Date: Tue, 20 Sep 2011 15:21:00 -0400 From: Gary Palmer <gpalmer@freebsd.org> To: Mike Tancsa <mike@sentex.net> Cc: Corey Smith <corsmith@gmail.com>, freebsd-security@freebsd.org Subject: Re: pam_ssh_agent_auth coredump on AMD64 (was Re: PAM modules) Message-ID: <20110920192100.GF10165@in-addr.com> In-Reply-To: <4E78E5DC.6050600@sentex.net> References: <CAHQQXOObKpCU9syvv0tYfets9%2BsMKjYU0ONeQ23KGkOOnxJOaA@mail.gmail.com> <4E778357.1030206@sentex.net> <4E78E5DC.6050600@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 20, 2011 at 03:13:32PM -0400, Mike Tancsa wrote:
> On 9/19/2011 2:00 PM, Mike Tancsa wrote:
> > On 9/16/2011 3:10 PM, Corey Smith wrote:
> >> On 09/16/2011 11:05 AM, Dag-Erling Sm?rgrav wrote:
> >>> My question is: which ones?
> >>
> >> security/pam_ssh_agent_auth
> >>
> >> It is BSD licensed and handy for sudo.
> >
> >
> > Neato, I didnt know of this module for sudo! However, with the default
> > install on AMD64, I am getting coredump.
>
> Actually, I tried the same setup on i386 and it seems to work just fine.
> However, on an AMD64 machine, sudo just coredumps. Anyone running this
> setup on amd64 ?
>
> Running with -D9, normally it looks something like
>
> % sudo -D9 su
> sudo: settings: debug_level=9
> sudo: settings: progname=sudo
> sudo: settings: network_addrs=....
> sudo: sudo_mode 1
> sudo: policy plugin returns 1
> sudo: command info: umask=022
> sudo: command info: command=/usr/bin/su
> sudo: command info: runas_uid=0
> sudo: command info: runas_gid=0
> sudo: command info: runas_groups=0,5
> sudo: command info: closefrom=3
> sudo: command info: set_utmp=true
> sudo: command info: login_class=default
>
> where as on amd64,
>
> % sudo -D9 su
> sudo: settings: debug_level=9
> sudo: settings: progname=sudo
> sudo: settings: network_addrs=....
> sudo: sudo_mode 1
> Segmentation fault
>
> It seems to die in the call to
>
> static int
> policy_check(struct plugin_container *plugin, int argc, char * const argv[],
> char *env_add[], char **command_info[], char **argv_out[],
> char **user_env_out[])
> {
> return plugin->u.policy->check_policy(argc, argv, env_add, command_info,
> argv_out, user_env_out);
> }
>
>
> I cant get it to coredump since its setuid. Before I start adding more
> debug printfs, does anyone have any suggestions as to what it might be ?
If you do
sysctl kern.sugid_coredump=1
can you get a coredump?
Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110920192100.GF10165>