15 16:21:11.989 EDT>LOG: all server processes terminated;
reinitializing
<@ 2009-10-15 16:21:12.109 EDT>LOG: database system was interrupted; last
known up at 2009-10-15 16:21:07 EDT
<@ 2009-10-15 16:21:12.109 EDT>LOG: database system was not properly shut
down; automatic recovery in progress
<@ 2009-10-15 16:21:12.110 EDT>LOG: record with zero length at 3/B7C396B8
<@ 2009-10-15 16:21:12.110 EDT>LOG: redo is not required
<@ 2009-10-15 16:21:12.137 EDT>LOG: database system is ready to accept
connections
<@ 2009-10-15 16:21:12.137 EDT>LOG: autovacuum launcher started
-------- postgresql log -with tacplus configured in pam ------
<[unknown]@[unknown] 2009-10-15 16:41:01.544 EDT>LOG: connection received:
host=10.0.20.38 port=58894
<rdouglas@tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.575 EDT>LOG: could
not receive data from client: Connection reset by peer
<rdouglas@tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.576 EDT>LOG:
pam_authenticate failed: Insufficient credentials to access authentication
data
<rdouglas@tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.576 EDT>FATAL: PAM
authentication failed for user "rdouglas"
<[unknown]@[unknown] 2009-10-15 16:41:05.298 EDT>LOG: connection received:
host=10.0.20.38 port=58895
<rdouglas@tacacs 10.0.20.38(58895) 2009-10-15 16:41:05.681 EDT>LOG:
connection authorized: user=rdouglas database=tacacs
---- /var/log/messages ----
Oct 15 16:21:07 va-mp-db02 kernel: postgres[16971]: segfault at 0 ip
0000000000559624 sp 00007fff43dbe180 error 4 in postgres[400000+439000]
Oct 15 16:21:11 va-mp-db02 kernel: postgres[16978]: segfault at 0 ip
0000000000559624 sp 00007fff43dbe180 error 4 in postgres[400000+439000]
-