GDB Example Debugging Session: Segmentation Fault Example

We are going to use gdb to figure out why the following program causes a segmentation fault. The program is meant to read in a line of text from the user and print it. However, we will see that in it's current state it doesn't work as expected...

1 : #include 

2 : #include 



3 : int main(int argc, char **argv)

4 : {

5 :   char *buf;

6 :

7 :   buf = malloc(1<<31);

8 :

9 :   fgets(buf, 1024, stdin);

10:   printf("%s\n", buf);

11:

12:   return 1;

13: }

---

The first step is to compile the program with debugging flags:

prompt> gcc -g segfault.c

Now we run the program:

prompt > a.out

Hello World!

Segmentation fault

prompt >

This is not what we want. Time to fire up gdb:

prompt > gdb a.out

GNU gdb 5.0

Copyright 2000 Free Software Foundation, Inc.

GDB is free software, covered by the GNU General Public License, and you are

welcome to change it and/or distribute copies of it under certain conditions.

Type "show copying" to see the conditions.

There is absolutely no warranty for GDB.  Type "show warranty" for details.

This GDB was configured as "i686-pc-linux-gnu"...

(gdb)

We'll just run it and see what happens:

(gdb) run

Starting program: /home/dgawd/cpsc/363/a.out

test string



Program received signal SIGSEGV, Segmentation fault.

0x4007fc13 in _IO_getline_info () from /lib/libc.so.6

So we received the SIGSEGV signal from the operating system. This means that we tried to access an invalid memory address. Let's take a backtrace:

(gdb) backtrace

#0  0x4007fc13 in _IO_getline_info () from /lib/libc.so.6

#1  0x4007fb6c in _IO_getline () from /lib/libc.so.6

#2  0x4007ef51 in fgets () from /lib/libc.so.6

#3  0x80484b2 in main (argc=1, argv=0xbffffaf4) at segfault.c:10

#4  0x40037f5c in __libc_start_main () from /lib/libc.so.6

We are only interested in our own code here, so we want to switch to stack frame 3 and see where the program crashed:

(gdb) frame 3

#3  0x80484b2 in main (argc=1, argv=0xbffffaf4) at segfault.c:10

10        fgets(buf, 1024, stdin)

We crashed inside the call to fgets. In general, we can assume that library functions such as fgets work properly (if this isn't the case, we are in a lot of trouble). So the problem must be one of our arguments. You may not know that 'stdin' is a global variable that is created by the stdio libraries. So we can assume this one is ok. That leaves us with 'buf':

(gdb) print buf

$1 = 0x0

The value of buf is 0x0, which is the NULL pointer. This is not what we want - buf should point to the memory we allocated on line 8. So we're going to have to find out what happened there. First we want to kill the currently-running invocation of our program:

(gdb) kill

Kill the program being debugged? (y or n) y

Now set a breakpoint on line 8:

(gdb) break segfault.c:8

Breakpoint 1 at 0x8048486: file segfault.c, line 8.

Now run the program again:

(gdb) run

Starting program: /home/dgawd/cpsc/363/a.out



Breakpoint 1, main (argc=1, argv=0xbffffaf4) at segfault.c:8

8         buf = malloc(1<<31);

We're going to check the value of buf before the malloc call. Since buf wasn't initialized, the value should be garbage, and it is:

(gdb) print buf

$2 = 0xbffffaa8 "Èúÿ¿#\177\003@t`\001@\001"

Now step over the malloc call and examine buf again:

(gdb) next

10        fgets(buf, 1024, stdin);

(gdb) print buf

$3 = 0x0

After the call to malloc, buf is NULL. If you were to go check the man page for malloc, you would discover that malloc returns NULL when it cannot allocate the amount of memory requested. So our malloc must have failed. Let's go back and look at it again:

7 :   buf = malloc(1<<31);

Well, the value of the expression 1 <<>

prompt >

Hello World!

Hello World!



prompt >

So now you know how to debug segmentation faults with gdb. This is extremely useful (I use it more often then I care to admit). The example also illustrated another very important point: ALWAYS CHECK THE RETURN VALUE OF MALLOC! Have a nice day.

Linux Authentication with Active Directory 2003 R2

One way of simplifying your authentication environment is to use a single authentication source for all of your nodes - Windows, Linux or Unix. You can authenticate them all against a directroy service such a Active directory or eDirectory. In this article we'll describe how to unify your Linux and Active Directroy environment. with minor changes, this same procedure can be used to authenticate your Linux hosts against eDirectory or any other LDAP compliant Directory Service.

Windows 2003 is nothing but customized version of LDAP and attributes. We can modify and extend schema of windows LDAP to store custome values and attributes. SFU ( Service for Unix) package doing same thing which can extend microsoft ldap schema and make it compatibale to store Linux/Unix POSIX compliant attributes. SFU is freely available for windows 2000/2003 early version but Windows 2003 R2 version as inbuilt Unix managment capability so you do not need to install SFU or extranal software.

