libnss-mysql and segmentation faults

Submitted by cjdmax on Mon, 12/10/2012 - 23:49

If you're using the excellent libnss-mysql (also known as libnss-mysql-bg on Ubuntu) please, please, PLEASE read the documentation provided at their documentation pages.

You'll also note the WHERE clause contains a '%1$s'. This '%1$s' is where the system will insert the username being searched for. For getpwuid, this is a '%1$u' because we're searching based on a number (%1$u) rather than a username/string (%s). It's important to keep these correct, else things will start crashing.

If you were, for instance, to write your own SQL queries for the getpwuid portion of the config, you may make a terrible mistake. I did. You will hate yourself if you don't catch it. Everything will segfault. If you were morally so inclined this could be a 'landmine' you could leave for the next sysadmin. It is truly hell. Your initramfs generation will segfault, your ls -al will segfault... Everthing turns to shit.

About me

I am a helpdesk zen master, muckin' around with a lot of miscellanous tech since 1998. I work at a web hosting company, mostly doing linux system admin and help desk work.

Check out my 'interactive business card and CV'-site at macgillavry.name. I also do LinkedIn. This is a quasi-personal website, with general inanity and rants. My quasi-professional website can be found at tremata.nl.

pinboard

JS Bin - Collaborative JavaScript Debugging RT @simevidas: CSS image-rendering: pixelated added to Chrome Canary Demo Context
image-rendering: pixelated - Chromium Dashboard RT @simevidas: CSS image-rendering: pixelated added to Chrome Canary Demo Context
Qualys SSL Labs - Projects / SSL Server Test #ssl #poodle attack nu testbaar met dev versie van (meesterlijke) qualys ssl tester:
SSL broken, again, in POODLE attack | Ars Technica RT @arstechnica: SSL broken, again, in POODLE attack by @drpizza
Drupal 7.31 pre Auth SQL Injection Vulnerability | SektionEins GmbH RT @i0n1c: Drupal7 Pre Auth SQL Injection - #Drupageddon - one HTTP request owns any Drupal installation
Subscribe to