pam_mount update segfaults login - xdm

I updated my wife’s Opensuse 11.0 PC today. The latest pam_mount module was installed. I rebooted the PC because of a keyboard error (unrelated) she was having. On logging back in, KDE crashed and returned me to a console log in prompt.

I found that logging a here and my normal user accounts, with pam_mount enabled failed. No errors but a return to the login prompt. I tailed /var/log/messages and found hte following segfaults.

Sep 26 10:01:48 graphica kdm_greet[3396]: Cannot read from core

Sep 26 10:02:29 graphica kdm: :0[3473]: pam_mount(rdconf1.c:557) path to luserconf set to /home/patrick/.pam_mount.conf.xml

Sep 26 10:02:29 graphica kdm: :0[3473]: pam_mount(pam_mount.c:208) enter read_password

Sep 26 10:02:29 graphica kdm: :0[3473]: pam_mount(pam_mount.c:317) saving authtok for session code

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(rdconf1.c:557) path to luserconf set to /home/patrick/.pam_mount.conf.xml

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(pam_mount.c:466) Entered pam_mount session stage

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(pam_mount.c:487) back from global readconfig

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(pam_mount.c:491) going to readconfig user

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(rdconf1.c:810) ignoring volume record… (not for me)

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(rdconf1.c:810) ignoring volume record… (not for me)

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(pam_mount.c:496) back from user readconfig

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(misc.c:56) Session
open: (uid=0, euid=0, gid=100, egid=100)

Sep 26 10:02:30 graphica kdm: :0[3473]: pam_mount(rdconf2.c:227) checking sanity of volume record (arographics)

**Sep 26 10:02:30 graphica kernel: kdm[3473]: segfault at 0 ip b7cba9c8 sp bff47f8c error 4 in libc-2.8.so[b7c48000+13d000]

Sep 26 10:02:30 graphica kdm_greet[3479]: Cannot read from core

Sep 26 10:02:30 graphica kdm[3461]: Unknown session exit code 0 (sig 11) from manager process
**
Sep 26 10:24:36 graphica smartd[2998]: Device: /dev/sda, SMART Usage
Attribute: 195 Hardware_ECC_Recovered changed from 64 to 61

Sep 26 10:43:25 graphica gconfd (patrick-4755): starting (version 2.22.0), pid 4755 user ‘patrick’

Sep 26 10:43:26 graphica gconfd (patrick-4755): Resolved address “xml:readonly:/etc/gconf/gconf.xml.mandatory” to a read-only configuration source at position 0

Sep 26 10:43:26 graphica gconfd (patrick-4755): Resolved address “xml:readwrite:/home/patrick/.gconf” to a writable configuration source at position 1

Sep 26 10:43:26 graphica gconfd (patrick-4755): Resolved address “xml:readonly:/etc/gconf/gconf.xml.defaults” to a read-only configuration source at position 2

Sep 26 10:43:26 graphica gconfd (patrick-4755): Resolved address “xml:readonly:/etc/gconf/gconf.xml.vendor” to a read-only configuration source at position 3

Sep 26 10:43:26 graphica gconfd (patrick-4755): Resolved address “xml:readonly:/etc/gconf/gconf.xml.schemas” to a read-only configuration source at position 4

Sep 26 10:43:56 graphica gconfd (patrick-4755): GConf server is not in use, shutting down.

Sep 26 10:43:56 graphica gconfd (patrick-4755): Exiting

Sep 26 10:45:03 graphica gconfd (niuma-5170): starting (version 2.22.0), pid 5170 user ‘niuma’

Sep 26 10:45:03 graphica gconfd (niuma-5170): Resolved address “xml:readonly:/etc/gconf/gconf.xml.mandatory” to a read-only configuration source at position 0

Sep 26 10:45:03 graphica gconfd (niuma-5170): Resolved address “xml:readwrite:/home/niuma/.gconf” to a writable configuration source at position 1

