.erlang.cookie overwritten if 20 uppercase characters
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
rabbitmq-server (Debian) |
Fix Released
|
Unknown
|
|||
rabbitmq-server (Ubuntu) |
Won't Fix
|
Low
|
Unassigned |
Bug Description
The postinst script will overwrite the `/var/lib/
```
if grep -q -E '^[A-Z]{20}$' /var/lib/
OLD_
umask 077; openssl rand -base64 -out /var/lib/
umask ${OLD_UMASK}
if [ ""$(ps --no-headers -o comm 1) = "systemd" ] ; then
if systemctl is-active --quiet rabbitmq-
fi
fi
fi
```
The rabbitmq-server service failed to start on one of our nodes in our cluster after the package was upgraded as the nodes in our cluster happen to share a .erlang.cookie that match this condition.
This is a dangerous approach which the package should not enforce. If 20 uppercase characters is seen as insecure then the package should instead inform the user of it and not simply overwriting the file.
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: rabbitmq-server 3.9.13-
ProcVersionSign
Uname: Linux 5.15.0-89-generic x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckR
Date: Wed Nov 22 10:21:18 2023
PackageArchitec
ProcEnviron:
TERM=xterm-
PATH=(custom, no user)
SHELL=/bin/bash
SourcePackage: rabbitmq-server
UpgradeStatus: Upgraded to jammy on 2022-12-12 (344 days ago)
Changed in rabbitmq-server (Debian): | |
status: | Unknown → Fix Released |
Hello Markus and thanks for this bug report. If my understanding is correct, the logic currently implemented in the postinst script can cause problems when rabbitmq-server is used in a cluster configuration, with the cookie being a shared secret. If the cookie is replaced by a new random string, the cluster breaks. A "standalone" rabbitmq-server service won't be affected. Is this correct?
The postist logic comes from the Debian rabbitmq-server package. Ideally this bug should be discussed in Debian with the Debian maintainer of rabbitmq-server, who is the person who wrote [1]. Moreover, fixing the bug in Debian with benefit Debian and all its derivatives (including Ubuntu), without adding extra maintenance work (as an Ubuntu specific fix would do).
Would you be willing to file the bug against the Debian rabbitmq-server (source) package, and add a comment to this bug linking to the Debian bug? See "report bug" in [2].
Thanks!
[1] https:/ /salsa. debian. org/openstack- team/third- party/rabbitmq- server/ -/commit/ c3c800b60bb7a87 8d58ea764d8b238 e60184eac1 /bugs.debian. org/cgi- bin/pkgreport. cgi?archive= 0;dist= unstable; ordering= normal; repeatmerged= 0;src=rabbitmq- server
[2] https:/