Bugzilla – Bug 295
sudo -S does not work with pam_thinkfinger module
Last modified: 2010-06-18 18:29:12 MDT
When pam_thinkfinger module is enabled, "sudo -S -v <<< some_password" will crash right away. It appears to be libthinkfinger crashing. But the question is why sudo bother with pam at all when given the "-S" option. This is on Ubuntu Hardy 8.0.4 with everything upto date. think_finger is at version 0.3. The crash message is listed below: me@mysystem:~$ sudo -S -v <<< mypassword Password or swipe finger: *** glibc detected *** sudo: malloc(): memory corruption: 0x080780f8 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6[0xb7e94356] /lib/tls/i686/cmov/libc.so.6(__libc_malloc+0x8d)[0xb7e95cad] /lib/tls/i686/cmov/libc.so.6[0xb7eb951a] /lib/tls/i686/cmov/libc.so.6(opendir+0x63)[0xb7eb9653] /lib/libusb-0.1.so.4(usb_os_find_busses+0x22)[0xb7c94642] /lib/libusb-0.1.so.4(usb_find_busses+0x1f)[0xb7c91a9f] /usr/lib/libthinkfinger.so.0[0xb7cfe850] /usr/lib/libthinkfinger.so.0(libthinkfinger_verify+0x67)[0xb7cfee37] /lib/security/pam_thinkfinger.so[0xb7d027c2] /lib/tls/i686/cmov/libpthread.so.0[0xb7c9d4fb] /lib/tls/i686/cmov/libc.so.6(clone+0x5e)[0xb7efee5e] ======= Memory map: ======== 08048000-08062000 r-xp 00000000 fe:00 788808 /usr/bin/sudo 08062000-08064000 rw-p 00019000 fe:00 788808 /usr/bin/sudo 08064000-080a8000 rw-p 08064000 00:00 0 [heap] b6c20000-b6c21000 ---p b6c20000 00:00 0 b6c21000-b7421000 rw-p b6c21000 00:00 0 b7421000-b742b000 r-xp 00000000 fe:00 11599886 /lib/libgcc_s.so.1 b742b000-b742c000 rw-p 0000a000 fe:00 11599886 /lib/libgcc_s.so.1 b742c000-b742d000 ---p b742c000 00:00 0 b742d000-b7c2d000 rw-p b742d000 00:00 0 b7c2d000-b7c44000 r-xp 00000000 fe:00 11599906 /lib/libselinux.so.1 b7c44000-b7c46000 rw-p 00016000 fe:00 11599906 /lib/libselinux.so.1 b7c46000-b7c4f000 r-xp 00000000 fe:00 11600185 /lib/tls/i686/cmov/libcrypt-2.7.so b7c4f000-b7c51000 rw-p 00008000 fe:00 11600185 /lib/tls/i686/cmov/libcrypt-2.7.so b7c51000-b7c78000 rw-p b7c51000 00:00 0 b7c78000-b7c83000 r-xp 00000000 fe:00 11602959 /lib/security/pam_unix.so b7c83000-b7c84000 rw-p 0000b000 fe:00 11602959 /lib/security/pam_unix.so b7c84000-b7c90000 rw-p b7c84000 00:00 0 b7c90000-b7c96000 r-xp 00000000 fe:00 11599880 /lib/libusb-0.1.so.4.4.4 b7c96000-b7c98000 rw-p 00005000 fe:00 11599880 /lib/libusb-0.1.so.4.4.4 b7c98000-b7cac000 r-xp 00000000 fe:00 11602926 /lib/tls/i686/cmov/libpthread-2.7.so b7cac000-b7cae000 rw-p 00013000 fe:00 11602926 /lib/tls/i686/cmov/libpthread-2.7.so b7cae000-b7cb0000 rw-p b7cae000 00:00 0 b7cc0000-b7cc9000 r-xp 00000000 fe:00 11602921 /lib/tls/i686/cmov/libnss_files-2.7.so b7cc9000-b7ccb000 rw-p 00008000 fe:00 11602921 /lib/tls/i686/cmov/libnss_files-2.7.so b7ccb000-b7cd3000 r-xp 00000000 fe:00 11602923 /lib/tls/i686/cmov/libnss_nis-2.7.so b7cd3000-b7cd5000 rw-p 00007000 fe:00 11602923 /lib/tls/i686/cmov/libnss_nis-2.7.so b7cd5000-b7ce9000 r-xp 00000000 fe:00 11600193 /lib/tls/i686/cmov/libnsl-2.7.so b7ce9000-b7ceb000 rw-p 00013000 fe:00 11600193 /lib/tls/i686/cmov/libnsl-2.7.so b7ceb000-b7ced000 