-
Bug
-
Resolution: Unresolved
-
Major
-
rhel-9.5
-
sssd-2.9.6-1.el9
-
No
-
Moderate
-
ZStream
-
rhel-sst-idm-sssd
-
ssg_idm
-
16
-
17
-
2
-
False
-
-
None
-
Red Hat Enterprise Linux
-
None
-
Approved Blocker
-
Pass
-
None
-
Unspecified
-
None
What were you trying to do that didn't work?
I created the file:
[realms] IPA.ROBOTS.ORG.UK = { pkinit_revoke = FILE:/var/local/pki/crl/ipa-ca.crl pkinit_require_crl_checking = true } }
which is invalid (because of the second } character).
This causes sssd to segfault:
Starting System Security Services Daemon... Starting up Starting up Failed to init Kerberos context [Improper format of Kerberos configuration file] Process 495435 (sssd_be) of user 0 dumped core.Stack trace of thread 495435: #0 0x00007f02c1b46876 krb5_kt_default_name (libkrb5.so.3 + 0x76876) #1 0x00007f02c01ee165 sss_printable_keytab_name (libsss_krb5_common.so + 0x16165) #2 0x00007f02c01efe5c select_principal_from_keytab (libsss_krb5_common.so + 0x17e5c) #3 0x00007f02c05e77fa sdap_set_sasl_options (libsss_ldap_common.so + 0x1b7fa) #4 0x00007f02c0710d89 ipa_get_id_options (libsss_ipa.so + 0x1cd89) #5 0x00007f02c071425e sssm_ipa_init (libsss_ipa.so + 0x2025e) #6 0x00005648959f36f5 dp_load_module (sssd_be + 0x126f5) #7 0x00005648959f3f7a dp_init_targets (sssd_be + 0x12f7a) #8 0x00005648959f4686 dp_init_done (sssd_be + 0x13686) #9 0x00007f02c2f22f2f sbus_connect_init_done (libsss_sbus.so + 0x18f2f) #10 0x00007f02c2f2579d sbus_method_in_su_out_u_done (libsss_sbus.so + 0x1b79d) #11 0x00007f02c2ea6b4a complete_pending_call_and_unlock.lto_priv.0 (libdbus-1.so.3 + 0x16b4a) #12 0x00007f02c2eaafec dbus_connection_dispatch (libdbus-1.so.3 + 0x1afec) #13 0x00007f02c2f23adf sbus_dispatch (libsss_sbus.so + 0x19adf) #14 0x00007f02c2f018cd tevent_common_invoke_timer_handler (libtevent.so.0 + 0xf8cd) #15 0x00007f02c2f01ae0 tevent_common_loop_timer_delay (libtevent.so.0 + 0xfae0) #16 0x00007f02c2f0237c epoll_event_loop_once (libtevent.so.0 + 0x1037c) #17 0x00007f02c2ef982b std_event_loop_once (libtevent.so.0 + 0x782b) #18 0x00007f02c2efb368 _tevent_loop_once (libtevent.so.0 + 0x9368) #19 0x00007f02c2efb48b tevent_common_loop_wait (libtevent.so.0 + 0x948b) #20 0x00007f02c2ef989b std_event_loop_wait (libtevent.so.0 + 0x789b) #21 0x00007f02c301e227 server_loop (libsss_util.so + 0x50227) #22 0x00005648959eac1a main (sssd_be + 0x9c1a) #23 0x00007f02c2c295d0 __libc_start_call_main (libc.so.6 + 0x295d0) #24 0x00007f02c2c29680 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x29680) #25 0x00005648959eadb5 _start (sssd_be + 0x9db5) ELF object binary architecture: AMD x86-64 Starting up Exiting the SSSD. Could not restart critical service [ipa.robots.org.uk].
What is the impact of this issue to you?
Low
Please provide the package NVR for which the bug is seen:
sssd-common-2.9.5-4.el9_5.1.x86_64
How reproducible is this bug?:
Very
Steps to reproduce
- Create config file as above
- Start sssd
Expected results
No segfault.
Actual results
Setfault!
- links to
-
RHBA-2024:141064 sssd bug fix and enhancement update