on UC24, systemd warns about notification messages directed to snaps
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd |
Fix Committed
|
High
|
Unassigned |
Bug Description
On UC24 (noble based) I see warnings like this on boot:
Apr 05 14:36:55 qemuname systemd[1]: snapd.service: Got notification message from PID 1002, but reception only permitted for main PID 917
Apr 05 14:36:56 qemuname systemd[1]: snapd.service: Got notification message from PID 1039, but reception only permitted for main PID 917
Apr 05 14:36:56 qemuname systemd[1]: snapd.service: Got notification message from PID 1040, but reception only permitted for main PID 917
where PID XXXX is the snapd pid. This seems to happen because some process is sending requests to the systemd-notify socket while not being the main snapd PID. This can be reproduced in scenarios where snapd is reexeced, but not for instance if we stop snapd and socket and launch snapd from the command line. If we just stop snapd and launch snapd from the command line the messages appear though.
On installation, quite a few of these happen, but they are seen also in run mode.
Adding "NotifyAccess=all" in snapd.service fixes the issue, but it is not clear if that is the right approach as we might be sending wrong notifications (like notifying a stop when snapd exits because another snapd process is already running).
So the right fix might be more in the direction of avoiding unnecessay systemd notifications.
References:
[1] systemd-notify(1)
[2] sd_notify(3)
description: | updated |
description: | updated |
Changed in snapd: | |
status: | New → Fix Committed |
importance: | Undecided → High |
Using bpftrace I have been able to see which processes trigger the warning:
$ sudo LD_LIBRARY_PATH=. ./bpftrace -e 'tracepoint: syscalls: sys_enter_ exec*{ printf("pid: %d, ppid: %d, comm: %s, args: ", pid, curtask- >parent- >pid, comm); join(args->argv); }'
pid: 3174, ppid: 1, comm: (snapd), args: /snap/snapd/ 21589/usr/ lib/snapd/ snapd
pid: 3180, ppid: 3174, comm: snapd, args: systemctl --version
pid: 3181, ppid: 3174, comm: snapd, args: systemd-detect-virt
pid: 3215, ppid: 3176, comm: snapd, args: systemctl is-enabled snapd.apparmor
pid: 3217, ppid: 3176, comm: snapd, args: udevadm info -e
$ sudo journalctl | grep "but reception only permitted for main PID"
Apr 05 16:02:52 qemuname systemd[1]: snapd.service: Got notification message from PID 3180, but reception only permitted for main PID 3174
Apr 05 16:02:52 qemuname systemd[1]: snapd.service: Got notification message from PID 3181, but reception only permitted for main PID 3174
Apr 05 16:02:52 qemuname systemd[1]: snapd.service: Got notification message from PID 3215, but reception only permitted for main PID 3174
Apr 05 16:02:52 qemuname systemd[1]: snapd.service: Got notification message from PID 3217, but reception only permitted for main PID 3174
It is not clear what notification is being sent by these processes yet.