segfault in pgagroal-admin -g master-key

[will]

Describe the bug

I am trying to add users since that is required for transaction mode now, and it's my understanding that I have to use pgagroal-admin to manage the list of users allowed.

However trying to generate the master key so that I can add users, I only get segfaults

To Reproduce

[centos@rcol4mwpcvajxh7bbwe74chazm ~]$ sudo -u pgagroal pgagroal-admin -g master-key
Segmentation fault

[centos@rcol4mwpcvajxh7bbwe74chazm ~]$ sudo -u pgagroal pgagroal-admin -g -f /etc/pgagroal/pgagroal_users.conf master-key
Segmentation fault
[centos@rcol4mwpcvajxh7bbwe74chazm ~]$ ls -la /etc/pgagroal/pgagroal_users.conf
-rwxrwxrwx. 1 pgagroal root 0 Mar 15 21:16 /etc/pgagroal/pgagroal_users.conf
# I've tried different owners and different permissions, it doesn't seem to matter

[centos@rcol4mwpcvajxh7bbwe74chazm ~]$ sudo rm /etc/pgagroal/pgagroal_users.conf
[centos@rcol4mwpcvajxh7bbwe74chazm ~]$ sudo -u pgagroal pgagroal-admin -g -f /etc/pgagroal/pgagroal_users.conf master-key
Segmentation fault

Version

1.2.0

PostgreSQL

13.2

libev

4.24-6.el8

OpenSSL

1.1.1g

Access method

n/a

OS

CentOS Linux release 8.3.2011

ulimit

core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 30415
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 30415
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Configuration

Can you provide the configuration pgagroal ?

• pgagroal.conf

[pgagroal]
host = 0.0.0.0
port = 5431

log_type = syslog
log_level = debug5

pipeline = transaction
allow_unknown_users = false
idle_timeout = 0
blocking_timeout = 0

max_connections = 100
validation = off
unix_socket_dir = /tmp/

tls = on
tls_cert_file = /dat/13/data/server.crt
tls_key_file  = /dat/13/data/server.key

[primary]
host = localhost
port = 5432

• pgagroal_hba.conf

hostssl all      all   all      all

• pgagroal_databases.conf
  none
• pgagroal_users.conf
  both empty file, and not present

Debug logs

sudo coredumpctl gdb 540652
           PID: 540652 (pgagroal-admin)
           UID: 990 (pgagroal)
           GID: 987 (pgagroal)
        Signal: 11 (SEGV)
     Timestamp: Mon 2021-03-15 22:06:29 UTC (1min 28s ago)
  Command Line: pgagroal-admin -g -f /etc/pgagroal/pgagroal_users.conf master-key
    Executable: /usr/bin/pgagroal-admin
 Control Group: /user.slice/user-1000.slice/session-351.scope
          Unit: session-351.scope
         Slice: user-1000.slice
       Session: 351
     Owner UID: 1000 (centos)
       Storage: /var/lib/systemd/coredump/core.pgagroal-admin.990.72d624ef3e1845de9ef0e8e920094516.540652.1615845989000000.lz4
       Message: Process 540652 (pgagroal-admin) of user 990 dumped core.

                Stack trace of thread 540652:
                #0  0x00007f637003989c _IO_fputs (libc.so.6)
                #1  0x0000560cf533f9bf master_key (pgagroal-admin)
                #2  0x0000560cf533f360 main (pgagroal-admin)
                #3  0x00007f636ffeb7b3 __libc_start_main (libc.so.6)
                #4  0x0000560cf533f50e _start (pgagroal-admin)

(gdb) list
94	   printf("\n");
95	   printf("Commands:\n");
96	   printf("  master-key              Create or update the master key\n");
97	   printf("  add-user                Add a user\n");
98	   printf("  update-user             Update a user\n");
99	   printf("  remove-user             Remove a user\n");
100	   printf("  list-users              List all users\n");
101	   printf("\n");
102	   printf("pgagroal: %s\n", PGAGROAL_HOMEPAGE);
103	   printf("Report bugs: %s\n", PGAGROAL_ISSUES);
(gdb) bt
#0  0x00007f637003989c in fputs () from /usr/lib64/libc.so.6
#1  0x0000560cf533f9bf in master_key (password=<optimized out>, generate_pwd=<optimized out>, pwd_length=64) at /usr/src/debug/pgagroal-1.2.0-1Crunchy.el8.x86_64/src/admin.c:365
#2  0x0000560cf533f360 in main (argc=<optimized out>, argv=0x7ffea5d1ae68) at /usr/src/debug/pgagroal-1.2.0-1Crunchy.el8.x86_64/src/admin.c:198
(gdb) f 1
#1  0x0000560cf533f9bf in master_key (password=<optimized out>, generate_pwd=<optimized out>, pwd_length=64) at /usr/src/debug/pgagroal-1.2.0-1Crunchy.el8.x86_64/src/admin.c:365
365	   fputs(encoded, file);
(gdb) list
360	         goto error;
361	      }
362	   }
363
364	   pgagroal_base64_encode(password, strlen(password), &encoded);
365	   fputs(encoded, file);
366	   free(encoded);
367
368	   if (do_free)
369	   {
(gdb) p encoded
$1 = 0x560cf6685190 "eW(redacted)g=="
(gdb) p file
$2 = (FILE *) 0x0

(gdb) f 2
#2  0x0000560cf533f360 in main (argc=<optimized out>, argv=0x7ffea5d1ae68) at /usr/src/debug/pgagroal-1.2.0-1Crunchy.el8.x86_64/src/admin.c:198
198	         if (master_key(password, generate_pwd, pwd_length))
(gdb) list
193	         action = ACTION_LIST_USERS;
194	      }
195
196	      if (action == ACTION_MASTER_KEY)
197	      {
198	         if (master_key(password, generate_pwd, pwd_length))
199	         {
200	            printf("Error for master key\n");
201	            exit_code = 1;
202	         }
(gdb) p password
$3 = 0x0
(gdb) p generate_pwd
$4 = true
(gdb) p pwd_length
$5 = 64
(gdb)

[jesperpedersen]

Does the user have a home directory ? I fixed the check for that at least...

[will]

No, I created the user with useradd --system since that seemed like the thing to do. But adding the home dir appeared to fix it so I'll remove the --system

[centos ~]$ sudo -u pgagroal pgagroal-admin -g -f /etc/pgagroal/pgagroal_users.conf master-key
Segmentation fault
[centos ~]$ sudo mkhomedir_helper pgagroal
[centos ~]$ sudo -u pgagroal pgagroal-admin -g -f /etc/pgagroal/pgagroal_users.conf master-key

Thanks!

[jesperpedersen]

Ok, thanks !

-f is used with add-user - not with master-key. Thinking about that one...

[will]

It will also segfault with add-user if the -f is not there

[jesperpedersen]

Can you open a new one with that ? I get

./pgagroal-admin -g add-user
Missing file argument

[will]

Sorry, not just when the whole argument is missing, but when the file you give it isnt actually there. #145