You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2006/03/22 14:38:32 UTC
DO NOT REPLY [Bug 39060] New: - "user not in DBM group file" causes error and kills the process
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
Summary: "user not in DBM group file" causes error and kills the
process
Product: Apache httpd-2
Version: 2.0.54
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: mod_auth_dbm
AssignedTo: bugs@httpd.apache.org
ReportedBy: jarkko@saunalahti.fi
Naturally, this kind of situation should be handled just like if the user was
not a member of the required group. The server process should not die.
I got this error with using mod_auth_kerb to authenticate and mod_auth_dbm to
authorize. It seems like mod_auth_dbm was not written with this in mind. ;)
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
------- Additional Comments From jarkko@saunalahti.fi 2006-03-25 01:00 -------
Linux localhost 2.6.15.4-generic-p4-1095 #1 SMP Sun Feb 26 10:17:45 EET 2006
i686 GNU/Linux
Debian GNU/Linux 3.1 (sarge)
Apache HTTP Server 2.0.54 (Debian package version: 2.0.54-5)
MPM: prefork
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
------- Additional Comments From rpluem@apache.org 2006-07-11 19:42 -------
Thanks for the feedback, but without a good stacktrace there is nothing I can
do. Please have a look at http://httpd.apache.org/dev/debugging.html.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
------- Additional Comments From nick@webthing.com 2006-03-22 17:35 -------
1. Indeed, it shouldn't just die, and it's a bug if it does. It should, at
worst, return Internal Server Error (500).
2. You're right, none of the authentication in 2.0 was designed as
mix-and-match. That's one of the headline changes in 2.2.
3. Since 2.2 is available and does support this kind of thing, there seems
little point in devoting time and effort to fixing it in 2.0.
4. You could of course patch it yourself, or pay someone to do it. Or it's
possible someone else will take a different view.
Leaving bug as NEW to give others time to comment. If you can provide an
exact use case (preferably one that doesn't rely on third-party modules such
as mod_auth_kerb), I or someone might try to reproduce it (but no promises).
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
------- Additional Comments From rpluem@apache.org 2006-03-24 22:57 -------
Thanks for the backtrace. It looks somewhat weird. I guess you did not compile
your httpd with -g. Could you try this again with a -g compiled httpd?
Additional questions:
- What OS are you using?
- What MPM are you using?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
------- Additional Comments From rpluem@apache.org 2006-03-23 20:50 -------
Maybe too impatient :-), but you talked about a crash of the server. So any
backtrace information available from that crash?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
------- Additional Comments From jarkko@saunalahti.fi 2006-03-23 21:44 -------
It doesn't cause a segfault. It just never responds to the browser. So I had to
stop it myself with Ctrl+c:
Program received signal SIGINT, Interrupt.
[Switching to Thread -1214361472 (LWP 6359)]
0xb7ba74d9 in poll () from /lib/tls/libc.so.6
Here's the backtrace:
(gdb) bt
#0 0xb7ba74d9 in poll () from /lib/tls/libc.so.6
#1 0xb7c754fd in apr_poll () from /usr/lib/libapr-0.so.0
#2 0xb7c75c33 in apr_wait_for_io_or_timeout () from /usr/lib/libapr-0.so.0
#3 0xb7c6aeb4 in apr_socket_recv () from /usr/lib/libapr-0.so.0
#4 0xb7dba0d5 in apr_bucket_mmap_create () from /usr/lib/libaprutil-0.so.0
#5 0xb7dbaa0e in apr_brigade_split_line () from /usr/lib/libaprutil-0.so.0
#6 0x0808ea27 in ap_core_translate ()
#7 0x080860d6 in ap_get_brigade ()
#8 0x08063cc7 in _start ()
#9 0x081fc890 in ?? ()
#10 0x0820c040 in ?? ()
#11 0x00000001 in ?? ()
#12 0x00000000 in ?? ()
#13 0x00000000 in ?? ()
#14 0x00e4e1c0 in ?? ()
#15 0x00000000 in ?? ()
#16 0x0820b3a0 in ?? ()
#17 0x00000000 in ?? ()
#18 0x00000000 in ?? ()
#19 0xbf8662c8 in ?? ()
#20 0x080860d6 in ap_get_brigade ()
#21 0x080860d6 in ap_get_brigade ()
#22 0x080860d6 in ap_get_brigade ()
#23 0x08087538 in ap_rgetline_core ()
#24 0x08087a77 in ap_parse_uri ()
#25 0x08088241 in ap_read_request ()
#26 0x08065058 in _start ()
#27 0x081fc510 in ?? ()
#28 0x00001000 in ?? ()
#29 0x00000001 in ?? ()
#30 0x0808370c in ap_run_pre_connection ()
#31 0x080835c5 in ap_run_process_connection ()
#32 0x08076974 in ap_graceful_stop_signalled ()
#33 0x08076b8b in ap_graceful_stop_signalled ()
#34 0x08076be8 in ap_graceful_stop_signalled ()
#35 0x0807745a in ap_mpm_run ()
#36 0x0807da8d in main ()
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
rpluem@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
------- Additional Comments From rpluem@apache.org 2006-03-22 20:26 -------
I guess it depends on the amount of work that is needed to fix this. To get an
estimate it would be helpful if you can provide a gdb backtrace of the crashed
process.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39060
------- Additional Comments From jarkko@saunalahti.fi 2006-03-23 08:22 -------
This problem seems to occure only when KrbMethodNegotiate is on and the client
has a valid Kerberos ticket. So I can't produce this issue with other
authentication modules (I have not tried other negotiating modules though - I
wonder if this is related to negotiation generally or just to mod_auth_kerb).
The server process exits with return value 0 and writes to the log file:
[<date here>] [error] [client <ip here>] user <user here> not in DBM group file
<AuthDBMGroupFile here>: <requested uri here>
As the server doesn't respond anything to the client, the client retries again
and again (server's error log gets 10 messages per second - and this continues a
few seconds until the client gives up).
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org