BUG #5121: Segmentation Fault when using pam w/ krb5 - Mailing list pgsql-bugs

From Ryan Douglas
Subject BUG #5121: Segmentation Fault when using pam w/ krb5
Date
Msg-id 200910152045.n9FKjsMX090679@wwwmaster.postgresql.org
Whole thread Raw
Responses Re: BUG #5121: Segmentation Fault when using pam w/ krb5
Re: BUG #5121: Segmentation Fault when using pam w/ krb5
List pgsql-bugs
The following bug has been logged online:

Bug reference:      5121
Logged by:          Ryan Douglas
Email address:      rdouglas@arbinet.com
PostgreSQL version: 8.4.1
Operating system:   Fedora 11
Description:        Segmentation Fault when using pam w/ krb5
Details:

Whenever I use psql to remotely connect to the database the server crashes
(see log below). If I use psql with the '-W' option then it's fine.

I also tested with pam_tacplus.so and in both cases the db didn't crash. It
just complained about not having credentials to authenticate when the -W
option is not used.

I can reproduce at will so let me know if you need more information.




----- pam configuration

auth       sufficient           pam_krb5.so no_user_check
account    required             pam_permit.so
session    required             pam_permit.so



-------- postgresql log -with krb5 configured in pam ------

<[unknown]@[unknown]  2009-10-15 16:21:11.939 EDT>LOG:  connection received:
host=10.0.20.38 port=42662
<rdouglas@tacacs 10.0.20.38(42662) 2009-10-15 16:21:11.982 EDT>LOG:  could
not receive data from client: Connection reset by peer
<@  2009-10-15 16:21:11.987 EDT>LOG:  server process (PID 16978) was
terminated by signal 11: Segmentation fault
<@  2009-10-15 16:21:11.987 EDT>LOG:  terminating any other active server
processes
<@  2009-10-15 16:21:11.989 EDT>LOG:  all server processes terminated;
reinitializing
<@  2009-10-15 16:21:12.109 EDT>LOG:  database system was interrupted; last
known up at 2009-10-15 16:21:07 EDT
<@  2009-10-15 16:21:12.109 EDT>LOG:  database system was not properly shut
down; automatic recovery in progress
<@  2009-10-15 16:21:12.110 EDT>LOG:  record with zero length at 3/B7C396B8
<@  2009-10-15 16:21:12.110 EDT>LOG:  redo is not required
<@  2009-10-15 16:21:12.137 EDT>LOG:  database system is ready to accept
connections
<@  2009-10-15 16:21:12.137 EDT>LOG:  autovacuum launcher started



-------- postgresql log -with tacplus configured in pam ------

<[unknown]@[unknown]  2009-10-15 16:41:01.544 EDT>LOG:  connection received:
host=10.0.20.38 port=58894
<rdouglas@tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.575 EDT>LOG:  could
not receive data from client: Connection reset by peer
<rdouglas@tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.576 EDT>LOG:
pam_authenticate failed: Insufficient credentials to access authentication
data
<rdouglas@tacacs 10.0.20.38(58894) 2009-10-15 16:41:01.576 EDT>FATAL:  PAM
authentication failed for user "rdouglas"
<[unknown]@[unknown]  2009-10-15 16:41:05.298 EDT>LOG:  connection received:
host=10.0.20.38 port=58895
<rdouglas@tacacs 10.0.20.38(58895) 2009-10-15 16:41:05.681 EDT>LOG:
connection authorized: user=rdouglas database=tacacs



---- /var/log/messages ----

Oct 15 16:21:07 va-mp-db02 kernel: postgres[16971]: segfault at 0 ip
0000000000559624 sp 00007fff43dbe180 error 4 in postgres[400000+439000]
Oct 15 16:21:11 va-mp-db02 kernel: postgres[16978]: segfault at 0 ip
0000000000559624 sp 00007fff43dbe180 error 4 in postgres[400000+439000]
-

pgsql-bugs by date:

Previous
From: Tom Lane
Date:
Subject: Re: BUG #5120: Performance difference between running a query with named cursor and straight SELECT
Next
From: Steve McLellan
Date:
Subject: Re: BUG #5120: Performance difference between running a query with named cursor and straight SELECT