| 2014-11-28 09:18:36 |
Marcello Blancasio |
bug |
|
|
added bug |
| 2014-12-01 18:22:41 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
| 2014-12-01 19:43:12 |
Bryan Quigley |
bug |
|
|
added subscriber Bryan Quigley |
| 2014-12-01 19:59:57 |
Bryan Quigley |
bug watch added |
|
http://bugzilla.padl.com/show_bug.cgi?id=414 |
|
| 2014-12-01 20:00:39 |
Bryan Quigley |
bug watch added |
|
http://bugzilla.padl.com/show_bug.cgi?id=159 |
|
| 2014-12-01 20:00:39 |
Bryan Quigley |
bug task added |
|
nss-ldap |
|
| 2014-12-02 01:21:18 |
Bug Watch Updater |
nss-ldap: status |
Unknown |
Fix Released |
|
| 2014-12-02 01:21:18 |
Bug Watch Updater |
nss-ldap: importance |
Unknown |
Medium |
|
| 2014-12-02 09:19:31 |
Robie Basak |
bug |
|
|
added subscriber Ubuntu Server Team |
| 2014-12-02 09:19:52 |
Robie Basak |
libnss-ldap (Ubuntu): importance |
Undecided |
High |
|
| 2014-12-02 09:19:59 |
Robie Basak |
libnss-ldap (Ubuntu): status |
New |
Triaged |
|
| 2015-08-04 15:51:26 |
Jon Grimm |
libnss-ldap (Ubuntu): assignee |
|
Jon Grimm (jgrimm) |
|
| 2015-08-25 15:53:04 |
Bryan Quigley |
attachment added |
|
break-fork.pl https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1397250/+attachment/4452177/+files/break-fork.pl |
|
| 2016-07-13 08:40:01 |
Sandro |
bug |
|
|
added subscriber Sandro |
| 2016-10-20 14:59:27 |
Robie Basak |
nominated for series |
|
Ubuntu Xenial |
|
| 2016-10-20 14:59:27 |
Robie Basak |
bug task added |
|
libnss-ldap (Ubuntu Xenial) |
|
| 2016-10-20 14:59:27 |
Robie Basak |
nominated for series |
|
Ubuntu Yakkety |
|
| 2016-10-20 14:59:27 |
Robie Basak |
bug task added |
|
libnss-ldap (Ubuntu Yakkety) |
|
| 2016-10-20 14:59:27 |
Robie Basak |
nominated for series |
|
Ubuntu Trusty |
|
| 2016-10-20 14:59:27 |
Robie Basak |
bug task added |
|
libnss-ldap (Ubuntu Trusty) |
|
| 2016-10-20 19:48:40 |
Jon Grimm |
attachment added |
|
libnss-ldap_265-3ubuntu3.debdiff https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1397250/+attachment/4764553/+files/libnss-ldap_265-3ubuntu3.debdiff |
|
| 2016-10-20 19:49:03 |
Jon Grimm |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
| 2016-10-20 20:15:25 |
Jon Grimm |
attachment added |
|
testhosts.pl https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1397250/+attachment/4764554/+files/testhosts.pl |
|
| 2016-10-21 14:12:20 |
Jon Grimm |
libnss-ldap (Ubuntu Trusty): assignee |
|
Jon Grimm (jgrimm) |
|
| 2016-10-21 14:12:25 |
Jon Grimm |
libnss-ldap (Ubuntu Trusty): status |
New |
Confirmed |
|
| 2016-10-21 15:31:29 |
Jon Grimm |
attachment added |
|
libnss-ldap_265-3ubuntu3.debdiff https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1397250/+attachment/4764884/+files/libnss-ldap_265-3ubuntu3.debdiff |
|
| 2016-10-21 15:32:58 |
Jon Grimm |
attachment removed |
libnss-ldap_265-3ubuntu3.debdiff https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/1397250/+attachment/4764553/+files/libnss-ldap_265-3ubuntu3.debdiff |
|
|
| 2016-10-21 16:13:35 |
Robie Basak |
removed subscriber Ubuntu Sponsors Team |
|
|
|
| 2016-10-21 16:13:39 |
Robie Basak |
libnss-ldap (Ubuntu): status |
Triaged |
Fix Committed |
|
| 2016-10-21 17:30:36 |
Launchpad Janitor |
libnss-ldap (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2016-10-24 16:33:17 |
Jon Grimm |
libnss-ldap (Ubuntu Trusty): importance |
Undecided |
High |
|
| 2016-10-24 16:33:26 |
Jon Grimm |
libnss-ldap (Ubuntu Xenial): status |
New |
Won't Fix |
|
| 2016-10-24 16:33:31 |
Jon Grimm |
libnss-ldap (Ubuntu Yakkety): status |
New |
Won't Fix |
|
| 2016-10-24 16:34:14 |
Jon Grimm |
attachment added |
|
libnss-ldap_264-2.2ubuntu4.14.04.2.debdiff https://bugs.launchpad.net/ubuntu/trusty/+source/libnss-ldap/+bug/1397250/+attachment/4766546/+files/libnss-ldap_264-2.2ubuntu4.14.04.2.debdiff |
|
| 2016-10-24 17:12:40 |
Jon Grimm |
description |
Ubuntu version: Ubuntu 14.04.1 LTS
Package version: libnss-ldap_264-2.2ubuntu4
If a process using libnss-ldap calls fork() and SIGPIPE was blocked, the atfork() handler in the child process failed to catch the SIGPIPE as it was supposed to do, that is in the call to do_close_no_unbind(). So that, the uncaught SIGPIPE will be eventually
delivered when the child unblocks signals. This usually make the child process die unexpectedly.
