From owner-freebsd-i386@FreeBSD.ORG  Tue May 15 23:10:07 2007
Return-Path: <owner-freebsd-i386@FreeBSD.ORG>
X-Original-To: freebsd-i386@hub.freebsd.org
Delivered-To: freebsd-i386@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id DDDF816A408
	for <freebsd-i386@hub.freebsd.org>;
	Tue, 15 May 2007 23:10:06 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40])
	by mx1.freebsd.org (Postfix) with ESMTP id BF49513C448
	for <freebsd-i386@hub.freebsd.org>;
	Tue, 15 May 2007 23:10:06 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l4FNA6qG077491
	for <freebsd-i386@freefall.freebsd.org>; Tue, 15 May 2007 23:10:06 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l4FNA6FZ077490;
	Tue, 15 May 2007 23:10:06 GMT (envelope-from gnats)
Resent-Date: Tue, 15 May 2007 23:10:06 GMT
Resent-Message-Id: <200705152310.l4FNA6FZ077490@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-i386@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Chris Cowart<ccowart@rescomp.berkeley.edu>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 4EBE016A403
	for <freebsd-gnats-submit@FreeBSD.org>;
	Tue, 15 May 2007 23:03:49 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [69.147.83.33])
	by mx1.freebsd.org (Postfix) with ESMTP id 40A5513C455
	for <freebsd-gnats-submit@FreeBSD.org>;
	Tue, 15 May 2007 23:03:49 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id l4FN3nPD014167
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 15 May 2007 23:03:49 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id l4FMwlvY013857;
	Tue, 15 May 2007 22:58:47 GMT (envelope-from nobody)
Message-Id: <200705152258.l4FMwlvY013857@www.freebsd.org>
Date: Tue, 15 May 2007 22:58:47 GMT
From: Chris Cowart<ccowart@rescomp.berkeley.edu>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.0
Cc: 
Subject: i386/112694: segfault in pam_lastlog on sshd exit when no pty
	allocated
X-BeenThere: freebsd-i386@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: I386-specific issues for FreeBSD <freebsd-i386.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-i386>,
	<mailto:freebsd-i386-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-i386>
List-Post: <mailto:freebsd-i386@freebsd.org>
List-Help: <mailto:freebsd-i386-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-i386>,
	<mailto:freebsd-i386-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 May 2007 23:10:07 -0000


>Number:         112694
>Category:       i386
>Synopsis:       segfault in pam_lastlog on sshd exit when no pty allocated
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-i386
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue May 15 23:10:06 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Chris Cowart
>Release:        6_1_RELEASE
>Organization:
RSSP-IT, UC Berkeley
>Environment:
FreeBSD mug.rescomp.berkeley.edu 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Sun May 21 23:35:28 PDT 2006     root@mug.rescomp.berkeley.edu:/usr/obj/usr/src/sys/NEWMUG0  i386
>Description:
When I ssh into FreeBSD hosts without allocating a tty, sshd segfaults
after the process terminates. This problem occurs on both 6_1_REL and
6_2_REL installations at all sorts of patch levels.

Examples:

Client: `ssh -t server ls`
Server Logs: 
| May  9 15:33:44 server sshd[1503]: Accepted publickey for ccowart from 
|     client port 43604 ssh2
| May  9 15:33:45 server sshd[1505]: pam_sm_close_session(): no utmp 
|     record for ttyp5

Client: `ssh server ls`
Server Logs:
| May  9 15:33:50 server sshd[1509]: Accepted publickey for ccowart from
|   client port 42119 ssh2
| May  9 15:33:51 server pid 1511 (sshd), uid 1225: exited on signal 11

In either example, the client thinks the command has completed
successfully, shows proper output, and propogates the return value from
the remote command. The main problem is I don't like seeing a bunch of
segfaults being logged in the daily run output.


>How-To-Repeat:
Uncommenting one rule at a time in my pam stack, I discovered the
culprit: pam_lastlog

The session section of my system pam configuration looks like this:

| # session
| session     required    pam_lastlog.so      no_fail
| session     optional    /usr/local/lib/pam_ldap.so no_warn

When I comment out the pam_lastlog, the segfaults vanish.

When I change the entire pam stack to pam_permit, with the exception of pam_lastlog, the segfaults still occur.
>Fix:
No known solution.
>Release-Note:
>Audit-Trail:
>Unformatted: