Bug#784112: /usr/sbin/saslauthd: saslauthd segfaults

Thomas Kupka itchy.de at gmail.com
Sun May 3 08:24:27 UTC 2015 

Package: sasl2-bin
Version: 2.1.26.dfsg1-13
Severity: important
File: /usr/sbin/saslauthd

Dear Maintainer,

since upgrading to Jessie, all saslauthd processes segfault on a multiple daily basis:

May  3 06:26:12 mail kernel: [22739.740552] saslauthd[763]: segfault at 0 ip 00007faffd5d8c8a sp 00007ffda85ebe48 error 4 in libc-2.19.so[7faffd557000+19f000]
May  3 06:26:12 mail kernel: [22739.928344] saslauthd[739]: segfault at 0 ip 00007faffd5d8c8a sp 00007ffda85ebe48 error 4 in libc-2.19.so[7faffd557000+19f000]
May  3 06:26:12 mail kernel: [22740.127304] saslauthd[760]: segfault at 0 ip 00007faffd5d8c8a sp 00007ffda85ebe48 error 4 in libc-2.19.so[7faffd557000+19f000]
May  3 10:04:24 mail kernel: [35831.420577] saslauthd[761]: segfault at 0 ip 00007faffd5d8c8a sp 00007ffda85ebe48 error 4 in libc-2.19.so[7faffd557000+19f000]
May  3 10:04:24 mail kernel: [35831.607218] saslauthd[762]: segfault at 0 ip 00007faffd5d8c8a sp 00007ffda85ebe48 error 4 in libc-2.19.so[7faffd557000+19f000]
May  3 10:04:24 mail postfix/smtpd[17269]: warning: SASL authentication failure: cannot connect to saslauthd server: Connection refused

I have not changed any configuration related to postfix, cyrus or saslauthd during the upgrade. Prior to the upgrade, no issues have been experienced with saslauthd ever.

- Thomas


-- System Information:
Debian Release: 8.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sasl2-bin depends on:
ii  db-util                5.3.0
ii  debconf [debconf-2.0]  1.5.56
ii  libc6                  2.19-18
ii  libcomerr2             1.42.12-1.1
ii  libdb5.3               5.3.28-9
ii  libgssapi-krb5-2       1.12.1+dfsg-19
ii  libk5crypto3           1.12.1+dfsg-19
ii  libkrb5-3              1.12.1+dfsg-19
ii  libldap-2.4-2          2.4.40+dfsg-1
ii  libpam0g               1.1.8-3.1
ii  libsasl2-2             2.1.26.dfsg1-13
ii  libssl1.0.0            1.0.1k-3

sasl2-bin recommends no packages.

sasl2-bin suggests no packages.

-- Configuration Files:
/etc/default/saslauthd changed:
START=yes
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="shadow"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

