autopkgtests fail after security fixes

Bug #1854237 reported by Michael Hudson-Doyle
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Apport
Fix Released
Undecided
Unassigned
apport (Ubuntu)
Fix Released
High
Unassigned
Xenial
Fix Released
High
Unassigned
Bionic
Fix Released
High
Unassigned
Disco
Won't Fix
High
Unassigned
Eoan
Fix Released
High
Unassigned

Bug Description

The following autopkgtests fail after the recent security fixes:

log:FAIL: test_get_logind_session (__main__.T)
log:FAIL: test_core_dump_packaged (__main__.T)
log:FAIL: test_core_dump_unpackaged (__main__.T)
log:FAIL: test_crash_setuid_drop (__main__.T)
log:FAIL: test_crash_setuid_keep (__main__.T)
log:FAIL: test_crash_setuid_nonwritable_cwd (__main__.T)
log:FAIL: test_lock_symlink (__main__.T)

test_get_logind_session is a test failing to keep up with an API change. test_core_dump_* is failures to remove partly written core files. Both of these are easy fixes, I'll have a MP for them soon.

test_crash_setuid_* are caused by the dropping of privileges when accessing the crashing process's /proc. They seem to be testing behaviour now explicitly forbidden by the fix to be honest!

test_lock_symlink fails because the lock file is now always in /var/lock/apport/ and not in $APPORT_REPORT_DIR. I guess we could update the test, but is it really worth it after the fix?

Related branches

Revision history for this message
Tiago Stürmer Daitx (tdaitx) wrote :

test_crash_setuid_* should only test for that else clause now.

Balint Reczey (rbalint)
tags: added: update-excuse update-excuse-eoan
Revision history for this message
Brian Murray (brian-murray) wrote :

What crashes are we missing out on now due to the security fix which is causing the "test_crash_setuid_*" tests to fail?

If directory permissions are properly setup for /var/lock/apport I'm fine with dropping the test_lock_symlink test.

Revision history for this message
Michael Hudson-Doyle (mwhudson) wrote :

Made a new merge proposal with a better target that should fix all the failures: https://code.launchpad.net/~mwhudson/ubuntu/focal/apport/lp-1854237/+merge/376374

Changed in apport (Ubuntu):
status: New → In Progress
Mathew Hodson (mhodson)
Changed in apport (Ubuntu):
importance: Undecided → High
Changed in apport (Ubuntu Xenial):
importance: Undecided → High
Changed in apport (Ubuntu Bionic):
importance: Undecided → High
Changed in apport (Ubuntu Disco):
importance: Undecided → High
Changed in apport (Ubuntu Eoan):
importance: Undecided → High
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.11-0ubuntu13

---------------
apport (2.20.11-0ubuntu13) focal; urgency=medium

  [ Brian Murray ]
  * Create additional symlinks to the source_linux.py apport package hook for
    many OEM kernels. Thanks to You-Sheng Yang for the patch. (LP: #1847967)

  [ Michael Hudson-Doyle ]
  * Fix autopkgtest failures since recent security update: (LP: #1854237)
    - Fix regression in creating report for crashing setuid process by getting
      kernel to tell us the executable path rather than reading
      /proc/[pid]/exe.
    - Fix deletion of partially written core files.
    - Fix test_get_logind_session to use new API.
    - Restore add_proc_info raising ValueError for a dead process.
    - Delete test_lock_symlink, no longer applicable now that the lock is
      created in a directory only root can write to.

 -- Michael Hudson-Doyle <email address hidden> Fri, 06 Dec 2019 08:57:09 +1300

Changed in apport (Ubuntu):
status: In Progress → Fix Released
tags: added: id-5dbd08153201707b96d7796f
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Looking good, I'll accept this into eoan-proposed - but please, before we actually release it to eoan-updates, can you add a Regression Potential section to this bug at least? The test fixes touch more than just test-code, so this change can (in the unlikely case) introduce some unrelated regressions.

Thanks!

Changed in apport (Ubuntu Eoan):
status: New → Fix Committed
tags: added: verification-needed verification-needed-eoan
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Please test proposed package

Hello Michael, or anyone else affected,

Accepted apport into eoan-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu8.5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-eoan to verification-done-eoan. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-eoan. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Brian Murray (brian-murray) wrote :

The amd64 autopkgtests are now passing so I'm setting this to verification-done.

http://autopkgtest.ubuntu.com/packages/a/apport/eoan/amd64

tags: added: verification-done verification-done-eoan
removed: verification-needed verification-needed-eoan
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for apport has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.11-0ubuntu8.5

---------------
apport (2.20.11-0ubuntu8.5) eoan; urgency=medium

  * data/whoopsie-upload-all: append to the crash report using fdopen and open
    from os to cope with protected_regular being set to 1. (LP: #1848064)

  [ Michael Hudson-Doyle ]
  * Fix autopkgtest failures since recent security update: (LP: #1854237)
    - Fix regression in creating report for crashing setuid process by getting
      kernel to tell us the executable path rather than reading
      /proc/[pid]/exe.
    - Fix deletion of partially written core files.
    - Fix test_get_logind_session to use new API.
    - Restore add_proc_info raising ValueError for a dead process.
    - Delete test_lock_symlink, no longer applicable now that the lock is
      created in a directory only root can write to.

 -- Brian Murray <email address hidden> Mon, 24 Feb 2020 09:38:55 -0800

Changed in apport (Ubuntu Eoan):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.9-0ubuntu7.12

---------------
apport (2.20.9-0ubuntu7.12) bionic-security; urgency=medium

  [ Michael Hudson-Doyle ]
  * SECURITY REGRESSION: fix autopkgtest failures since recent security
    update (LP: #1854237)
    - Fix regression in creating report for crashing setuid process by getting
      kernel to tell us the executable path rather than reading
      /proc/[pid]/exe.
    - Fix deletion of partially written core files.
    - Fix test_get_logind_session to use new API.
    - Restore add_proc_info raising ValueError for a dead process.
    - Delete test_lock_symlink, no longer applicable now that the lock is
      created in a directory only root can write to.

  [ Tiago Stürmer Daitx ]
  * SECURITY REGRESSION: 'module' object has no attribute 'O_PATH'
    (LP: #1851806)
    - apport/report.py, apport/ui.py: use file descriptors for /proc/pid
      directory access only when running under python 3; prevent reading /proc
      maps under python 2 as it does not provide a secure way to do so; use
      io.open for better compatibility between python 2 and 3.
  * data/apport: fix number of arguments passed through socks into a container.
  * test/test_apport_valgrind.py: skip test_sandbox_cache_options if system
    has little memory.
  * test/test_report.py: test login session with both pid and proc_pid_fd.

 -- Tiago Stürmer Daitx <email address hidden> Thu, 27 Feb 2020 03:18:45 +0000

Changed in apport (Ubuntu Bionic):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.1-0ubuntu2.22

---------------
apport (2.20.1-0ubuntu2.22) xenial-security; urgency=medium

  [ Michael Hudson-Doyle ]
  * SECURITY REGRESSION: fix autopkgtest failures since recent security
    update (LP: #1854237)
    - Fix regression in creating report for crashing setuid process by getting
      kernel to tell us the executable path rather than reading
      /proc/[pid]/exe.
    - Fix deletion of partially written core files.
    - Fix test_get_logind_session to use new API.
    - Restore add_proc_info raising ValueError for a dead process.
    - Delete test_lock_symlink, no longer applicable now that the lock is
      created in a directory only root can write to.

  [ Tiago Stürmer Daitx ]
  * SECURITY REGRESSION: 'module' object has no attribute 'O_PATH'
    (LP: #1851806)
    - apport/report.py, apport/ui.py: use file descriptors for /proc/pid
      directory access only when running under python 3; prevent reading /proc
      maps under python 2 as it does not provide a secure way to do so; use
      io.open for better compatibility between python 2 and 3.
  * data/apport: fix number of arguments passed through socks into a container.
  * test/test_report.py: test login session with both pid and proc_pid_fd.
  * test/test_apport_valgrind.py: skip test_sandbox_cache_options if system
    has little memory.
  * test/test_ui.py: modify run_crash_kernel test to account for the fact that
    linux-image-$kvers-$flavor is now built from the linux-signed source
    package on amd64 and ppc64el. (LP: #1766740)

 -- Tiago Stürmer Daitx <email address hidden> Thu, 27 Feb 2020 03:18:45 +0000

Changed in apport (Ubuntu Xenial):
status: New → Fix Released
Mathew Hodson (mhodson)
Changed in apport (Ubuntu Disco):
status: New → Won't Fix
Changed in apport:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.