Sep 26 10:45:03 graphica gconfd (niuma-5170): Resolved address “xml:readonly:/etc/gconf/gconf.xml.defaults” to a read-only configuration source at position 2

Sep 26 10:45:03 graphica gconfd (niuma-5170): Resolved address “xml:readonly:/etc/gconf/gconf.xml.vendor” to a read-only configuration source at position 3

Sep 26 10:45:03 graphica gconfd (niuma-5170): Resolved address “xml:readonly:/etc/gconf/gconf.xml.schemas” to a read-only configuration source at position 4

Sep 26 10:45:56 graphica su: (to root) niuma on /dev/pts/2

Sep 26 10:45:56 graphica su: (to root) niuma on /dev/pts/2

Sep 26 10:46:49 graphica gconfd (niuma-5170): Exiting

Sep 26 10:47:03 graphica gconfd (niuma-6076): starting (version 2.22.0), pid 6076 user ‘niuma’

Sep 26 10:47:03 graphica gconfd (niuma-6076): Resolved address “xml:readonly:/etc/gconf/gconf.xml.mandatory” to a read-only configuration source at position 0

Sep 26 10:47:03 graphica gconfd (niuma-6076): Resolved address “xml:readwrite:/home/niuma/.gconf” to a writable configuration source at position 1

Sep 26 10:47:03 graphica gconfd (niuma-6076): Resolved address “xml:readonly:/etc/gconf/gconf.xml.defaults” to a read-only configuration source at position 2

Sep 26 10:47:03 graphica gconfd (niuma-6076): Resolved address “xml:readonly:/etc/gconf/gconf.xml.vendor” to a read-only configuration source at position 3

Sep 26 10:47:03 graphica gconfd (niuma-6076): Resolved address “xml:readonly:/etc/gconf/gconf.xml.schemas” to a read-only configuration source at position 4

Sep 26 10:47:29 graphica gconfd (niuma-6076): Exiting

Sep 26 10:48:15 graphica gconfd (niuma-6444): starting (version 2.22.0), pid 6444 user ‘niuma’

Sep 26 10:48:15 graphica gconfd (niuma-6444): Resolved address “xml:readonly:/etc/gconf/gconf.xml.mandatory” to a read-only configuration source at position 0

Sep 26 10:48:15 graphica gconfd (niuma-6444): Resolved address “xml:readwrite:/home/niuma/.gconf” to a writable configuration source at position 1

Sep 26 10:48:15 graphica gconfd (niuma-6444): Resolved address “xml:readonly:/etc/gconf/gconf.xml.defaults” to a read-only configuration source at position 2

Sep 26 10:48:15 graphica gconfd (niuma-6444): Resolved address “xml:readonly:/etc/gconf/gconf.xml.vendor” to a read-only configuration source at position 3

Sep 26 10:48:15 graphica gconfd (niuma-6444): Resolved address “xml:readonly:/etc/gconf/gconf.xml.schemas” to a read-only configuration source at position 4

**Sep 26 10:52:42 graphica kernel: login[6613]: segfault at 0 ip b7f3f9c8 sp bff5d65c error 4 in libc-2.8.so[b7ecd000+13d000]

Sep 26 10:52:52 graphica kernel: login[6622]: segfault at 0 ip b7ec29c8 sp bfadf9dc error 4 in libc-2.8.so[b7e50000+13d000]
**

I uninstalled pam_mount and reinstalled but got the same errors. At the moment, I have commented out references to pam_mount in /etc/pam.d/login and xdm, so logins are now working normally but I do need to get this working again.

The kernel is the latest update and pam_mount is 0.35-15.2 released 12/9/08.

I’ve not been able find much info for segaults in libc and nothing refering to pam_mount. My PC is also running the same config and is not experiencing this problem. Please help before my wife starts muttering about putting XP back on the PC!

Regards

Patrick

Have also made probably the same update currently downloadable at period september october 2008
I report impossible su** logging on bash apparently because administrators log-in nickname at bash has disappeared “unknown user” is displayed, also yast runs under a hardly light non administrator version.