rw-p b7ceb000 00:00 0 b7ced000-b7cf4000 r-xp 00000000 fe:00 11602919 /lib/tls/i686/cmov/libnss_compat-2.7.so b7cf4000-b7cf6000 rw-p 00006000 fe:00 11602919 /lib/tls/i686/cmov/libnss_compat-2.7.so b7cf9000-b7cfc000 r-xp 00000000 fe:00 11600019 /lib/security/pam_access.so b7cfc000-b7cfd000 rw-p 00002000 fe:00 11600019 /lib/security/pam_access.so b7cfd000-b7d00000 r-xp 00000000 fe:00 794866 /usr/lib/libthinkfinger.so.0.0.0 b7d00000-b7d01000 rw-p 00002000 fe:00 794866 /usr/lib/libthinkfinger.so.0.0.0 b7d01000-b7d03000 r-xp 00000000 fe:00 11599876 /lib/security/pam_thinkfinger.so b7d03000-b7d04000 rw-p 00001000 fe:00 11599876 /lib/security/pam_thinkfinger.so b7d06000-b7d45000 r--p 00000000 fe:00 1376322 /usr/lib/locale/en_US.utf8/LC_CTYPE b7d45000-b7d46000 r--p 00000000 fe:00 1377020 /usr/lib/locale/en_US.utf8/LC_NUMERIC b7d46000-b7e27000 r--p 00000000 fe:00 1376323 /usr/lib/locale/en_US.utf8/LC_COLLATE b7e27000-b7e28000 rw-p b7e27000 00:00 0 b7e28000-b7f71000 r-xp 00000000 fe:00 11600176 /lib/tls/i686/cmov/libc-2.7.so b7f71000-b7f72000 r--p 00149000 fe:00 11600176 /lib/tls/i686/cmov/libc-2.7.so b7f72000-b7f74000 rw-p 0014a000 fe:00 11600176 /lib/tls/i686/cmov/libc-2.7.so b7f74000-b7f78000 rw-p b7f74000 00:00 0 b7f78000-b7f7a000 r-xp 00000000 fe:00 11600187 /lib/tls/i686/cmov/libdl-2.7.so b7f7a000-b7f7c000 rw-p 00001000 fe:00 11600187 /lib/tls/i686/cmov/libdl-2.7.so b7f7c000-b7f85000 r-xp 00000000 fe:00 11599893 /lib/libpam.so.0.81.6 b7f85000-b7f86000 rw-p 00008000 fe:00 11599893 /lib/libpam.so.0.81.6 b7f86000-b7f87000 r--p 00000000 fe:00 1376480 /usr/lib/locale/en_US.utf8/LC_TIME b7f87000-b7f88000 r--p 00000000 fe:00 1376481 /usr/lib/locale/en_US.utf8/LC_MONETARY b7f88000-b7f89000 r--p 00000000 fe:00 1377024 /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES b7f89000-b7f8a000 r--p 00000000 fe:00 1377042 /usr/lib/locale/en_US.utf8/LC_PAPER b7f8a000-b7f8b000 r--p 00000000 fe:00 1377058 /usr/lib/locale/en_US.utf8/LC_NAME b7f8b000-b7f8c000 r--p 00000000 fe:00 1376482 /usr/lib/locale/en_US.utf8/LC_ADDRESS b7f8c000-b7f8d000 r--p 00000000 fe:00 1376483 /usr/lib/locale/en_US.utf8/LC_TELEPHONE b7f8d000-b7f8e000 r--p 00000000 fe:00 1376484 /usr/lib/locale/en_US.utf8/LC_MEASUREMENT b7f8e000-b7f95000 r--s 00000000 fe:00 790377 /usr/lib/gconv/gconv-modules.cache b7f95000-b7f96000 r--p 00000000 fe:00 1376485 /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION b7f96000-b7f98000 rw-p b7f96000 00:00 0 b7f98000-b7f99000 r-xp b7f98000 00:00 0 [vdso] b7f99000-b7fb3000 r-xp 00000000 fe:00 11602895 /lib/ld-2.7.so b7fb3000-b7fb5000 rw-p 00019000 fe:00 11602895 /lib/ld-2.7.so bf995000-bf9aa000 rw-p bffeb000 00:00 0 [stack] Aborted
There was a bug in the PAM conversaion function used by sudo 1.6.9p9 - 1.6.9p13. If you are using a version of sudo in that range (inclusive) then that is probably the issue. As for -S flag, that only affects how sudo prompts for the password so it is not incompatible with PAM.
I believe this is fixed in sudo 1.7.1. A beta version of sudo 1.7.1 may be downloaded from http://www.sudo.ws/devel.html