Bug#918088: autofs-ldap: automount dies with SIGABRT after libkrb5-3 upgrade - "(k5_mutex_lock: Assertion `r == 0' failed.)"

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#918088: autofs-ldap: automount dies with SIGABRT after libkrb5-3 upgrade - "(k5_mutex_lock: Assertion `r == 0' failed.)"
From: Andreas Maus <maus+debianbug@ypbind.de>
Date: Thu, 3 Jan 2019 08:06:07 +0100
Message-id: <[🔎] 20190103070607.oprlh5lkt55ufzku@ypbind.de>
Reply-to: Andreas Maus <maus+debianbug@ypbind.de>, 918088@bugs.debian.org
Package: autofs-ldap
Version: 5.1.2-4
Severity: grave
Justification: renders package unusable

Good morning.

After the latest upgrade of libkrb5-3 (1.16.1-1 -> 1.16.2-1) automount
starts but dies immediately after accessing a automounter point.

Automount is configured to authenticate via GSSAPI using system keytab.
After the GSSAPI authentication succeeded, any access to a configure
automount entry causes automount to die with an assertion failure
(followed by an abort()):

root@dagon:~# /usr/sbin/automount -d -f 
Starting automounter version 5.1.2, master map /etc/auto.master
using kernel protocol version 5.03
lookup_nss_read_master: reading master file /etc/auto.master
do_init: parse(sun): init gathered global options: (null)
lookup_read_master: lookup(file): read entry /home
master_do_mount: mounting /home
automount_path_to_fifo: fifo name /var/run/autofs.fifo-home
lookup_nss_read_map: reading map ldap ldap:automountmapname=auto.home,cn=badphish,cn=automount,dc=badphish,dc=ypbind,dc=de
parse_server_string: lookup(ldap): Attempting to parse LDAP information from string "ldap:automountmapname=auto.home,cn=badphish,cn=automount,dc=badphish,dc=ypbind,dc=de".
parse_server_string: lookup(ldap): server "(default)", base dn "automountmapname=auto.home,cn=badphish,cn=automount,dc=badphish,dc=ypbind,dc=de"
parse_ldap_config: lookup(ldap): ldap authentication configured with the following options:
parse_ldap_config: lookup(ldap): use_tls: 1, tls_required: 0, auth_required: 2, sasl_mech: GSSAPI
parse_ldap_config: lookup(ldap): user: (null), secret: unspecified, client principal: host/dagon.badphish.ypbind.de@BADPHISH.YPBIND.DE credential cache: (null)
do_init: parse(sun): init gathered global options: rw,hard,intr,nosuid
find_server: trying server uri ldap://ipa-1.badphish.ypbind.de
do_bind: lookup(ldap): auth_required: 2, sasl_mech GSSAPI
sasl_do_kinit: initializing kerberos ticket: client principal host/dagon.badphish.ypbind.de@BADPHISH.YPBIND.DE
sasl_do_kinit: calling krb5_parse_name on client principal host/dagon.badphish.ypbind.de@BADPHISH.YPBIND.DE
sasl_do_kinit: Using tgs name krbtgt/BADPHISH.YPBIND.DE@BADPHISH.YPBIND.DE
sasl_do_kinit: Kerberos authentication was successful!
sasl_bind_mech: Attempting sasl bind with mechanism GSSAPI
sasl_log_func: GSSAPI client step 1
getuser_func: called with context (nil), id 16385.
sasl_log_func: GSSAPI client step 1
getuser_func: called with context (nil), id 16385.
sasl_log_func: GSSAPI client step 2
sasl_bind_mech: sasl bind with mechanism GSSAPI succeeded
do_bind: lookup(ldap): autofs_sasl_bind returned 0
get_query_dn: lookup(ldap): found query dn automountmapname=auto.home,cn=badphish,cn=automount,dc=badphish,dc=ypbind,dc=de
connected to uri ldap://ipa-1.badphish.ypbind.de
read_one_map: lookup(ldap): searching for "(objectclass=automount)" under "automountmapname=auto.home,cn=badphish,cn=automount,dc=badphish,dc=ypbind,dc=de"
do_get_entries: lookup(ldap): examining entries
do_get_entries: lookup(ldap): failed to get next entry for query (objectclass=automount)
read_one_map: lookup(ldap): done updating map
remount_active_mount: trying to re-connect to mount /home
mounted indirect on /home with timeout 300, freq 75 seconds
remount_active_mount: re-connected to mount /home
st_ready: st_ready(): state = 0 path /home
ghosting enabled
handle_packet: type = 3
handle_packet_missing_indirect: token 3, name maus, request pid 6541
attempting to mount entry /home/maus
lookup_mount: lookup(ldap): looking up maus
do_bind: lookup(ldap): auth_required: 2, sasl_mech GSSAPI
sasl_bind_mech: Attempting sasl bind with mechanism GSSAPI
sasl_log_func: GSSAPI client step 1
getuser_func: called with context (nil), id 16385.
k5_mutex_lock: Received error 22 (Invalid argument)
automount: ../../../../src/include/k5-thread.h:376: k5_mutex_lock: Assertion `r == 0' failed.
Aborted (core dumped)

