autopkgtests fail after security fixes

Bug #1854237 reported by Michael Hudson-Doyle on 2019-11-28
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apport (Ubuntu)

Bug Description

The following autopkgtests fail after the recent security fixes:

log:FAIL: test_get_logind_session (__main__.T)
log:FAIL: test_core_dump_packaged (__main__.T)
log:FAIL: test_core_dump_unpackaged (__main__.T)
log:FAIL: test_crash_setuid_drop (__main__.T)
log:FAIL: test_crash_setuid_keep (__main__.T)
log:FAIL: test_crash_setuid_nonwritable_cwd (__main__.T)
log:FAIL: test_lock_symlink (__main__.T)

test_get_logind_session is a test failing to keep up with an API change. test_core_dump_* is failures to remove partly written core files. Both of these are easy fixes, I'll have a MP for them soon.

test_crash_setuid_* are caused by the dropping of privileges when accessing the crashing process's /proc. They seem to be testing behaviour now explicitly forbidden by the fix to be honest!

test_lock_symlink fails because the lock file is now always in /var/lock/apport/ and not in $APPORT_REPORT_DIR. I guess we could update the test, but is it really worth it after the fix?

Related branches

Tiago Stürmer Daitx (tdaitx) wrote :

test_crash_setuid_* should only test for that else clause now.

Balint Reczey (rbalint) on 2019-11-29
tags: added: update-excuse update-excuse-eoan
Brian Murray (brian-murray) wrote :

What crashes are we missing out on now due to the security fix which is causing the "test_crash_setuid_*" tests to fail?

If directory permissions are properly setup for /var/lock/apport I'm fine with dropping the test_lock_symlink test.

Michael Hudson-Doyle (mwhudson) wrote :

Made a new merge proposal with a better target that should fix all the failures:

Changed in apport (Ubuntu):
status: New → In Progress
Changed in apport (Ubuntu):
importance: Undecided → High
Changed in apport (Ubuntu Xenial):
importance: Undecided → High
Changed in apport (Ubuntu Bionic):
importance: Undecided → High
Changed in apport (Ubuntu Disco):
importance: Undecided → High
Changed in apport (Ubuntu Eoan):
importance: Undecided → High
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.11-0ubuntu13

apport (2.20.11-0ubuntu13) focal; urgency=medium

  [ Brian Murray ]
  * Create additional symlinks to the apport package hook for
    many OEM kernels. Thanks to You-Sheng Yang for the patch. (LP: #1847967)

  [ Michael Hudson-Doyle ]
  * Fix autopkgtest failures since recent security update: (LP: #1854237)
    - Fix regression in creating report for crashing setuid process by getting
      kernel to tell us the executable path rather than reading
    - Fix deletion of partially written core files.
    - Fix test_get_logind_session to use new API.
    - Restore add_proc_info raising ValueError for a dead process.
    - Delete test_lock_symlink, no longer applicable now that the lock is
      created in a directory only root can write to.

 -- Michael Hudson-Doyle <email address hidden> Fri, 06 Dec 2019 08:57:09 +1300

Changed in apport (Ubuntu):
status: In Progress → Fix Released
tags: added: id-5dbd08153201707b96d7796f
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers