FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 12-28-2009, 10:29 PM
Andy Warner
 
Default newrole: double free or corruption

Got the following output from using the newrole
command on Fedora 12. Not sure where to properly report such bugs.



If it helps, the rubix_remote_client_r role transition should fail (as
it does) as there are no role transition rules for it. The role is
associated with the current SELinux user.



I believe my system just updated to the newest newrole package.

[warner@Fedora12-Dev ~]$ yum info policycoreutils

Loaded plugins: presto, refresh-packagekit

Installed Packages

Name****** : policycoreutils

Arch****** : i686

Version*** : 2.0.78

Release*** : 3.fc12

Size****** : 3.3 M

Repo****** : installed

>From repo* : updates



Error output from newrole follows:



[warner@Fedora12-Dev ~]$ newrole -r rubix_remote_client_r

Password:

failed to exec shell

: Permission denied

*** glibc detected *** newrole: double free or corruption (out):
0x01726138 ***

======= Backtrace: =========

/lib/libc.so.6(-0xff836d9f)[0x233261]

/lib/libselinux.so.1(freecon+0x1e)[0x9fd42e]

newrole(main+0x6eb)[0x119d6b]

/lib/libc.so.6(__libc_start_main+0xe6)[0x1dbbb6]

newrole(+0x16f1)[0x1186f1]

======= Memory map: ========

00117000-0011d000 r-xp 00000000 fd:00 126525**** /usr/bin/newrole

0011d000-0011e000 r--p 00005000 fd:00 126525**** /usr/bin/newrole

0011e000-0011f000 rw-p 00006000 fd:00 126525**** /usr/bin/newrole

0011f000-00135000 r-xp 00000000 fd:00 56679***** /lib/libpthread-2.11.so

00135000-00136000 r--p 00015000 fd:00 56679***** /lib/libpthread-2.11.so

00136000-00137000 rw-p 00016000 fd:00 56679***** /lib/libpthread-2.11.so

00137000-00139000 rw-p 00000000 00:00 0

001a5000-001c3000 r-xp 00000000 fd:00 56677***** /lib/ld-2.11.so

001c3000-001c4000 r--p 0001d000 fd:00 56677***** /lib/ld-2.11.so

001c4000-001c5000 rw-p 0001e000 fd:00 56677***** /lib/ld-2.11.so

001c5000-00333000 r-xp 00000000 fd:00 56678***** /lib/libc-2.11.so

00333000-00334000 ---p 0016e000 fd:00 56678***** /lib/libc-2.11.so

00334000-00336000 r--p 0016e000 fd:00 56678***** /lib/libc-2.11.so

00336000-00337000 rw-p 00170000 fd:00 56678***** /lib/libc-2.11.so

00337000-0033a000 rw-p 00000000 00:00 0

0055f000-00560000 r-xp 00000000 00:00 0********* [vdso]

005f6000-005fa000 r-xp 00000000 fd:00 1331****** /lib/libattr.so.1.1.0

005fa000-005fb000 rw-p 00003000 fd:00 1331****** /lib/libattr.so.1.1.0

0062d000-00638000 r-xp 00000000 fd:00 10441*****
/lib/libnss_files-2.11.so

00638000-00639000 r--p 0000a000 fd:00 10441*****
/lib/libnss_files-2.11.so

00639000-0063a000 rw-p 0000b000 fd:00 10441*****
/lib/libnss_files-2.11.so

008a3000-008a5000 r-xp 00000000 fd:00 15448*****
/lib/libpam_misc.so.0.82.0

008a5000-008a6000 rw-p 00001000 fd:00 15448*****
/lib/libpam_misc.so.0.82.0

00928000-0092c000 r-xp 00000000 fd:00 1332****** /lib/libcap.so.2.16

0092c000-0092d000 rw-p 00003000 fd:00 1332****** /lib/libcap.so.2.16

00992000-00995000 r-xp 00000000 fd:00 56684***** /lib/libdl-2.11.so

00995000-00996000 r--p 00002000 fd:00 56684***** /lib/libdl-2.11.so

00996000-00997000 rw-p 00003000 fd:00 56684***** /lib/libdl-2.11.so

009f3000-00a0f000 r-xp 00000000 fd:00 56687***** /lib/libselinux.so.1

00a0f000-00a10000 r--p 0001b000 fd:00 56687***** /lib/libselinux.so.1

00a10000-00a11000 rw-p 0001c000 fd:00 56687***** /lib/libselinux.so.1

00c8b000-00c97000 r-xp 00000000 fd:00 15447***** /lib/libpam.so.0.82.1

00c97000-00c98000 rw-p 0000b000 fd:00 15447***** /lib/libpam.so.0.82.1

00e6f000-00e85000 r-xp 00000000 fd:00 15446***** /lib/libaudit.so.1.0.0

00e85000-00e86000 r--p 00015000 fd:00 15446***** /lib/libaudit.so.1.0.0

00e86000-00e87000 rw-p 00016000 fd:00 15446***** /lib/libaudit.so.1.0.0

00ea9000-00ec6000 r-xp 00000000 fd:00 51325*****
/lib/libgcc_s-4.4.2-20091027.so.1

00ec6000-00ec7000 rw-p 0001c000 fd:00 51325*****
/lib/libgcc_s-4.4.2-20091027.so.1

00f05000-00f0c000 r-xp 00000000 fd:00 56680***** /lib/librt-2.11.so

00f0c000-00f0d000 r--p 00006000 fd:00 56680***** /lib/librt-2.11.so

00f0d000-00f0e000 rw-p 00007000 fd:00 56680***** /lib/librt-2.11.so

01724000-017a9000 rw-p 00000000 00:00 0********* [heap]

b7627000-b7827000 r--p 00000000 fd:00 12545*****
/usr/lib/locale/locale-archive

b7827000-b782a000 rw-p 00000000 00:00 0

b783b000-b7842000 r--s 00000000 fd:00 10739*****
/usr/lib/gconv/gconv-modules.cache

b7842000-b7843000 rw-p 00000000 00:00 0

bfcce000-bfce3000 rw-p 00000000 00:00 0********* [stack]

[warner@Fedora12-Dev ~]$






--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 12-29-2009, 09:57 AM
Dominick Grift
 
Default newrole: double free or corruption

On Mon, Dec 28, 2009 at 06:29:02PM -0500, Andy Warner wrote:
> Got the following output from using the newrole command on Fedora 12.
> Not sure where to properly report such bugs.
>
> If it helps, the rubix_remote_client_r role transition should fail (as
> it does) as there are no role transition rules for it. The role is
> associated with the current SELinux user.
>
> I believe my system just updated to the newest newrole package.
> [warner@Fedora12-Dev ~]$ yum info policycoreutils
> Loaded plugins: presto, refresh-packagekit
> Installed Packages
> Name : policycoreutils
> Arch : i686
> Version : 2.0.78
> Release : 3.fc12
> Size : 3.3 M
> Repo : installed
> >From repo : updates
>
> Error output from newrole follows:
>
> [warner@Fedora12-Dev ~]$ newrole -r rubix_remote_client_r

Does it behave as expected if you use sudo instead?

sudo -r rubix_remote_client_r -t rubix_remote_client_t -s

Eitherway looks like a bug in newrole

> Password:
> failed to exec shell
> : Permission denied
> *** glibc detected *** newrole: double free or corruption (out):
> 0x01726138 ***
> ======= Backtrace: =========
> /lib/libc.so.6(-0xff836d9f)[0x233261]
> /lib/libselinux.so.1(freecon+0x1e)[0x9fd42e]
> newrole(main+0x6eb)[0x119d6b]
> /lib/libc.so.6(__libc_start_main+0xe6)[0x1dbbb6]
> newrole(+0x16f1)[0x1186f1]
> ======= Memory map: ========
> 00117000-0011d000 r-xp 00000000 fd:00 126525 /usr/bin/newrole
> 0011d000-0011e000 r--p 00005000 fd:00 126525 /usr/bin/newrole
> 0011e000-0011f000 rw-p 00006000 fd:00 126525 /usr/bin/newrole
> 0011f000-00135000 r-xp 00000000 fd:00 56679 /lib/libpthread-2.11.so
> 00135000-00136000 r--p 00015000 fd:00 56679 /lib/libpthread-2.11.so
> 00136000-00137000 rw-p 00016000 fd:00 56679 /lib/libpthread-2.11.so
> 00137000-00139000 rw-p 00000000 00:00 0
> 001a5000-001c3000 r-xp 00000000 fd:00 56677 /lib/ld-2.11.so
> 001c3000-001c4000 r--p 0001d000 fd:00 56677 /lib/ld-2.11.so
> 001c4000-001c5000 rw-p 0001e000 fd:00 56677 /lib/ld-2.11.so
> 001c5000-00333000 r-xp 00000000 fd:00 56678 /lib/libc-2.11.so
> 00333000-00334000 ---p 0016e000 fd:00 56678 /lib/libc-2.11.so
> 00334000-00336000 r--p 0016e000 fd:00 56678 /lib/libc-2.11.so
> 00336000-00337000 rw-p 00170000 fd:00 56678 /lib/libc-2.11.so
> 00337000-0033a000 rw-p 00000000 00:00 0
> 0055f000-00560000 r-xp 00000000 00:00 0 [vdso]
> 005f6000-005fa000 r-xp 00000000 fd:00 1331 /lib/libattr.so.1.1.0
> 005fa000-005fb000 rw-p 00003000 fd:00 1331 /lib/libattr.so.1.1.0
> 0062d000-00638000 r-xp 00000000 fd:00 10441 /lib/libnss_files-2.11.so
> 00638000-00639000 r--p 0000a000 fd:00 10441 /lib/libnss_files-2.11.so
> 00639000-0063a000 rw-p 0000b000 fd:00 10441 /lib/libnss_files-2.11.so
> 008a3000-008a5000 r-xp 00000000 fd:00 15448 /lib/libpam_misc.so.0.82.0
> 008a5000-008a6000 rw-p 00001000 fd:00 15448 /lib/libpam_misc.so.0.82.0
> 00928000-0092c000 r-xp 00000000 fd:00 1332 /lib/libcap.so.2.16
> 0092c000-0092d000 rw-p 00003000 fd:00 1332 /lib/libcap.so.2.16
> 00992000-00995000 r-xp 00000000 fd:00 56684 /lib/libdl-2.11.so
> 00995000-00996000 r--p 00002000 fd:00 56684 /lib/libdl-2.11.so
> 00996000-00997000 rw-p 00003000 fd:00 56684 /lib/libdl-2.11.so
> 009f3000-00a0f000 r-xp 00000000 fd:00 56687 /lib/libselinux.so.1
> 00a0f000-00a10000 r--p 0001b000 fd:00 56687 /lib/libselinux.so.1
> 00a10000-00a11000 rw-p 0001c000 fd:00 56687 /lib/libselinux.so.1
> 00c8b000-00c97000 r-xp 00000000 fd:00 15447 /lib/libpam.so.0.82.1
> 00c97000-00c98000 rw-p 0000b000 fd:00 15447 /lib/libpam.so.0.82.1
> 00e6f000-00e85000 r-xp 00000000 fd:00 15446 /lib/libaudit.so.1.0.0
> 00e85000-00e86000 r--p 00015000 fd:00 15446 /lib/libaudit.so.1.0.0
> 00e86000-00e87000 rw-p 00016000 fd:00 15446 /lib/libaudit.so.1.0.0
> 00ea9000-00ec6000 r-xp 00000000 fd:00 51325
> /lib/libgcc_s-4.4.2-20091027.so.1
> 00ec6000-00ec7000 rw-p 0001c000 fd:00 51325
> /lib/libgcc_s-4.4.2-20091027.so.1
> 00f05000-00f0c000 r-xp 00000000 fd:00 56680 /lib/librt-2.11.so
> 00f0c000-00f0d000 r--p 00006000 fd:00 56680 /lib/librt-2.11.so
> 00f0d000-00f0e000 rw-p 00007000 fd:00 56680 /lib/librt-2.11.so
> 01724000-017a9000 rw-p 00000000 00:00 0 [heap]
> b7627000-b7827000 r--p 00000000 fd:00 12545
> /usr/lib/locale/locale-archive
> b7827000-b782a000 rw-p 00000000 00:00 0
> b783b000-b7842000 r--s 00000000 fd:00 10739
> /usr/lib/gconv/gconv-modules.cache
> b7842000-b7843000 rw-p 00000000 00:00 0
> bfcce000-bfce3000 rw-p 00000000 00:00 0 [stack]
> [warner@Fedora12-Dev ~]$
>

> --
> fedora-selinux-list mailing list
> fedora-selinux-list@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 12-29-2009, 04:04 PM
Andy Warner
 
Default newrole: double free or corruption

Dominick Grift wrote:

On Mon, Dec 28, 2009 at 06:29:02PM -0500, Andy Warner wrote:


Got the following output from using the newrole command on Fedora 12.
Not sure where to properly report such bugs.

If it helps, the rubix_remote_client_r role transition should fail (as
it does) as there are no role transition rules for it. The role is
associated with the current SELinux user.

I believe my system just updated to the newest newrole package.
[warner@Fedora12-Dev ~]$ yum info policycoreutils
Loaded plugins: presto, refresh-packagekit
Installed Packages
Name : policycoreutils
Arch : i686
Version : 2.0.78
Release : 3.fc12
Size : 3.3 M
Repo : installed
>From repo : updates

Error output from newrole follows:

[warner@Fedora12-Dev ~]$ newrole -r rubix_remote_client_r



Does it behave as expected if you use sudo instead?

sudo -r rubix_remote_client_r -t rubix_remote_client_t -s

Eitherway looks like a bug in newrole


Yes, sudo behaves as expected. The problem does not happen. The sudo
command fails normally being unable to exec bash do to a lack of a
transition rule.





Password:
failed to exec shell
: Permission denied
*** glibc detected *** newrole: double free or corruption (out):
0x01726138 ***
======= Backtrace: =========
/lib/libc.so.6(-0xff836d9f)[0x233261]
/lib/libselinux.so.1(freecon+0x1e)[0x9fd42e]
newrole(main+0x6eb)[0x119d6b]
/lib/libc.so.6(__libc_start_main+0xe6)[0x1dbbb6]
newrole(+0x16f1)[0x1186f1]
======= Memory map: ========
00117000-0011d000 r-xp 00000000 fd:00 126525 /usr/bin/newrole
0011d000-0011e000 r--p 00005000 fd:00 126525 /usr/bin/newrole
0011e000-0011f000 rw-p 00006000 fd:00 126525 /usr/bin/newrole
0011f000-00135000 r-xp 00000000 fd:00 56679 /lib/libpthread-2.11.so
00135000-00136000 r--p 00015000 fd:00 56679 /lib/libpthread-2.11.so
00136000-00137000 rw-p 00016000 fd:00 56679 /lib/libpthread-2.11.so
00137000-00139000 rw-p 00000000 00:00 0
001a5000-001c3000 r-xp 00000000 fd:00 56677 /lib/ld-2.11.so
001c3000-001c4000 r--p 0001d000 fd:00 56677 /lib/ld-2.11.so
001c4000-001c5000 rw-p 0001e000 fd:00 56677 /lib/ld-2.11.so
001c5000-00333000 r-xp 00000000 fd:00 56678 /lib/libc-2.11.so
00333000-00334000 ---p 0016e000 fd:00 56678 /lib/libc-2.11.so
00334000-00336000 r--p 0016e000 fd:00 56678 /lib/libc-2.11.so