By rebooting PC runlevel 5 is unable to fullfill

There’s on start of PC protocol following warning red-indicated

Idm <vt[1-N]> <:[0-N]>
[xserver options]

Failed services in runlevel 5: xdm

All my excuses in case this problem is a different as Patrickmes’!

Hi I just forgot to say
I run opensuse 11.0 X86_64

Usage: Idm <vt[1-N]> <:[0-N]> [xserver options]
failed

Update:

I’ve been experimenting a bit with this problem. It looks like the problem is related to how pam_mount parses or treats volume mount options in ~/.pam_mount.conf.xml.

I’ve found if I use no CIFS mount options at all or options=""( effectively blank), then we can log in. I say we because my PC, also with v11.0 now has the same problem. I think I hadn’t rebooted after the update. I have now and I either can’t log in (options set) or get no mount points set (options removed.)

pam_mount.conf.xml

<?xml version=“1.0” encoding=“utf-8” ?>
<pam_mount>

<volume user=“patrick” fstype=“cifs” server=“arofs” path=“arographics” mountpoint="~/mount/AROgraphics" options=“gid=100”/>

</pam_mount>

With anyoptions listed the segfault occurs.

Oct 14 07:42:22 vortex login[15581]: pam_mount(rdconf1.c:557) path to luserconf set to /home/patrick/.pam_mount.conf.xml
Oct 14 07:42:22 vortex login[15581]: pam_mount(pam_mount.c:208) enter read_password
Oct 14 07:42:25 vortex login[15581]: pam_mount(pam_mount.c:317) saving authtok for session code
Oct 14 07:42:25 vortex login[15581]: pam_mount(rdconf1.c:557) path to luserconf set to /home/patrick/.pam_mount.conf.xml
Oct 14 07:42:25 vortex login[15581]: pam_mount(pam_mount.c:466) Entered pam_mount session stage
Oct 14 07:42:25 vortex login[15581]: pam_mount(pam_mount.c:487) back from global readconfig
Oct 14 07:42:25 vortex login[15581]: pam_mount(pam_mount.c:491) going to readconfig user
Oct 14 07:42:25 vortex login[15581]: pam_mount(pam_mount.c:496) back from user readconfig
Oct 14 07:42:25 vortex login[15581]: pam_mount(misc.c:56) Session open: (uid=0, euid=0, gid=0, egid=0)
Oct 14 07:42:25 vortex login[15581]: pam_mount(rdconf2.c:227) checking sanity of volume record (arographics)
Oct 14 07:42:25 vortex kernel: login[15581]: segfault at 0 ip b7f1b9c8 sp bfb4023c error 4 in libc-2.8.so[b7ea9000+13d000]

There was a further update to pam_mount in the last couple of days but this did not fix hte problem. Change Log:…

pam_mount-0.35-15.4 - A PAM Module that can Mount Volumes for a User Session

Fri 26 Sep 2008 21:30:00 CST
mc@suse.de

  • fix LOSETUP variable in script umount.crypt (bnc#427343)
    Fri 05 Sep 2008 21:30:00 CST
    mc@suse.de
  • re-add security-critical checks for user-defined volumes
    (bnc#423557)

Cannot reproduce with pam_mount 1.0.

That’s good Jan! :slight_smile: The version with opensuse 11.0 is 0.35. This problem took a while to come to light. Perhaps not many people use 11.0 with pam_mount. Michael C at Suse advised me of the following bug report.
Bug 433812 - pam_mount (0.35-15.2) sig11 with luserconf active

It appears a security change was implemented which broke parsing of .pam_mount.conf.xml. I have worked around this by putting the mount commands in the main pam_mount.conf.xml file.

PS: I was going to email your pam_mount list; a couple of the web site documentation links are broken and there does not appear to be any full documentation for a luserconf pam_mount.conf.xml file.

cheers