Bug 30243 - su on UCC client ends up in segmentation fault
su on UCC client ends up in segmentation fault
Product: Univention Corporate Client (UCC)
Classification: Unclassified
Component: General
Other Linux
: P5 normal
: UCC 2.0
Assigned To: Felix Botner
Moritz Muehlenhoff
: interim-2
Depends on:
  Show dependency treegraph
Reported: 2013-01-31 16:28 CET by Florian Best
Modified: 2014-06-12 09:20 CEST (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2013-01-31 16:28:47 CET
When trying to e.g. 'su Administrator' (or any other Domain User) on a UCC-Client which is joined i get an Segmentation fault.
Comment 1 Alexander Kläser univentionstaff 2013-02-01 10:19:26 CET
Is the UCR variable auth/login/group/... set?
Comment 2 Moritz Muehlenhoff univentionstaff 2013-02-01 14:47:55 CET
Switching to root with su works. We'll fix that for the next release.
Comment 3 Felix Botner univentionstaff 2014-04-22 12:42:13 CEST
works for me

-> univention-run-join-scripts 
univention-run-join-scripts: runs all join scripts existing on local computer.
copyright (c) 2001-2014 Univention GmbH, Germany
Enter DC Master Account : Administrator
Enter DC Master Password: 
Search LDAP binddn                                done
Running 20univention-directory-policy.inst        skipped (already executed)
Running 45univention-join.inst                    skipped (already executed)
Running 51univention-ucc-initramfs.inst           skipped (already executed)

-> su Administrator
Erstelle Verzeichnis '/home/Administrator'.
Administrator@ucc1:/root$ exit
Comment 4 Moritz Muehlenhoff univentionstaff 2014-04-22 14:55:15 CEST
As discussed, this occurs when running su as non-root.
Comment 6 Felix Botner univentionstaff 2014-04-23 09:45:18 CEST
Our pam config is fine.
Seems that a bug in libgcrypt11 (which is used by gnutls26 -> libpam-ldap -> /etc/pam.d/common-account) is the reason for this problem. "su" works fine if gnutls26 is rebuilt with nettle (not libgcrypt11) but this is not an option as we don't want to rebuild this base library. The best we wait for a fix in ubuntu.


test1@ucc-> su test2

test1@ucc-> su root
root@ucc-> su test2
Comment 7 Moritz Muehlenhoff univentionstaff 2014-04-23 12:56:28 CEST
Agreed, we shouldn't deviate from Kubuntu in a core library like GnuTLS. Also, this only affects a corner case regular users won't be seeing.
Comment 8 Moritz Muehlenhoff univentionstaff 2014-06-12 09:20:08 CEST
UCC 2.0 has been released:

If this error occurs again, please use "Clone This Bug".