systemd 229 / dbus 1.10.6-1ubuntu3.5 (16.04) and systemd 237 / dbus 1.12.2-1ubuntu1.1 (18.04) error with "Failed to get properties: Access denied" when ran as non-root user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dbus (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
I've seen this bug reported but almost always it is when being ran as root. This however is only an issue when ran as a non-root user.
The root user is fine. I've come across this several times and although it's not a major issue, the only solution I've found is to reboot the system.
I see this when running strace, tracing the network.
We recently installed docker-ce and updated our version of salt from 2016.8.3 using python 2 to 2019.2.4 using python 3.
### 16.04 - systemd 229 on d1lmonitoringdev1 ###
## non-root user ##
$ strace -f -s 16384 -e trace=network systemctl status ntp
socket(PF_LOCAL, SOCK_STREAM|
getsockopt(3, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(3, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(3, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
getsockopt(3, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(3, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(3, SOL_SOCKET, SO_SNDBUF, [8388608], 4) = 0
connect(3, {sa_family=
getsockopt(3, SOL_SOCKET, SO_PEERCRED, {pid=1, uid=0, gid=0}, [12]) = 0
getsockopt(3, SOL_SOCKET, SO_ACCEPTCONN, [0], [4]) = 0
getsockname(3, {sa_family=
sendmsg(3, {msg_name(0)=NULL, msg_iov(
recvmsg(3, {msg_name(0)=NULL, msg_iov(
strace: Process 29413 attached
[pid 29413] --- SIGCONT {si_signo=SIGCONT, si_code=SI_USER, si_pid=29412, si_uid=10161} ---
Failed to get properties: Access denied
[pid 29413] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=29413, si_uid=10161, si_status=0, si_utime=0, si_stime=0} ---
+++ exited with 1 +++
## root user ##
# Truncated because as root it works.
$ sudo strace -f -s 16384 -e trace=network systemctl status ntp
[sudo] password for zbukhari:
socket(PF_LOCAL, SOCK_STREAM|
getsockopt(3, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(3, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = 0
getsockopt(3, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(3, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = 0
connect(3, {sa_family=
getsockopt(3, SOL_SOCKET, SO_PEERCRED, {pid=1, uid=0, gid=0}, [12]) = 0
getsockopt(3, SOL_SOCKET, SO_ACCEPTCONN, [0], [4]) = 0
getsockname(3, {sa_family=
sendmsg(3, {msg_name(0)=NULL, msg_iov(
getsockopt(3, SOL_SOCKET, SO_PEERCRED, {pid=1, uid=0, gid=0}, [12]) = 0
recvmsg(3, {msg_name(0)=NULL, msg_iov(1)=[{"OK 3139491ef18e4f4
sendmsg(3, {msg_name(0)=NULL, msg_iov(
0GetAll\
recvmsg(3, {msg_name(0)=NULL, msg_iov(
### 18.04 - systemd 237 on d1lzbbyodev1 ###
## non-root user ##
$ strace -f -s 16384 -e trace=%network systemctl status ntp
socket(AF_UNIX, SOCK_STREAM|
getsockopt(3, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(3, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(3, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
getsockopt(3, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(3, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(3, SOL_SOCKET, SO_SNDBUF, [8388608], 4) = 0
connect(3, {sa_family=AF_UNIX, sun_path=
getsockopt(3, SOL_SOCKET, SO_PEERCRED, {pid=1, uid=0, gid=0}, [12]) = 0
getsockopt(3, SOL_SOCKET, SO_PEERSEC, 0x56338b39b450, [64]) = -1 ENOPROTOOPT (Protocol not available)
getsockopt(3, SOL_SOCKET, SO_PEERGROUPS, "", [256->0]) = 0
getsockopt(3, SOL_SOCKET, SO_ACCEPTCONN, [0], [4]) = 0
getsockname(3, {sa_family=
sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=
strace: Process 22703 attached
[pid 22702] recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=
[pid 22703] --- SIGCONT {si_signo=SIGCONT, si_code=SI_USER, si_pid=22702, si_uid=10161} ---
Failed to get properties: Access denied
[pid 22703] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=22703, si_uid=10161, si_status=0, si_utime=0, si_stime=0} ---
+++ exited with 1 +++
## root user ##
# truncated because as root it works.
$ sudo strace -f -s 16384 -e trace=%network systemctl status ntp
socket(AF_UNIX, SOCK_STREAM|
getsockopt(3, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(3, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = 0
getsockopt(3, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(3, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = 0
connect(3, {sa_family=AF_UNIX, sun_path=
getsockopt(3, SOL_SOCKET, SO_PEERCRED, {pid=1, uid=0, gid=0}, [12]) = 0
getsockopt(3, SOL_SOCKET, SO_PEERSEC, 0x557f1d186450, [64]) = -1 ENOPROTOOPT (Protocol not available)
getsockopt(3, SOL_SOCKET, SO_PEERGROUPS, "", [256->0]) = 0
getsockopt(3, SOL_SOCKET, SO_ACCEPTCONN, [0], [4]) = 0
getsockname(3, {sa_family=
sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=
getsockopt(3, SOL_SOCKET, SO_PEERCRED, {pid=1, uid=0, gid=0}, [12]) = 0
strace: Process 22999 attached
[pid 22998] recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=
[pid 22998] sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=
[pid 22998] recvmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=
description: | updated |
I tried to use "kill -TERM 1" but that didn't work. Along with daemon-reload and daemon-reexec, that still hasn't worked. A key difference here compared to other similar complaints is that this is with non-root users, as the root user it's fine. As such it's not critical, however as there are some services / units that can be used by users, it may be an issue for others as sometimes a reboot can't be done.