|
Bugzilla – Full Text Bug Listing |
| Summary: | statically linked gsi-enabled sshd segmentation fault | ||
|---|---|---|---|
| Product: | GSI-OpenSSH | Reporter: | Jim Basney <jbasney@ncsa.uiuc.edu> |
| Component: | GSI-OpenSSH | Assignee: | Jim Basney <jbasney@ncsa.uiuc.edu> |
| Status: | RESOLVED WONTFIX | ||
| Severity: | normal | CC: | vwelch@uiuc.edu |
| Priority: | P3 | ||
| Version: | 4.2.0 | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| URL: | http://lists.globus.org/pipermail/gsi-openssh-user/2008-November/000008.html | ||
Andreas Maier wrote:
> Jim Basney wrote:
>> - What platform and operating system are you using?
>
> I use Suse Linux Enterprise Desktop 10.2 (64 bit)
>> uname -a
> Linux xx01 2.6.16.60-0.31-smp #1 SMP Tue Oct 7 16:16:29 UTC 2008 x86_64 x86_64 x86_64 GNU/Linux
>
>> - Does the problem also occur when using
>> "sshd -ddd -o 'UsePrivilegeSeparation no' -r"?
>
> This didn't change anything.
I finally found some time to look into this. It's a messy issue with glibc and NSS. There's some info at: http://www.gnu.org/software/libc/FAQ.html#s-2.22 It depends on glibc version, NSS configuration, etc. It's not specific to GSI-OpenSSH. The same occurs for static compiles of vanilla OpenSSH. Using --with-globus-static (i.e., static linking against Globus libraries) works OK. It's the --with-ldflags="-static" (static linking against system libraries) that fails. I don't see anything I can do about this. I'm going to close this ticket as WONTFIX.
Andreas Maier wrote: > Hello, > > I tried to compile a static version of gsissh from globus-toolkit v4.2.1 > using > >> ./configure --prefix=/home/globus >> --with-gsiopensshargs="--with-globus-static > --with-ldflags="-static"" > > After calling >> make gsi-openssh 2>&1 | tee make.log >> make install > > I get a binary with no dynamically linked libraries > >> ldd sshd > not a dynamic executable > > I started sshd with > >> ulimit -s 1000000 # just to make sure we have no stack problem >> sudo strace /home/lu64lay/globus2/sbin/sshd -p 1234 -ddd > > I tried to connect to sshd using > >> gsissh -p 1234 localhost > > However sshd generates a segmentation fault at connection time as you > can see > from the strace output (see below). > > Is this a bug in sshd? Or do I have to generate gsissh with different > options to get a working static executable? Is it possible at all to make > a static version of gsissh? > > Any help will be appreciated. > > Andreas Maier > > P.S.: > > .... > > write(2, "debug2: parse_server_config: con"..., 62debug2: > parse_server_config: > config reprocess config len 329 > ) = 62 > write(2, "debug1: Config token is protocol"..., 34debug1: Config token > is protocol > ) = 34 > write(2, "debug1: Config token is rsaauthe"..., 43debug1: Config token is > rsaauthentication > ) = 43 > write(2, "debug1: Config token is pubkeyau"..., 46debug1: Config token is > pubkeyauthentication > ) = 46 > write(2, "debug1: Config token is challeng"..., 57debug1: Config token is > challengeresponseauthentication > ) = 57 > write(2, "debug1: Config token is x11forwa"..., 39debug1: Config token is > x11forwarding > ) = 39 > write(2, "debug1: Config token is useprivi"..., 48debug1: Config token is > useprivilegeseparation > ) = 48 > write(2, "debug1: Config token is subsyste"..., 35debug1: Config token > is subsystem > ) = 35 > open("/etc/ld.so.cache", O_RDONLY) = 5 > fstat(5, {st_mode=S_IFREG|0644, st_size=159215, ...}) = 0 > mmap(NULL, 159215, PROT_READ, MAP_PRIVATE, 5, 0) = 0x2b8f8b72f000 > close(5) = 0 > open("/lib64/libnss_compat.so.2", O_RDONLY) = 5 > read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\26\0"..., > 832) = 832 > fstat(5, {st_mode=S_IFREG|0755, st_size=38678, ...}) = 0 > mmap(NULL, 1078536, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = > 0x2b8f8b756000 > madvise(0x2b8f8b756000, 1078536, MADV_SEQUENTIAL|0x1) = 0 > mprotect(0x2b8f8b75d000, 1044480, PROT_NONE) = 0 > mmap(0x2b8f8b85c000, 8192, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x6000) = 0x2b8f8b85c000 > close(5) = 0 > open("/lib64/libnsl.so.1", O_RDONLY) = 5 > read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000H\0\0"..., > 832) = 832 > fstat(5, {st_mode=S_IFREG|0755, st_size=99531, ...