apport fails with PermissionError for dump mode 2 in containers
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Apport |
Fix Released
|
Medium
|
Unassigned | ||
apport (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bionic |
New
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
Apport will fail for processes with dump mode 2 inside of containers.
[Test plan]
Run following testcase script inside a LXC container:
```
#!/bin/sh
sudo rm -rf /var/crash/* /var/log/apport.log
sudo -u mail sh -c "ping 127.0.0.1 > /dev/null" &
sleep 0.3
killall -11 ping
sleep 0.3
cat /var/log/apport.log
```
apport.log for the affected version:
```
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: called for pid 6449, signal 11, core limit 0, dump mode 2
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: not creating core for pid with dump mode of 2
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: Unhandled exception:
Traceback (most recent call last):
File "/usr/lib/
self[
File "/usr/lib/
return os.readlink(path, dir_fd=dir_fd)
PermissionError: [Errno 13] Permission denied: 'exe'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/share/
info.
File "/usr/lib/
raise ValueError("not accessible")
ValueError: not accessible
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: pid: 6452, uid: 0, gid: 0, euid: 8, egid: 8
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: environment: environ({'LANG': 'C.UTF-8', 'PATH': '/usr/local/
```
The apport log should not show a Traceback.
[Where problems could occur]
The apport binary is called by the kernel when a process crashes. Worst case scenarios include breaking the apport binary and no problem report is generated any more (or apport uses too much resources). Users will see problems reports inside the container which cause additional load or disk usage. The fix is accompanied by a test case (run in autopkgtest).
[Other Info]
The autopkgtest for armhf are run inside a LXC container and some test cases like test_crash_
Due to the huge amount of broken autopkgtest tests, the diff for the SRUs are bigger than desired. The individual commits in https:/
* jammy SRU: https:/
* focal SRU: https:/
Changed in apport: | |
milestone: | none → 2.23.0 |
description: | updated |
Changed in apport (Ubuntu): | |
status: | New → Triaged |
Changed in apport: | |
status: | New → Triaged |
Changed in apport: | |
status: | Fix Committed → Fix Released |
description: | updated |
description: | updated |
Fixed upstream: https:/ /github. com/canonical/ apport/ commit/ ba4d0e4ee52743b 6564f0a13dda448 e370a3d943