You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2006/03/22 14:38:32 UTC

DO NOT REPLY [Bug 39060] New: - "user not in DBM group file" causes error and kills the process

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060

           Summary: "user not in DBM group file" causes error and kills the
                    process
           Product: Apache httpd-2
           Version: 2.0.54
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_auth_dbm
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: jarkko@saunalahti.fi


Naturally, this kind of situation should be handled just like if the user was
not a member of the required group. The server process should not die.

I got this error with using mod_auth_kerb to authenticate and mod_auth_dbm to
authorize. It seems like mod_auth_dbm was not written with this in mind. ;)

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060





------- Additional Comments From jarkko@saunalahti.fi  2006-03-25 01:00 -------
Linux localhost 2.6.15.4-generic-p4-1095 #1 SMP Sun Feb 26 10:17:45 EET 2006
i686 GNU/Linux

Debian GNU/Linux 3.1 (sarge)

Apache HTTP Server 2.0.54 (Debian package version: 2.0.54-5)

MPM: prefork

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060





------- Additional Comments From rpluem@apache.org  2006-07-11 19:42 -------
Thanks for the feedback, but without a good stacktrace there is nothing I can
do. Please have a look at http://httpd.apache.org/dev/debugging.html.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060





------- Additional Comments From nick@webthing.com  2006-03-22 17:35 -------
1.  Indeed, it shouldn't just die, and it's a bug if it does.  It should, at  
worst, return Internal Server Error (500).  
  
2.  You're right, none of the authentication in 2.0 was designed as  
mix-and-match.  That's one of the headline changes in 2.2.  
  
3.  Since 2.2 is available and does support this kind of thing, there seems  
little point in devoting time and effort to fixing it in 2.0.  
  
4.  You could of course patch it yourself, or pay someone to do it.  Or it's  
possible someone else will take a different view.  
  
Leaving bug as NEW to give others time to comment.  If you can provide an  
exact use case (preferably one that doesn't rely on third-party modules such  
as mod_auth_kerb), I or someone might try to reproduce it (but no promises). 

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060





------- Additional Comments From rpluem@apache.org  2006-03-24 22:57 -------
Thanks for the backtrace. It looks somewhat weird. I guess you did not compile
your httpd with -g. Could you try this again with a -g compiled httpd?
Additional questions:

- What OS are you using?
- What MPM are you using?


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060





------- Additional Comments From rpluem@apache.org  2006-03-23 20:50 -------
Maybe too impatient :-), but you talked about a crash of the server. So any
backtrace information available from that crash?

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060





------- Additional Comments From jarkko@saunalahti.fi  2006-03-23 21:44 -------
It doesn't cause a segfault. It just never responds to the browser. So I had to
stop it myself with Ctrl+c:

Program received signal SIGINT, Interrupt.
[Switching to Thread -1214361472 (LWP 6359)]
0xb7ba74d9 in poll () from /lib/tls/libc.so.6

Here's the backtrace:

(gdb) bt
#0  0xb7ba74d9 in poll () from /lib/tls/libc.so.6
#1  0xb7c754fd in apr_poll () from /usr/lib/libapr-0.so.0
#2  0xb7c75c33 in apr_wait_for_io_or_timeout () from /usr/lib/libapr-0.so.0
#3  0xb7c6aeb4 in apr_socket_recv () from /usr/lib/libapr-0.so.0
#4  0xb7dba0d5 in apr_bucket_mmap_create () from /usr/lib/libaprutil-0.so.0
#5  0xb7dbaa0e in apr_brigade_split_line () from /usr/lib/libaprutil-0.so.0
#6  0x0808ea27 in ap_core_translate ()
#7  0x080860d6 in ap_get_brigade ()
#8  0x08063cc7 in _start ()
#9  0x081fc890 in ?? ()
#10 0x0820c040 in ?? ()
#11 0x00000001 in ?? ()
#12 0x00000000 in ?? ()
#13 0x00000000 in ?? ()
#14 0x00e4e1c0 in ?? ()
#15 0x00000000 in ?? ()
#16 0x0820b3a0 in ?? ()
#17 0x00000000 in ?? ()
#18 0x00000000 in ?? ()
#19 0xbf8662c8 in ?? ()
#20 0x080860d6 in ap_get_brigade ()
#21 0x080860d6 in ap_get_brigade ()
#22 0x080860d6 in ap_get_brigade ()
#23 0x08087538 in ap_rgetline_core ()
#24 0x08087a77 in ap_parse_uri ()
#25 0x08088241 in ap_read_request ()
#26 0x08065058 in _start ()
#27 0x081fc510 in ?? ()
#28 0x00001000 in ?? ()
#29 0x00000001 in ?? ()
#30 0x0808370c in ap_run_pre_connection ()
#31 0x080835c5 in ap_run_process_connection ()
#32 0x08076974 in ap_graceful_stop_signalled ()
#33 0x08076b8b in ap_graceful_stop_signalled ()
#34 0x08076be8 in ap_graceful_stop_signalled ()
#35 0x0807745a in ap_mpm_run ()
#36 0x0807da8d in main ()

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060


rpluem@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |NEEDINFO




------- Additional Comments From rpluem@apache.org  2006-03-22 20:26 -------
I guess it depends on the amount of work that is needed to fix this. To get an
estimate it would be helpful if you can provide a gdb backtrace of the crashed
process.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

DO NOT REPLY [Bug 39060] - "user not in DBM group file" causes error and kills the process

Posted by bu...@apache.org.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39060>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39060





------- Additional Comments From jarkko@saunalahti.fi  2006-03-23 08:22 -------
This problem seems to occure only when KrbMethodNegotiate is on and the client
has a valid Kerberos ticket. So I can't produce this issue with other
authentication modules (I have not tried other negotiating modules though - I
wonder if this is related to negotiation generally or just to mod_auth_kerb).

The server process exits with return value 0 and writes to the log file:

[<date here>] [error] [client <ip here>] user <user here> not in DBM group file
<AuthDBMGroupFile here>: <requested uri here>

As the server doesn't respond anything to the client, the client retries again
and again (server's error log gets 10 messages per second - and this continues a
few seconds until the client gives up).

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org