Backtrace of the core dump:

root@dagon:~# gdb /usr/sbin/automount /core
GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/sbin/automount...(no debugging symbols found)...done.
[New LWP 6542]
[New LWP 6521]
[New LWP 6522]
[New LWP 6523]
[New LWP 6526]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/sbin/automount -d -f'.
Program terminated with signal SIGABRT, Aborted.
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50      ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
[Current thread is 1 (Thread 0x7f80f0a69700 (LWP 6542))]
(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007f80f4863535 in __GI_abort () at abort.c:79
#2  0x00007f80f486340f in __assert_fail_base (fmt=0x7f80f49c5ee8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x7f80f18e7029 "r == 0", file=0x7f80f18e6f58 "../../../../src/include/k5-thread.h", line=376, function=<optimized out>) at assert.c:92
#3  0x00007f80f48710a2 in __GI___assert_fail (assertion=0x7f80f18e7029 "r == 0", file=0x7f80f18e6f58 "../../../../src/include/k5-thread.h", line=376, function=0x7f80f18e7040 "k5_mutex_lock") at assert.c:101
#4  0x00007f80f188bea3 in ?? () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3
#5  0x00007f80f188c677 in ?? () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3
#6  0x00007f80f1894776 in ?? () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3
#7  0x00007f80f188d2bd in krb5_cccol_have_content () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3
#8  0x00007f80f1651b63 in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#9  0x00007f80f1651e18 in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#10 0x00007f80f1651f4c in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#11 0x00007f80f1654d9f in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#12 0x00007f80f1659a08 in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#13 0x00007f80f165a702 in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#14 0x00007f80f164522b in gss_init_sec_context () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
#15 0x00007f80f0b11637 in ?? () from /usr/lib/x86_64-linux-gnu/sasl2/libgssapiv2.so
#16 0x00007f80f194502d in sasl_client_step () from /usr/lib/x86_64-linux-gnu/libsasl2.so.2
#17 0x00007f80f1945644 in sasl_client_start () from /usr/lib/x86_64-linux-gnu/libsasl2.so.2
#18 0x00007f80f19ee6c4 in sasl_bind_mech () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
#19 0x00007f80f19eea73 in autofs_sasl_bind () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
#20 0x00007f80f19e66cd in ?? () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
#21 0x00007f80f19e71c6 in ?? () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
#22 0x00007f80f19eab40 in lookup_mount () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
#23 0x0000561142bcc0ed in do_lookup_mount ()
#24 0x0000561142bcce39 in lookup_nss_mount ()
#25 0x0000561142bc2e25 in ?? ()
#26 0x00007f80f4bd0fa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
#27 0x00007f80f493a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
(gdb) bt full
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
        set = {__val = {18446744067266836999, 140191557793744, 140191769960000, 140191835330183, 4222451712, 140191557793744, 140191557793744, 140191557793744, 140191557793744, 140191557793838, 140191557793844, 140191557793744, 140191557793844, 0, 0, 0}}
        pid = <optimized out>
        tid = <optimized out>
        ret = <optimized out>
#1  0x00007f80f4863535 in __GI_abort () at abort.c:79
        save_stage = 1
        act = {__sigaction_handler = {sa_handler = 0x7f80e400b7d0, sa_sigaction = 0x7f80e400b7d0}, sa_mask = {__val = {0, 140191557746720, 140191836388992, 0, 0, 0, 140191769959656, 21474836480, 140191769959504, 140191836445360, 140191836430056, 0, 958733083460192768, 140191836414906, 0, 140191836430056}}, sa_flags = -242323624, sa_restorer = 0x7f80f18e7029}
        sigs = {__val = {32, 0 <repeats 15 times>}}
#2  0x00007f80f486340f in __assert_fail_base (fmt=0x7f80f49c5ee8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x7f80f18e7029 "r == 0", file=0x7f80f18e6f58 "../../../../src/include/k5-thread.h", line=376, function=<optimized out>) at assert.c:92
        str = 0x7f80e400b7d0 ""
        total = 4096
#3  0x00007f80f48710a2 in __GI___assert_fail (assertion=0x7f80f18e7029 "r == 0", file=0x7f80f18e6f58 "../../../../src/include/k5-thread.h", line=376, function=0x7f80f18e7040 "k5_mutex_lock") at assert.c:101
No locals.
#4  0x00007f80f188bea3 in ?? () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3
No symbol table info available.
#5  0x00007f80f188c677 in ?? () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3
No symbol table info available.
#6  0x00007f80f1894776 in ?? () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3
No symbol table info available.
#7  0x00007f80f188d2bd in krb5_cccol_have_content () from /usr/lib/x86_64-linux-gnu/libkrb5.so.3
No symbol table info available.
#8  0x00007f80f1651b63 in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
No symbol table info available.
#9  0x00007f80f1651e18 in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
No symbol table info available.
#10 0x00007f80f1651f4c in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
No symbol table info available.
#11 0x00007f80f1654d9f in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
No symbol table info available.
#12 0x00007f80f1659a08 in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
No symbol table info available.
#13 0x00007f80f165a702 in ?? () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
No symbol table info available.
#14 0x00007f80f164522b in gss_init_sec_context () from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2
No symbol table info available.
#15 0x00007f80f0b11637 in ?? () from /usr/lib/x86_64-linux-gnu/sasl2/libgssapiv2.so
No symbol table info available.
#16 0x00007f80f194502d in sasl_client_step () from /usr/lib/x86_64-linux-gnu/libsasl2.so.2
No symbol table info available.
#17 0x00007f80f1945644 in sasl_client_start () from /usr/lib/x86_64-linux-gnu/libsasl2.so.2
No symbol table info available.
#18 0x00007f80f19ee6c4 in sasl_bind_mech () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
No symbol table info available.
#19 0x00007f80f19eea73 in autofs_sasl_bind () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
No symbol table info available.
#20 0x00007f80f19e66cd in ?? () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
No symbol table info available.
#21 0x00007f80f19e71c6 in ?? () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
No symbol table info available.
#22 0x00007f80f19eab40 in lookup_mount () from /usr/lib/x86_64-linux-gnu/autofs/lookup_ldap.so
No symbol table info available.
#23 0x0000561142bcc0ed in do_lookup_mount ()
No symbol table info available.
#24 0x0000561142bcce39 in lookup_nss_mount ()
No symbol table info available.
#25 0x0000561142bc2e25 in ?? ()
No symbol table info available.
#26 0x00007f80f4bd0fa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
        ret = <optimized out>
        pd = <optimized out>
        now = <optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140191769990912, 2798758188214480326, 140191794821246, 140191794821247, 140191769990912, 0, -2749782977331499578, -2749791975297290810}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
        not_first_call = <optimized out>
#27 0x00007f80f493a88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
No locals.

System keytab is valid and can be used to get a TGT:

root@dagon:~# klist 
klist: No credentials cache found (filename: /tmp/krb5cc_0)
root@dagon:~# kinit -kt /etc/krb5.keytab 
root@dagon:~# klist 
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: host/dagon.badphish.ypbind.de@BADPHISH.YPBIND.DE

Valid starting       Expires              Service principal
01/03/2019 08:01:57  01/04/2019 08:01:57  krbtgt/BADPHISH.YPBIND.DE@BADPHISH.YPBIND.DE

Other "buster" systems using the previous version of libkrb5-3 (1.16.1-1) are working fine.

So long,

Andreas.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages autofs-ldap depends on:
ii  autofs         5.1.2-4
ii  libc6          2.28-2
ii  libcom-err2    1.44.5-1
ii  libk5crypto3   1.16.2-1
ii  libkrb5-3      1.16.2-1
ii  libldap-2.4-2  2.4.47+dfsg-1
ii  libsasl2-2     2.1.27~rc8-1
ii  libxml2        2.9.4+dfsg1-7+b3

autofs-ldap recommends no packages.

autofs-ldap suggests no packages.

-- Configuration Files:
/etc/autofs_ldap_auth.conf changed:
<?xml version="1.0" ?>
<!--
Managed by ansible
This files contains a single entry with multiple attributes tied to it.
See autofs_ldap_auth.conf(5) for more information.
-->
<autofs_ldap_sasl_conf
     usetls="yes"
     tlsrequired="no"
     authrequired="yes"
     authtype="GSSAPI"
     clientprinc="host/dagon.badphish.ypbind.de@BADPHISH.YPBIND.DE"
/>


-- no debconf information
-- 
"Things that try to look like things often do
 look more like things than things. Well-known fact."
Granny Weatherwax - "Wyrd sisters"
Attachment: signature.asc
Description: PGP signature
Reply to:
Follow-Ups:
- Processed: Re: Bug#918088: Acknowledgement (autofs-ldap: automount dies with SIGABRT after libkrb5-3 upgrade - "(k5_mutex_lock: Assertion `r == 0' failed.)")
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Prev by Date: Bug#716582: marked as done ([Mayhem] Bug report on joy2key: joy2key crashes with exit status 139)
Next by Date: Editing photos 112
Previous by thread: Bug#716582: marked as done ([Mayhem] Bug report on joy2key: joy2key crashes with exit status 139)
Next by thread: Bug#918088: Acknowledgement (autofs-ldap: automount dies with SIGABRT after libkrb5-3 upgrade - "(k5_mutex_lock: Assertion `r == 0' failed.)")
Index(es):
- Date
- Thread