/etc/init.d/saslauthd changed:
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DAEMON=/usr/sbin/saslauthd
DEFAULT_FILES=`find /etc/default -regex '/etc/default/saslauthd[_a-zA-Z0-9\-]*$' -print | sort`
[ -x "$DAEMON" ] || exit 0
. /lib/init/vars.sh
[ -e /var/run/saslauthd ] || ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd
. /lib/lsb/init-functions
do_startall()
{
	for instance in $DEFAULT_FILES
	do
		start_instance $instance
	done
}
do_stopall()
{
	for instance in $DEFAULT_FILES
	do
		stop_instance $instance
	done
}
do_reloadall()
{
	for instance in $DEFAULT_FILES
	do
		reload_instance $instance
	done
}
do_checkall()
{
	for instance in $DEFAULT_FILES
	do
		check_instance $instance
	done
}
start_instance()
{
	# Load defaults file for this instance.
	. $1
	# If the daemon is not enabled, give the user a warning and stop.
	if [ "$START" != "yes" ]; then
		log_warning_msg "To enable $NAME, edit $1 and set START=yes"
		return 0
	fi
	# If the short name of this instance is undefined, warn the user
	# but choose a default name.
	if [ -z "$NAME" ]; then
		log_warning_msg "Short name (NAME) undefined in $1, using default"
		NAME=default
	fi
	log_daemon_msg "Starting $DESC" "$NAME"
	# Set OPTIONS to a default value, as noted in the defaults file
	if [ -z "$OPTIONS" ]; then
		log_warning_msg "Options (OPTIONS) undefined in $1, using default (-c -m /var/run/saslauthd)"
		OPTIONS="-c -m /var/run/saslauthd"
	fi
	# Determine run directory and pid file location by looking
	# for an -m option.
	RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
	if [ -z "$RUN_DIR" ]; then
		# No run directory defined in defaults file, fail.
                log_failure_msg "No run directory defined for $NAME (did you forget to set OPTIONS=\"-c -m /var/run/saslauthd\" in the defaults file?), not starting"
		return 1
	fi
	PIDFILE=$RUN_DIR/saslauthd.pid
	# If no mechanisms are defined, fail.
	if [ -z "$MECHANISMS" ]; then
		log_failure_msg "No mechanisms defined in $1, not starting $NAME"
		return 1
	fi
	# If there are mechanism options defined, prepare them for use with
	# the -O flag.
	if [ -n "$MECH_OPTIONS" ]; then
		MECH_OPTIONS="-O $MECH_OPTIONS"
	fi
	# If there is a threads option defined, prepare it for use with
	# the -n flag.
	if [ -n "$THREADS" ]; then
		THREAD_OPTIONS="-n $THREADS"
	fi
	# Construct argument string.
	DAEMON_ARGS="-a $MECHANISMS $MECH_OPTIONS $OPTIONS $THREAD_OPTIONS"
	# If there is a statoverride for the run directory, then pull
	# permission and ownership information from it and create the directory.
	# Otherwise, we create the directory with default permissions and
	# ownership (root:sasl, 710).
	if dpkg-statoverride --list $RUN_DIR > /dev/null; then
		createdir `dpkg-statoverride --list $RUN_DIR`
	else
		createdir root sasl 710 $RUN_DIR
	fi
	# Start the daemon, phase 1: see if it is already running.
	start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \
		--exec $DAEMON --test > /dev/null
	if [ "$?" != "0" ]; then
		log_progress_msg "(already running)"
		log_end_msg 0
		return 0
	fi
	# Start the daemon, phase 2: it was not running, so actually start it now.
	start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \
		--exec $DAEMON -- $DAEMON_ARGS
	if [ "$?" -ne "0" ]; then
		log_end_msg 1
		return 1
	fi
	# Started successfully.
	log_end_msg 0
	return 0
}
stop_instance()
{
	# Load defaults file for this instance.
	. $1
	# If the short name of this instance is undefined, warn the user
	# but choose a default name.
	if [ -z "$NAME" ]; then
		log_warning_msg "Short name (NAME) undefined in $1, using default"
		NAME=default
	fi
	# Set OPTIONS to a default value, as noted in the defaults file
	if [ -z "$OPTIONS" ]; then
		log_warning_msg "Options (OPTIONS) undefined in $1, using default (-c -m /var/run/saslauthd)"
		OPTIONS="-c -m /var/run/saslauthd"
	fi
	# Determine run directory and pid file location by looking
	# for an -m option.
	RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
	if [ -z "$RUN_DIR" ]; then
		# No run directory defined in defaults file, fail.
                log_failure_msg "No run directory defined for $NAME (did you forget to set OPTIONS=\"-c -m /var/run/saslauthd\" in the defaults file?), not starting"
