Subject: The mailing list for listmasters using Sympa
List archive
- From: David Verdin <address@concealed>
- To: address@concealed
- Subject: Re: [sympa-users] Fault in wwsympa 6.1.7
- Date: Wed, 09 May 2012 09:13:18 +0200
Hi,
thanks to Emmanuel for fixing this problem!
I integrated your fix to wwsympa and sympa_soap_server. Here is the revision log: https://sourcesup.renater.fr/scm/viewvc.php?view=revision&root=sympa&revision=7340
This will be part of the next Sympa release.
Cheers,
David
Le 08/05/12 23:16, Emmanuel Bouthenot a écrit :
Hi,
On Tue, May 08, 2012 at 10:23:59AM -0600, Russ Kepler wrote:
[...]
May 8 10:16:36 main wwsympa[3375]: info Auth::create_one_time_ticket()A bug report has been filed recently about this issue in the Debian
Auth::create_one_time_ticket(address@concealed,main.kepler-
eng.com,choosepasswd,127.0.0.1) value = 44045423938531
May 8 10:16:36 main kernel: [396069.931950] wwsympa.fcgi[3375] general
protection ip:7f86b5250d31 sp:7fff4680d4d0 error:0 in
libperl.so.5.14.2[7f86b51ba000+173000]
I'm running with perl 5.14.2 on the most recent kubuntu release.
I just recently upgraded to 6.1.7, this appears to be a new problem.
bug tracker[1] and as part of the Debian Sympa Team I tried to
understand what went wrong in this case in order to try to fix it.
I've installed multiple version of Perl in parallel (5.12.4, 5.14.2 and
5.15.9) and try to reproduce the bug inside gdb. The gdb backtrace leads
me to the discussion[2] started by Erik Olson on the Perl porters
mailing list.
This discussion was very interesting (Thanks to Erik for his work). It
makes me understand that the 'tainted mode' was not the responsible but
a parameter that made the crash happen.
It makes me understand that the perl option '-U' should not be used in
the cgi shebang of wwsympa.fcgi.
The fix is pretty trivial if you want to test it:
- You have to remove the -U from the shebang of wwsympa.fcgi
- the C wrapper has to be modified to change the effective user/group
before executing the cgi script
If the cgi script and the wrapper are located in /usr/lib/cgi-bin/sympa/
(if its not the case, ajust it according to your installation)
Create a file /tmp/wwsympa-wrapper.fcgi.c with the following content:
--8<-----------------------------------
#include<unistd.h>
int main(int argn, char **argv, char **envp) {
setreuid(geteuid(),geteuid()); // Added to fix the segfault
setregid(getegid(),getegid()); // Added to fix the segfault
argv[0] = "/usr/lib/cgi-bin/sympa/wwsympa.fcgi";
execve("/usr/lib/cgi-bin/sympa/wwsympa.fcgi",argv,envp);
}
----------------------------------->8--
then
# gcc -Wall /tmp/wwsympa-wrapper.fcgi.c -o
/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi
# chown sympa:sympa /usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi
# chmod ug+s /usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi
Restart the webserver and it should work.
As a bonus, this fix also fixes all the error messages like '*Insecure
dependency in*' in the webserver error logs.
This fix should also be applied to sympa_soap_server.fcgi and its
wrapper (sympa_soap_server-wrapper.fcgi) if you're using this feature.
Regards,
M.
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655269
[2] http://www.nntp.perl.org/group/perl.perl5.porters/2012/01/msg181404.html
-
[sympa-users] Fault in wwsympa 6.1.7,
Russ Kepler, 05/08/2012
-
RE: [sympa-users] Fault in wwsympa 6.1.7,
Davy Kager, 05/08/2012
- RE: [sympa-users] Fault in wwsympa 6.1.7, Erik Olson, 05/08/2012
- Re: [sympa-users] Fault in wwsympa 6.1.7, Russ Kepler, 05/08/2012
-
Re: [sympa-users] Fault in wwsympa 6.1.7,
Emmanuel Bouthenot, 05/08/2012
- Re: [sympa-users] Fault in wwsympa 6.1.7, Erik Olson, 05/08/2012
- Re: [sympa-users] Fault in wwsympa 6.1.7, David Verdin, 05/09/2012
-
RE: [sympa-users] Fault in wwsympa 6.1.7,
Davy Kager, 05/08/2012
Archive powered by MHonArc 2.6.19+.