00336000-00337000 rw-p 00170000 fd:00 56678 /lib/libc-2.11.so
00337000-0033a000 rw-p 00000000 00:00 0
0055f000-00560000 r-xp 00000000 00:00 0 [vdso]
005f6000-005fa000 r-xp 00000000 fd:00 1331 /lib/libattr.so.1.1.0
005fa000-005fb000 rw-p 00003000 fd:00 1331 /lib/libattr.so.1.1.0
0062d000-00638000 r-xp 00000000 fd:00 10441 /lib/libnss_files-2.11.so
00638000-00639000 r--p 0000a000 fd:00 10441 /lib/libnss_files-2.11.so
00639000-0063a000 rw-p 0000b000 fd:00 10441 /lib/libnss_files-2.11.so
008a3000-008a5000 r-xp 00000000 fd:00 15448 /lib/libpam_misc.so.0.82.0
008a5000-008a6000 rw-p 00001000 fd:00 15448 /lib/libpam_misc.so.0.82.0
00928000-0092c000 r-xp 00000000 fd:00 1332 /lib/libcap.so.2.16
0092c000-0092d000 rw-p 00003000 fd:00 1332 /lib/libcap.so.2.16
00992000-00995000 r-xp 00000000 fd:00 56684 /lib/libdl-2.11.so
00995000-00996000 r--p 00002000 fd:00 56684 /lib/libdl-2.11.so
00996000-00997000 rw-p 00003000 fd:00 56684 /lib/libdl-2.11.so
009f3000-00a0f000 r-xp 00000000 fd:00 56687 /lib/libselinux.so.1
00a0f000-00a10000 r--p 0001b000 fd:00 56687 /lib/libselinux.so.1
00a10000-00a11000 rw-p 0001c000 fd:00 56687 /lib/libselinux.so.1
00c8b000-00c97000 r-xp 00000000 fd:00 15447 /lib/libpam.so.0.82.1
00c97000-00c98000 rw-p 0000b000 fd:00 15447 /lib/libpam.so.0.82.1
00e6f000-00e85000 r-xp 00000000 fd:00 15446 /lib/libaudit.so.1.0.0
00e85000-00e86000 r--p 00015000 fd:00 15446 /lib/libaudit.so.1.0.0
00e86000-00e87000 rw-p 00016000 fd:00 15446 /lib/libaudit.so.1.0.0
00ea9000-00ec6000 r-xp 00000000 fd:00 51325
/lib/libgcc_s-4.4.2-20091027.so.1
00ec6000-00ec7000 rw-p 0001c000 fd:00 51325
/lib/libgcc_s-4.4.2-20091027.so.1
00f05000-00f0c000 r-xp 00000000 fd:00 56680 /lib/librt-2.11.so
00f0c000-00f0d000 r--p 00006000 fd:00 56680 /lib/librt-2.11.so
00f0d000-00f0e000 rw-p 00007000 fd:00 56680 /lib/librt-2.11.so
01724000-017a9000 rw-p 00000000 00:00 0 [heap]
b7627000-b7827000 r--p 00000000 fd:00 12545
/usr/lib/locale/locale-archive
b7827000-b782a000 rw-p 00000000 00:00 0
b783b000-b7842000 r--s 00000000 fd:00 10739
/usr/lib/gconv/gconv-modules.cache
b7842000-b7843000 rw-p 00000000 00:00 0
bfcce000-bfce3000 rw-p 00000000 00:00 0 [stack]
[warner@Fedora12-Dev ~]$






--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list






--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list



--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 11:36 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org