}) = 0 > mmap(NULL, 1136936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = > 0x2b8f8b85e000 > madvise(0x2b8f8b85e000, 1136936, MADV_SEQUENTIAL|0x1) = 0 > mprotect(0x2b8f8b871000, 1044480, PROT_NONE) = 0 > mmap(0x2b8f8b970000, 8192, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x12000) = 0x2b8f8b970000 > mmap(0x2b8f8b972000, 6440, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b8f8b972000 > close(5) = 0 > munmap(0x2b8f8b72f000, 159215) = 0 > open("/etc/nsswitch.conf", O_RDONLY) = 5 > fstat(5, {st_mode=S_IFREG|0644, st_size=1201, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x2b8f8b72f000 > read(5, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1201 > read(5, "", 4096) = 0 > close(5) = 0 > munmap(0x2b8f8b72f000, 4096) = 0 > open("/etc/ld.so.cache", O_RDONLY) = 5 > fstat(5, {st_mode=S_IFREG|0644, st_size=159215, ...}) = 0 > mmap(NULL, 159215, PROT_READ, MAP_PRIVATE, 5, 0) = 0x2b8f8b72f000 > close(5) = 0 > open("/lib64/libnss_nis.so.2", O_RDONLY) = 5 > read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320$\0\0"..., > 832) = 832 > fstat(5, {st_mode=S_IFREG|0755, st_size=53187, ...}) = 0 > mmap(NULL, 1090744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = > 0x2b8f8b974000 > madvise(0x2b8f8b974000, 1090744, MADV_SEQUENTIAL|0x1) = 0 > mprotect(0x2b8f8b97d000, 1048576, PROT_NONE) = 0 > mmap(0x2b8f8ba7d000, 8192, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x9000) = 0x2b8f8ba7d000 > close(5) = 0 > munmap(0x2b8f8b72f000, 159215) = 0 > open("/etc/shadow", O_RDONLY) = 5 > fcntl(5, F_GETFD) = 0 > fcntl(5, F_SETFD, FD_CLOEXEC) = 0 > lseek(5, 0, SEEK_CUR) = 0 > fstat(5, {st_mode=S_IFREG|0640, st_size=495, ...}) = 0 > mmap(NULL, 495, PROT_READ, MAP_SHARED, 5, 0) = 0x2b8f8b72f000 > lseek(5, 495, SEEK_SET) = 495 > fstat(5, {st_mode=S_IFREG|0640, st_size=495, ...}) = 0 > munmap(0x2b8f8b72f000, 495) = 0 > close(5) = 0 > open("/etc/ld.so.cache", O_RDONLY) = 5 > fstat(5, {st_mode=S_IFREG|0644, st_size=159215, ...}) = 0 > mmap(NULL, 159215, PROT_READ, MAP_PRIVATE, 5, 0) = 0x2b8f8b72f000 > close(5) = 0 > open("/lib64/libnss_winbind.so.2", O_RDONLY) = 5 > read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \27\0\0"..., > 832) = 832 > fstat(5, {st_mode=S_IFREG|0755, st_size=23616, ...}) = 0 > mmap(NULL, 1091664, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = > 0x2b8f8ba7f000 > madvise(0x2b8f8ba7f000, 1091664, MADV_SEQUENTIAL|0x1) = 0 > mprotect(0x2b8f8ba84000, 1048576, PROT_NONE) = 0 > mmap(0x2b8f8bb84000, 4096, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x5000) = 0x2b8f8bb84000 > mmap(0x2b8f8bb85000, 18512, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b8f8bb85000 > close(5) = 0 > open("/lib64/libpthread.so.0", O_RDONLY) = 5 > read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 Z\0\0\0"..., > 832) = 832 > fstat(5, {st_mode=S_IFREG|0755, st_size=123722, ...}) = 0 > mmap(NULL, 1147768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = > 0x2b8f8bb8a000 > madvise(0x2b8f8bb8a000, 1147768, MADV_SEQUENTIAL|0x1) = 0 > mprotect(0x2b8f8bb9e000, 1044480, PROT_NONE) = 0 > mmap(0x2b8f8bc9d000, 8192, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x13000) = 0x2b8f8bc9d000 > mmap(0x2b8f8bc9f000, 13176, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b8f8bc9f000 > close(5) = 0 > set_tid_address(0x7d98f0) = 23203 > rt_sigaction(SIGRTMIN, {0x2b8f8bb8f5d0, [], SA_RESTORER|SA_SIGINFO, > 0x2b8f8bb97c00}, NULL, 8) = 0 > rt_sigaction(SIGRT_1, {0x2b8f8bb8f520, [], > SA_RESTORER|SA_RESTART|SA_SIGINFO, > 0x2b8f8bb97c00}, NULL, 8) = 0 > rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 > getrlimit(RLIMIT_STACK, {rlim_cur=1000000*1024, rlim_max=1000000*1024}) = 0 > --- SIGSEGV (Segmentation fault) @ 0 (0) --- > +++ killed by SIGSEGV +++ >