I found a well-known Linux vendor fixed this issue with the following patch. This unblocks the SIGPIPE before calling do_close_no_unbind() and restores the original sigmask afterwards:
diff -up nss_ldap/ldap-nss.c nss_ldap/ldap-nss.c
--- nss_ldap/ldap-nss.c 2009-12-07 20:57:33.000000000 -0500
+++ nss_ldap/ldap-nss.c 2009-12-07 20:58:56.000000000 -0500
@@ -532,8 +532,13 @@
static void
do_atfork_child (void)
{
+ sigset_t unblock, mask;
debug ("==> do_atfork_child");
+ sigemptyset(&unblock);
+ sigaddset(&unblock, SIGPIPE);
+ sigprocmask(SIG_UNBLOCK, &unblock, &mask);
do_close_no_unbind ();
+ sigprocmask(SIG_SETMASK, &mask, NULL);
_nss_ldap_leave ();
debug ("<== do_atfork_child");
}
I'd like to see this patch applied. |
[Impact]
* If a process using libnss-ldap calls fork() and SIGPIPE was blocked,
the atfork() handler in the child process failed to catch the SIGPIPE
as it was supposed to do, that is in the call to do_close_no_unbind().
So that, the uncaught SIGPIPE will be eventually delivered when the
child unblocks signals. This usually make the child process die
unexpectedly.
* This is only reproducible when ldap is configured for STARTTLS.
* Upstream fix has been long integrated.
[Test Case]
* See https://bugs.launchpad.net/ubuntu/trusty/+source/libnss-ldap/+bug/1397250/comments/19
[Regression Potential]
* Fix has been upstream since 2010, and limited to path of child
forking, and SIGPIPE is blocked. No consequent bugs or regressions
in the upstream blamed on this change.
[Other Info]
* I'm currently limiting my SRU to trusty, as I'm unable to
recreate the bug on xenial. Even so, I have tested the fixed
code on xenial to ensure there was no regression with the testcase.
* Will look at fixing xenial too, IFF someone comes forward able to
reproduce the bug/validate the fix. |
|
| 2016-10-24 17:12:56 |
Jon Grimm |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
| 2016-10-24 17:13:01 |
Jon Grimm |
libnss-ldap (Ubuntu Trusty): status |
Confirmed |
In Progress |
|
| 2016-11-02 13:19:42 |
Chris J Arges |
libnss-ldap (Ubuntu Trusty): status |
In Progress |
Fix Committed |
|
| 2016-11-02 13:19:46 |
Chris J Arges |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2016-11-02 13:19:47 |
Chris J Arges |
bug |
|
|
added subscriber SRU Verification |
| 2016-11-02 13:19:53 |
Chris J Arges |
tags |
atfork fork sigpipe |
atfork fork sigpipe verification-needed |
|
| 2016-11-07 16:06:13 |
Jon Grimm |
tags |
atfork fork sigpipe verification-needed |
atfork fork sigpipe verification-done |
|
| 2016-11-08 15:21:19 |
Sebastien Bacher |
removed subscriber Ubuntu Sponsors Team |
|
|
|
| 2016-11-10 18:12:35 |
Launchpad Janitor |
libnss-ldap (Ubuntu Trusty): status |
Fix Committed |
Fix Released |
|
| 2016-11-10 18:12:42 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2024-05-07 17:51:33 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~liushuyu-011/ubuntu/+source/libnss-ldap/+git/libnss-ldap/+merge/465718 |
|
| 2024-05-09 20:53:23 |
Vladimir Petko |
merge proposal unlinked |
https://code.launchpad.net/~liushuyu-011/ubuntu/+source/libnss-ldap/+git/libnss-ldap/+merge/465718 |
|
|