Following is my setup to configure Linux to authenticate against active directory.

1. Enable Unix/Linux Identity Managment for Unix in Windows 2003 R2

Start > Settings > Control Panel > Add/Remove Windows Components and select Active Directory Services









2. Once this installed you can see new tab in Active Directory Users and Computers inside User management properties. And select NIS Domain (which is default Domain name) define UID, GID, Home Directory of user which you want at Linux/Unix for users side at logon.












(Notes :- I have created new OU with UNIX name and created three different OU inside UNIX , People, Groups & Computers for easy management. You can use anyname you like)

3. Linux workstation configuration file following.

a. /etc/ldap.conf
b. /etc/nsswitch.conf
c. /etc/krb5.conf
d. /etc/pam.d/system-auth

Following my configuration files.

#cat /etc/ldap.conf










# cat /etc/nsswitch.conf

passwd: file ldap
shadow: file ldap
group: file ldap


# cat /etc/krb5.conf



# cat /etc/pam.d/system-auth
(Notes : Please compile or install latest version of pam_krb5.so. older version has some bug which break your functionality)

I have compiled pam_krb5-2.3.7 which support force password change at next logon.



After done all the above changes you can run getent command to check list of user created in AD.

#getent passwd
#getent group


TEST Configuration:

Create user account with option "User must change password at next logon"



Now try to login at Unix/Linux workstation with user.



Single Sign on (SSO) Configuration with OpenSSH.


Logged into Windows 2003 R2 and run following command to generate keytab file for kerberos services principal.

c:\>ktpass -princ host/linux01.example.com@EXAMPLE.COM -mapuser EXAMPLE\linux01 -crypto rc4-hmac-nt -pass * -ptype KRB5_NT_SRV_HST -out linux01.keytab

(EXAMPLE.COM is a realm of kerberos or Domain name of Windows 2003 it should be Upper letter, and EXAMPLE\linux01 is NetBios name of Domain and workstation of Linux, -pass * command will ask you for workstation password any password which you want to set for workstation)

c:\> setspn linux01

(setspn will Registere ServicePrincipalNames)

Now copy linux01.keytab file securly on linux01 workstation and rename and copy inside /etc/krb5.keytab

Verifiy keytab with following command

#klist -keK /etc/krb5.keytab

TEST SSO Login for SSH.

Loggied into Linux workstation (linux01 in my example)

Get kerberos ticket run following command.

#kinit username

Verifiy kerberos TGT ticket to run following command.

#klist

Run SSH and it will not ask you for password this time because you have kerberos ticket already.

#ssh username@linux01

Best of Luck for your configuration.

Solaris 10 basic commands

useful OS information gathering commands

1. cat /etc/release
2. showrev
3. uname -a

Determine configured memory (includes physical memory)

1. prtconf

Determine installed processor (includes physical/virtual)

1. psrinfo
2. psrinfo -v (list virtual processors and info)
3. psrinfo -pv (list physical and accosiated virtual processors)

Determine processor platform arch and bits

1. isainfo
2. isainfo -bv (more info about processor flags)
3. isalist (list feature of processors)

Determine and change system timestamp

1. date (to reveal current timestamp)
2. date '+DateTime: %m.%d.%y @ %H.%M.%S'
3. date mmddHHMMccYY
i.e : date 050817252009 ( change system time to May 8 17:25:00 EDT 2009)

Determine current running process on system

1. ps, ps -ef
2. pgrep (search process list for matching program i.e pgrep sshd)
3. pkill (searching matching program and kill them unless a different signal is sent : i.e 'HUP')
4. pwdx (list the working directory of specified process)

Nagios 3.0 Enterprise Monitoring.

Nagios is the industry standard in enterprise-class monitoring for good reason. It allows you to gain insight into your network and fix problems before customers know they even exist. It's stable, scalable, supported, and extensible. Most importantly, it works.

I have installed nagios 3.0 and i was monitoring following services.

1.) Sendmail & mail queue
2.) Apache web servers
3.) Bind DNS servers
4.) Netbackup master and media servers
5.) VMware ESX
6.) Dell poweredge server hardware monitoring. (OpenManger plugin)
7.) APC PDU (power unit)
8.) Routers & switches
10.) CPU, Memory & Disk utilization.
11.) NTP servers

This is my first nagios 3.0 implementation nagios status map picture.










Second picture of 3D map of infrastructure.

DimDim Open Source Video Conf. and Presentation

Meet the world's easiest web conference. Dimdim lets anyone deliver synchronized live presentations, whiteboards and web pages and share their voice and video over the Internet - with no download required.

Dimdim is a very simple to use browser-based web conferencing service. You can show presentations, collaborate via whiteboards, chat, talk and broadcast via webcam with absolutely no download required to host, attend or even record meetings*.

Let Try http://www.dimdim.com