Bug 4831 - pam_smbpass calls openlog(), can cause application segfaults
pam_smbpass calls openlog(), can cause application segfaults
Status: RESOLVED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: Client Tools
3.0.25b
All Linux
: P3 major
: none
Assigned To: Björn Jacke
Samba QA Contact
http://bugs.debian.org/434372
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-07-27 19:29 UTC by Steve Langasek
Modified: 2009-05-26 09:40 UTC (History)
1 user (show)

See Also:


Attachments
prelim patch to disable openlog(), closelog() (2.46 KB, patch)
2007-07-27 19:38 UTC, Steve Langasek
no flags Details
updated patch to switch to pam_vsyslog like pam_winbind (21.25 KB, patch)
2007-08-06 00:56 UTC, Steve Langasek
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Steve Langasek 2007-07-27 19:29:53 UTC
pam_smbpass invariably calls setup_logging() when invoked, which calls openlog().  If the calling application also uses syslog, this will at best interfere with the logging settings of the application and at worst will crash the application.  Such a crash in su was reported in Debian bug #434372.
Comment 1 Steve Langasek 2007-07-27 19:38:44 UTC
Created attachment 2845 [details]
prelim patch to disable openlog(), closelog()

This patch eliminates the calls to setup_logging(), openlog(), and closelog() from within pam_smbpass.

Further improvements to the pam_smbpass logging code are possible; e.g., by switching the code to use the new Linux-PAM pam_vsyslog() API as pam_winbind already does.  Please let me know if you would prefer this change to be made at the same time, I'm happy to prepare a patch for it.
Comment 2 Jeremy Allison 2007-07-28 05:29:07 UTC
Yes please, that would be very helpful ! Thanks.
Jeremy.
Comment 3 Steve Langasek 2007-08-06 00:56:00 UTC
Created attachment 2854 [details]
updated patch to switch to pam_vsyslog like pam_winbind

Jeremy,

Here's an updated version of the patch that switches all logging to use pam_vsyslog() if available.  Cheers!
Comment 4 Björn Jacke 2009-05-26 09:40:13 UTC
thanks, pushed to master with caeae66c5, and to 3.4, too.