autopkgtests fail after security fixes

Bug #1854237 reported by Michael Hudson-Doyle on 2019-11-28
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Apport
Undecided
Unassigned
apport (Ubuntu)
High
Unassigned
Xenial
High
Unassigned
Bionic
High
Unassigned
Disco
High
Unassigned
Eoan
High
Unassigned

Bug Description

The following autopkgtests fail after the recent security fixes:

log:FAIL: test_get_logind_session (__main__.T)
log:FAIL: test_core_dump_packaged (__main__.T)
log:FAIL: test_core_dump_unpackaged (__main__.T)
log:FAIL: test_crash_setuid_drop (__main__.T)
log:FAIL: test_crash_setuid_keep (__main__.T)
log:FAIL: test_crash_setuid_nonwritable_cwd (__main__.T)
log:FAIL: test_lock_symlink (__main__.T)

test_get_logind_session is a test failing to keep up with an API change. test_core_dump_* is failures to remove partly written core files. Both of these are easy fixes, I'll have a MP for them soon.

test_crash_setuid_* are caused by the dropping of privileges when accessing the crashing process's /proc. They seem to be testing behaviour now explicitly forbidden by the fix to be honest!

test_lock_symlink fails because the lock file is now always in /var/lock/apport/ and not in $APPORT_REPORT_DIR. I guess we could update the test, but is it really worth it after the fix?

Related branches

Tiago Stürmer Daitx (tdaitx) wrote :

test_crash_setuid_* should only test for that else clause now.

Balint Reczey (rbalint) on 2019-11-29
tags: added: update-excuse update-excuse-eoan
Brian Murray (brian-murray) wrote :

What crashes are we missing out on now due to the security fix which is causing the "test_crash_setuid_*" tests to fail?

If directory permissions are properly setup for /var/lock/apport I'm fine with dropping the test_lock_symlink test.

Michael Hudson-Doyle (mwhudson) wrote :

Made a new merge proposal with a better target that should fix all the failures: https://code.launchpad.net/~mwhudson/ubuntu/focal/apport/lp-1854237/+merge/376374

Changed in apport (Ubuntu):
status: New → In Progress
Changed in apport (Ubuntu):
importance: Undecided → High
Changed in apport (Ubuntu Xenial):
importance: Undecided → High
Changed in apport (Ubuntu Bionic):
importance: Undecided → High
Changed in apport (Ubuntu Disco):
importance: Undecided → High
Changed in apport (Ubuntu Eoan):
importance: Undecided → High
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.11-0ubuntu13

---------------
apport (2.20.11-0ubuntu13) focal; urgency=medium

  [ Brian Murray ]
  * Create additional symlinks to the source_linux.py apport package hook for
    many OEM kernels. Thanks to You-Sheng Yang for the patch. (LP: #1847967)

  [ Michael Hudson-Doyle ]
  * Fix autopkgtest failures since recent security update: (LP: #1854237)
    - Fix regression in creating report for crashing setuid process by getting
      kernel to tell us the executable path rather than reading
      /proc/[pid]/exe.
    - Fix deletion of partially written core files.
    - Fix test_get_logind_session to use new API.
    - Restore add_proc_info raising ValueError for a dead process.
    - Delete test_lock_symlink, no longer applicable now that the lock is
      created in a directory only root can write to.

 -- Michael Hudson-Doyle <email address hidden> Fri, 06 Dec 2019 08:57:09 +1300

Changed in apport (Ubuntu):
status: In Progress → Fix Released
tags: added: id-5dbd08153201707b96d7796f
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers