public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug admin/14351] New: getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory
@ 2012-07-11 14:44 robert.klima at gmail dot com
2012-07-11 14:55 ` [Bug admin/14351] " aj at suse dot de
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: robert.klima at gmail dot com @ 2012-07-11 14:44 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14351
Bug #: 14351
Summary: getpwnam error in 32 bit version only - it cannot deal
with LDAP accounts coupled with Active Directory
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: admin
AssignedTo: unassigned@sourceware.org
ReportedBy: robert.klima@gmail.com
CC: carlos@systemhalted.org, roland@gnu.org
Classification: Unclassified
Created attachment 6523
--> http://sourceware.org/bugzilla/attachment.cgi?id=6523
Testprogram - source and 32-Bit version which produces the error on 32-Bit
library
getpwnam() of 32-Bit Library returns NULL pointer for valid user.
64-Bit Version seams to work correctly.
Situation: ActiveDirectory is coupled with LDAP to be accessed from Linux.
Here a Link where another user verifies: in 32-Bit Ubuntu getpwnam() returns a
NULL-Pointer whereas the 64-Bit-Variante returns a valid passwd-structure:
http://stackoverflow.com/questions/2352373/getpwnam-on-ubuntu-behaves-differently-if-compiled-in-32-bit
Here a link where it says, user-IDs in Linux are 32-Bit in size (on
32-Bit-systems) whereas Windows-UserIDs are 'larger':
http://suacommunity.com/dictionary/getpwnam-entry.php
Original text: While ID's on Unix systems are typically 32-bit (16-bit on older
systems) Windows's ID are larger (and may vary in size).
Test program:
---------------------------------
/*
*/
# include <pwd.h>
# include <grp.h>
# include <time.h>
# include <string.h>
# include <stdlib.h>
# include <unistd.h>
# include <stdio.h>
# include <shadow.h>
# include <errno.h>
#define _NUMBER_OF_CALL 5
#define __SLEEP_TIME 1
#define __MAX_SLEEP_TIME 60
#define TTRACE if ( __STDOUT )
/*
* #####################################################################
* #
* # g e t D a t e C h a r
* # ----------------------
* #
* #####################################################################
*/
char * getDateChar()
{
static char xdat[32];
time_t tt;
struct tm *tm;
tt = time((time_t *)NULL);
tm = localtime(&tt);
sprintf(xdat, "%.4d%.2d%.2d/%.2d%.2d%.2d", tm->tm_year+1900, tm->tm_mon+1,
tm->tm_mday, tm->tm_hour, tm->tm_min, tm->tm_sec);
return (char *)xdat;
} /* Ende Funktion 'getDateChar' */
/*
* #####################################################################
* #
* # M a i n - Ticket Nr. 197218(Linux), 197115(Linux), 195542, ....
* # ------- Testprogramm
* #
* #
* #####################################################################
*/
int main(int argc, char *argv[])
{
int loopNr=0, s_errno;
int sleepTime = __SLEEP_TIME;
int maxLoop = _NUMBER_OF_CALL;
char wUserName[256];
char wProgName[256];
struct passwd *passwd;
struct spwd *sp_entry;
char *FName;
if ( (argc > 1 ) && ( strcmp( (argv[1]), "-help" ) == 0 ) )
{
printf("Usage %s <user> <loop> <sleep>\n", argv[0]);
printf(" <user> - user name, standard login name -
'cuserid()'\n");
printf(" <loop> - number of call getpwnam(), standard %i, endless
-1\n", maxLoop);
printf(" <sleep> - sleep time (sec.) for loop, standard %i, max.
%i\n", sleepTime, __MAX_SLEEP_TIME);
exit (0);
}
/* -----------------------------------------------------------------
* Password-entry wird geholt
*/
strcpy(wProgName, argv[0]);
FName = (char *)strrchr((char *)wProgName, '/');
if (FName) FName++;
else FName = wProgName;
printf("%s --> Developer test program '%s' started.\n\n", getDateChar(),
FName);
strcpy(wUserName, (char *)cuserid(NULL));
if (argc > 1) strcpy(wUserName, argv[1]);
if (argc > 2) maxLoop = atoi(argv[2]);
if (argc > 3) sleepTime = atoi(argv[3]);
if ( ( sleepTime < 0 ) || ( sleepTime > __MAX_SLEEP_TIME ) ) sleepTime =
__SLEEP_TIME;
printf("%s %-30s : '%s'\n", getDateChar(), "user name", wUserName);
printf("%s %-30s : '%d'\n", getDateChar(), "defined max. loop number",
maxLoop);
printf("%s %-30s : '%d'\n", getDateChar(), "sleep time for loop",
sleepTime);
printf("%s CRYPTPW_TRUSTED_HP supported\n", getDateChar());
/* -----------------------------------------------------------------
* Password-entry wird geholt
* Linux man page:
* The getpwnam() and getpwuid() functions return a pointer to a passwd
structure,
* or NULL if the matching entry is not found or an error occurs. If an
error occurs,
* errno is set appropriately.
* If one wants to check errno after the call, it should be set to zero
before the call.
*/
loopNr = 0;
while(maxLoop)
{
loopNr++;
/* -----------------------------------------------------------------
* get password file entry - call getpwnam()
*/
printf("\n%s %04i get password file entry, call getpwnam(%s)\n",
getDateChar(), loopNr, wUserName);
errno = 0;
passwd = getpwnam(wUserName);
if (passwd == NULL)
{
if ( errno )
printf("%s ---> . error '%s' in getpwnam(%s)-call\n",
getDateChar(), (char *)strerror(errno), wUserName);
else
printf("%s ---> . the matching password entry is for user
'%s' not found, but errno not set!\n", getDateChar(), wUserName);
#ifdef __BLABLA
printf("\n%s <--- Developer test program '%s' terminated
abnormally.\n", getDateChar(), FName);
exit(0);
#endif
}
else
{
printf("%s user entry structure successfully determined :
'%s'\n", getDateChar(), passwd->pw_name);
}
/* -----------------------------------------------------------------
* user passwort ermiiteln - getspnam()? oder getpwnam()?
* get shadow password file entry - call getspnam()
*/
printf("%s get shadow password file entry, call getspnam(%s)\n",
getDateChar(), wUserName);
errno = 0;
sp_entry = (struct spwd *)0;
sp_entry = getspnam(wUserName);
if ( sp_entry )
printf("%s . %-20s --> '%s'\n", getDateChar(),
"crypt-pw(sp_pwdp)", sp_entry->sp_pwdp);
else
{
printf("%s . shadow password entry could not be determined,
getspnam()-entry NULL\n", getDateChar());
if (errno)
printf("%s . error '%s' in getspnam(%s)-call\n",
getDateChar(), (char *)strerror(errno), wUserName);
else
printf("%s . no error in getspnam()-call, but the user
password could not be determined\n", getDateChar());
if ( passwd )
printf("%s . %-20s --> '%s'\n", getDateChar(),
"crypt-pw(pw_passwd)", passwd->pw_passwd);
else
printf("%s ==> fatal error, user password could not be
determined\n", getDateChar());
}
maxLoop--;
sleep(sleepTime);
}
printf("\n%s <--- Developer test program '%s' terminated normally.\n",
getDateChar(), FName);
exit(0);
} /* Ende Funktion 'main' */
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug admin/14351] getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory
2012-07-11 14:44 [Bug admin/14351] New: getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory robert.klima at gmail dot com
@ 2012-07-11 14:55 ` aj at suse dot de
2012-07-11 15:56 ` [Bug libc/14351] " roland at gnu dot org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: aj at suse dot de @ 2012-07-11 14:55 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14351
Andreas Jaeger <aj at suse dot de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |WAITING
CC| |aj at suse dot de
--- Comment #1 from Andreas Jaeger <aj at suse dot de> 2012-07-11 14:54:25 UTC ---
The stackoverflow shows that no 32-bit ldap nss lib was installed:
"Obviously the same module cannot be used for both 64-bit and 32-bit. Ubuntu
Karmic ships /lib32/libnss_ldap.so.2 in package ia32-libs – is this installed?"
Some questions:
1) Is this the case on your system?
2) What is the content of /etc/nscd.conf?
3) What kind of Linux are you running?
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/14351] getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory
2012-07-11 14:44 [Bug admin/14351] New: getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory robert.klima at gmail dot com
2012-07-11 14:55 ` [Bug admin/14351] " aj at suse dot de
@ 2012-07-11 15:56 ` roland at gnu dot org
2014-06-17 19:02 ` fweimer at redhat dot com
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: roland at gnu dot org @ 2012-07-11 15:56 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14351
Roland McGrath <roland at gnu dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC|roland at gnu dot org |drepper.fsp at gmail dot
| |com
Component|admin |libc
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/14351] getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory
2012-07-11 14:44 [Bug admin/14351] New: getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory robert.klima at gmail dot com
2012-07-11 14:55 ` [Bug admin/14351] " aj at suse dot de
2012-07-11 15:56 ` [Bug libc/14351] " roland at gnu dot org
@ 2014-06-17 19:02 ` fweimer at redhat dot com
2015-09-17 13:30 ` robert.klima at gmail dot com
2015-09-17 13:36 ` fweimer at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2014-06-17 19:02 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=14351
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|WAITING |RESOLVED
CC| |fweimer at redhat dot com
Resolution|--- |WORKSFORME
Flags| |security-
--- Comment #2 from Florian Weimer <fweimer at redhat dot com> ---
Closing because of lack of response from the reporter.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/14351] getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory
2012-07-11 14:44 [Bug admin/14351] New: getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory robert.klima at gmail dot com
` (2 preceding siblings ...)
2014-06-17 19:02 ` fweimer at redhat dot com
@ 2015-09-17 13:30 ` robert.klima at gmail dot com
2015-09-17 13:36 ` fweimer at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: robert.klima at gmail dot com @ 2015-09-17 13:30 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=14351
--- Comment #3 from Robert Klima <robert.klima at gmail dot com> ---
For that reason, I provided a test program, which can be used to replay the
error in that very environment.
Can you please try with the test program?
For your questions:
It is the environment of our customer. Unfortunately it is hard to tell what
his configuration is.
He has an AD coupled with LDAP. The command su works fine. However, a
32bit-executable (see testprogram attached) calling getpwnam() retrieves a NULL
pointer.
The 64 bit variant of that testprogram works.
Is there a solution?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/14351] getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory
2012-07-11 14:44 [Bug admin/14351] New: getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory robert.klima at gmail dot com
` (3 preceding siblings ...)
2015-09-17 13:30 ` robert.klima at gmail dot com
@ 2015-09-17 13:36 ` fweimer at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2015-09-17 13:36 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=14351
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---
(In reply to Robert Klima from comment #3)
> For your questions:
> It is the environment of our customer. Unfortunately it is hard to tell
> what his configuration is.
> He has an AD coupled with LDAP. The command su works fine. However, a
> 32bit-executable (see testprogram attached) calling getpwnam() retrieves a
> NULL pointer.
> The 64 bit variant of that testprogram works.
>
> Is there a solution?
The likely solution is to install 32-bit versions of the NSS LDAP support
libraries (and perhaps of the PAM libraries, too). This is a system setup
issue and not something glibc changes can fix.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2015-09-17 13:36 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-07-11 14:44 [Bug admin/14351] New: getpwnam error in 32 bit version only - it cannot deal with LDAP accounts coupled with Active Directory robert.klima at gmail dot com
2012-07-11 14:55 ` [Bug admin/14351] " aj at suse dot de
2012-07-11 15:56 ` [Bug libc/14351] " roland at gnu dot org
2014-06-17 19:02 ` fweimer at redhat dot com
2015-09-17 13:30 ` robert.klima at gmail dot com
2015-09-17 13:36 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).