Fwd: Re: [cyrusimap/cyrus-sasl] PAM auth causes segfault for unknown reason (#547)
jan.parcel at oracle.com
Mon Dec 10 14:46:24 EST 2018
We have seen severe mutex issues with sasl_client init on super-fast
machines. We temporarily solved it by patching openldap to ensure it
never calls sasl_client_init more than once, but when I get out from
under my current non-cyrus-sasl load, I had planned to test and submit
changes to sasl_*_init to use a static mutext that is pre-initialized,
which is what I found online as the solution for LIBRARY issues with
passed in or even local mutexts.
The issue is that the mutex needs a mutex, which needs a mutex, and it's
turtles all the way down unless a static mutex is used at that top level.
For some reason I have not understood, I've been told to not even THINK
of doing anything like that to the mutexes used in gssapi.
On 12/10/2018 7:53 AM, Alexander Sagen wrote:
> Trying to set up a temporary shared email server to replace an old
> server with a dying disk while we move all our customers to a new
> email solution. Configured saslauthd the same way it was configured on
> the old server.
> Somehow, during the authentication process, saslauthd manages to
> segfault, seemingly due to a mutex lock issue.
> Installed latest sasl2-bin (version 2.1.27) from APT (source:
> http://eu-central-1.ec2.archive.ubuntu.com/ubuntu bionic/main amd64
> Running linux kernel 4.15.0-1021-aws.
> gdb output during crash:
> |root at mail1:~# gdb --args /usr/sbin/saslauthd -a pam -c -m
> /var/spool/postfix/var/run/saslauthd -r -n 0 -d GNU gdb (Ubuntu
> 8.1-0ubuntu3) 184.108.40.20680409-git Copyright (C) 2018 Free Software
> Foundation, Inc. License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html> This is free software: you are free
> to change and redistribute it. There is NO WARRANTY, to the extent
> permitted by law. Type "show copying" and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu". Type "show
> configuration" for configuration details. For bug reporting
> instructions, please see: <http://www.gnu.org/software/gdb/bugs/>.
> Find the GDB manual and other documentation resources online at:
> <http://www.gnu.org/software/gdb/documentation/>. For help, type
> "help". Type "apropos word" to search for commands related to
> "word"... Reading symbols from /usr/sbin/saslauthd...(no debugging
> symbols found)...done. (gdb) run Starting program: /usr/sbin/saslauthd
> -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 0 -d [Thread
> debugging using libthread_db enabled] Using host libthread_db library
> "/lib/x86_64-linux-gnu/libthread_db.so.1". saslauthd :num_procs
> : 0 saslauthd :mech_option: NULL saslauthd :run_path :
> /var/spool/postfix/var/run/saslauthd saslauthd :auth_mech : pam
> saslauthd :mmaped shared memory segment on file:
> /var/spool/postfix/var/run/saslauthd/cache.mmap saslauthd
> :bucket size: 96 bytes saslauthd :stats size : 36 bytes
> saslauthd :timeout : 28800 seconds saslauthd :cache table:
> 985828 total bytes saslauthd :cache table: 1711 slots
> saslauthd :cache table: 10266 buckets saslauthd :flock
> file opened at /var/spool/postfix/var/run/saslauthd/cache.flock
> saslauthd :master pid is: 0 saslauthd :listening on
> socket: /var/spool/postfix/var/run/saslauthd/mux saslauthd
> :attempting a read lock on slot: 1501 saslauthd
> :[login=someuser at example.com] [service=smtp] [realm=example.com]: not
> found, update pending saslauthd :attempting to release lock on
> slot: 1501 Program received signal SIGSEGV, Segmentation fault.
> __GI___pthread_mutex_lock (mutex=0x20) at
> ../nptl/pthread_mutex_lock.c:65 65 ../nptl/pthread_mutex_lock.c: No
> such file or directory. (gdb) |
> saslauthd configuration:
> |START=yes DESC="SASL Authentication Daemon" NAME="saslauthd"
> MECHANISMS="pam" MECH_OPTIONS="" THREADS=0 OPTIONS="-c -m
> /var/spool/postfix/var/run/saslauthd -r" |
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub
> <https://github.com/cyrusimap/cyrus-sasl/issues/547>, or mute the
Jan Parcel, Software Developer
Oracle Systems Server & Cloud Engineering
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Cyrus-devel