		return 2
	fi
	PIDFILE=$RUN_DIR/saslauthd.pid
	log_daemon_msg "Stopping $DESC" "$NAME"
	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
		--pidfile $PIDFILE --exec $DAEMON
	if [ "$?" -eq "2" ]; then
		# Failed to stop.
		log_end_msg 1
		return 2
	fi
	if [ "$?" -eq "1" ]; then
		# Already stopped.
		log_progress_msg "(not running)"
	fi
	# Many daemons don't delete their pidfiles when they exit.
	rm -f $PIDFILE
	# Stopped successfully.
	log_end_msg 0
	return $RETVAL
}
reload_instance()
{
	# Load defaults file for this instance.
	. $1
	# If the short name of this instance is undefined, warn the user
	# but choose a default name.
	if [ -z "$NAME" ]; then
		log_warning_msg "Short name (NAME) undefined in $1, using default"
		NAME=default
	fi
	# Set OPTIONS to a default value, as noted in the defaults file
	if [ -z "$OPTIONS" ]; then
		log_warning_msg "Options (OPTIONS) undefined in $1, using default (-c -m /var/run/saslauthd)"
		OPTIONS="-c -m /var/run/saslauthd"
	fi
	# Determine run directory and pid file location by looking
	# for an -m option.
	RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
	if [ -z "$RUN_DIR" ]; then
		# No run directory defined in defaults file, fail.
                log_failure_msg "No run directory defined for $NAME (did you forget to set OPTIONS=\"-c -m /var/run/saslauthd\" in the defaults file?), not starting"
		return 2
	fi
	PIDFILE=$RUN_DIR/saslauthd.pid
	log_daemon_msg "Reloading $DESC" "$NAME"
	# Reload the daemon. First, see if it is already running.
	start-stop-daemon --start --quiet --pidfile $PIDFILE \
		--exec $DAEMON --test > /dev/null
	if [ "$?" -eq "0" ]; then
		# Not running, signal this and stop.
		log_progress_msg "(not running)"
		log_end_msg 0
		return 0
	fi
	start-stop-daemon --stop --signal 1 \
		--pidfile $PIDFILE --exec $DAEMON
	log_end_msg $?
}
check_instance()
{
	# Load defaults file for this instance.
	. $1
	# If the short name of this instance is undefined, warn the user
	# but choose a default name.
	if [ -z "$NAME" ]; then
		log_warning_msg "Short name (NAME) undefined in $1, using default"
		NAME=default
	fi
	# Determine run directory and pid file location by looking
	# for an -m option.
	RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
	if [ -z "$RUN_DIR" ]; then
		# No run directory defined in defaults file, fail.
        log_failure_msg "No run directory defined for $NAME, cannot check"
		return 2
	fi
	PIDFILE=$RUN_DIR/saslauthd.pid
	log_daemon_msg "Checking $DESC" "$NAME"
	# Reload the daemon. First, see if it is already running.
	start-stop-daemon --start --quiet --pidfile $PIDFILE \
		--exec $DAEMON --test > /dev/null
	if [ "$?" -eq "0" ]; then
		# Not running, signal this and stop.
		log_progress_msg "(not running)"
		log_end_msg 3
		return 3
	fi
	log_progress_msg "(running)"
	log_end_msg $?
	return 0
}
createdir()
{
	# In the future, use -P/-Z to have SE Linux enhancement
	install -d --group="$2" --mode="$3" --owner="$1" "$4"
	[ -x /sbin/restorecon ] && /sbin/restorecon "$4"
}
case "$1" in
	start)
		do_startall
		;;
	stop)
		do_stopall
		;;
	reload|force-reload)
		do_reloadall
		;;
	restart)
		do_stopall
		do_startall
		;;
	status)
		do_checkall
		exit $?
		;;
	start-instance)
		if [ -f /etc/default/$2 ]; then
			start_instance /etc/default/$2
		else
			log_failure_msg "Instance $2 does not exist."
		fi
		;;
	stop-instance)
		if [ -f /etc/default/$2 ]; then
			stop_instance /etc/default/$2
		else
			log_failure_msg "Instance $2 does not exist."
		fi
		;;
	reload-instance|force-reload-instance)
		if [ -f /etc/default/$2 ]; then
			reload_instance /etc/default/$2
		else
			log_failure_msg "Instance $2 does not exist."
		fi
		;;
	restart-instance)
		if [ -f /etc/default/$2 ]; then
			stop_instance /etc/default/$2
			start_instance /etc/default/$2
		else
			log_failure_msg "Instance $2 does not exist."
		fi
		;;
	*)
		SCRIPTNAME=$0
		echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
		echo "       or {start-instance|stop-instance|restart-instance|" >&2
		echo "          reload-instance|force-reload-instance} " \
		     "<instance name>" >&2
		exit 3
		;;
esac
:


-- debconf information excluded

More information about the Pkg-cyrus-sasl2-debian-devel mailing list