[Pkg-samba-maint] Bug#574468: Bug#574468: samba: pam_winbind leaks file descriptors
Christian PERRIER
bubulle at debian.org
Fri Mar 19 06:02:13 UTC 2010
forwarded 574468 https://bugzilla.samba.org/show_bug.cgi?id=7265
thanks
Quoting Josh Kelley (joshkel at gmail.com):
> Package: samba
> Version: 2:3.4.7~dfsg-1~bpo50+1
> Severity: important
> Tags: patch
>
>
> The pam_winbind module leaks file descriptors. wb_common.c keeps its
> file descriptor in the winbindd_fd global variable and closes that
> through the winbind_close_sock function, but there's no provision for
> making sure that winbind_close_sock is called when pam_winbind is closed
> via dlclose.
>
> A symptom of this is that Apache, if set up to use its auth_pam module,
> is eventually unable to authenticate new users.
>
> The attached patch instructs gcc to treat winbind_close_sock as a
> destructor. This is the simplest fix but maybe not the best; from
> looking at the docs, specifying a cleanup function to pam_set_data (and
> doing something else for nss_winbind?) may be more correct.
Thanks for your detailed bug report.
It has been forwarded upstream.
>
> -- System Information:
> Debian Release: 5.0.4
> APT prefers stable
> APT policy: (900, 'stable'), (750, 'unstable'), (700, 'experimental')
> Architecture: i386 (x86_64)
>
> Kernel: Linux 2.6.26-2-amd64 (SMP w/8 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages samba depends on:
> ii adduser 3.110 add and remove users and groups
> ii debconf 1.5.24 Debian configuration management sy
> ii libacl1 2.2.47-2 Access control list shared library
> ii libattr1 1:2.4.43-2 Extended attribute shared library
> ii libc6 2.7-18lenny2 GNU C Library: Shared libraries
> ii libcap2 2.11-2 support for getting/setting POSIX.
> ii libcomer 1.41.3-1 common error description library
> ii libcups2 1.3.8-1+lenny8 Common UNIX Printing System(tm) -
> ii libgnutl 2.4.2-6+lenny2 the GNU TLS library - runtime libr
> ii libkrb53 1.6.dfsg.4~beta1-5lenny2 MIT Kerberos runtime libraries
> ii libldap- 2.4.11-1+lenny1 OpenLDAP libraries
> ii libpam-m 1.0.1-5+lenny1 Pluggable Authentication Modules f
> ii libpam-r 1.0.1-5+lenny1 Runtime support for the PAM librar
> ii libpam0g 1.0.1-5+lenny1 Pluggable Authentication Modules l
> ii libpopt0 1.14-4 lib for parsing cmdline parameters
> ii libtallo 2.0.1-1~bpo50+1 hierarchical pool based memory all
> ii libwbcli 2:3.4.7~dfsg-1~bpo50+1 Samba winbind client library
> ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
> ii procps 1:3.2.7-11 /proc file system utilities
> ii samba-co 2:3.4.7~dfsg-1~bpo50+1 common files used by both the Samb
> ii update-i 4.31 inetd configuration file updater
> ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
>
> Versions of packages samba recommends:
> ii logrotate 3.7.1-5 Log rotation utility
>
> Versions of packages samba suggests:
> ii ctdb 1.0.99-1~bpo50+1 clustered database to store tempor
> pn ldb-tools <none> (no description available)
> ii openbsd-inetd [inet-sup 0.20080125-2 The OpenBSD Internet Superserver
> pn smbldap-tools <none> (no description available)
>
> -- debconf information:
> samba/run_mode: daemons
> samba/generate_smbpasswd: true
> diff -r samba-3.4.7.orig/nsswitch/winbind_client.h samba-3.4.7/nsswitch/winbind_client.h
> 28c28
> < void winbind_close_sock(void);
> ---
> > void winbind_close_sock(void) __attribute__((destructor));
> _______________________________________________
> Pkg-samba-maint mailing list
> Pkg-samba-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-samba-maint
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20100319/0dfde756/attachment.pgp>
More information about the Pkg-samba-maint
mailing list