Landscape Client

Large messages from client causing message-servers to crash

Bug #1995775 reported by Haw Loeung on 2022-11-05

This bug affects 2 people

	Status	Importance	Assigned to
Landscape Client	Fix Released	Undecided	Unassigned
landscape-client (Ubuntu)	Fix Released	Undecided	Unassigned
Bionic	New	Undecided	Unassigned
Focal	Fix Released	Undecided	Unassigned
Jammy	New	Undecided	Unassigned
Kinetic	New	Undecided	Unassigned
Lunar	Fix Released	Undecided	Unassigned

Bug Description

Hi,

We've found frequently that large messages from clients are causing the message app servers to crash or lock up causing a DoS. This requires restarting. We've updated the logging used on the Landscape servers as follows:

| LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" %D %I" combined2

This logs the duration the request took (%D) and the no. of bytes or size (%I).

An example log showing crash:

| 93.xxx.xxx.xxx - - [05/Nov/2022:13:38:25 +0000] "POST /message-system HTTP/1.1" 502 35040 "-" "landscape-client/18.01-0ubuntu13" 563132272 699197886

Looking at the user agent, it looks legitimate.

Perhaps the landscape client itself could break up these messages into smaller ones?

Revision history for this message

Haw Loeung (hloeung) wrote on 2022-11-05:

The related server-side bug filed for this is LP:1994534. Not sure how best we want to handle this.

Revision history for this message

Kevin Nasto (silverdrake11) wrote on 2022-11-18:

https://github.com/CanonicalLtd/landscape-client/pull/126 The pull request for the client is right there.

There are two changes that need to be made, server side not to accept big messages and client side, not to send them

Changed in landscape-client:
importance:	Undecided → Medium
assignee:	nobody → Kevin Nasto (silverdrake11)
status:	New → In Progress

Revision history for this message

Haw Loeung (hloeung) wrote on 2022-11-21:

"not to accept", but if these are legitimate messages, wouldn't something be lost?

Revision history for this message

Kevin Nasto (silverdrake11) wrote on 2022-11-21:

Yes it would be lost, but out of the million of messages we receive these would be around 10 or 20 per month

Revision history for this message

Kevin Nasto (silverdrake11) wrote on 2022-11-21:

And they are logged so we can keep an eye on it

Kevin Nasto (silverdrake11) on 2022-11-22

Changed in landscape-client:
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-02-24:

This bug was fixed in the package landscape-client - 23.02-0ubuntu1

---------------
landscape-client (23.02-0ubuntu1) lunar; urgency=medium

  * New upstream release 23.02:
    - Preventing the generation of large messages and logs that can overwhelm
      Landscape Server (LP: #1995775)
    - Improved MOTD slowdown on machines with many tap network interfaces
      (LP: #2006396)
    - No longer using deprecated apt-key when storing trusted GPG keys
      (LP: #1973202)
    - Fixed issue recognising Parallels VMs as Virtual Machine clients
      (LP: #1827909)
    - Fixes for incorrect logfile rotation config (LP: #1968189)
    - Client-side backoff handling to moderate traffic to Landscape Server
      during high load (LP: #1947399)
    - Avoid sending empty messages when catching up to expected next message
      (LP: #1917540)
    - --is-registered CLI option to quickly check if client is registered
      (LP: #1912516)
    - Can now report Ubuntu Pro attachment information if the version of
      Landscape Server it is registered to supports this (LP: #2006401)
    - Packages installed as dependencies as part of package profiles are now
      appropriately autoremovable (LP: #1878957)
    - Registration timeouts give an error instead of timing out (LP: #1889464)
    - RHEV hypervisor VMs are now recognized as virtual machines (LP: #1884116)
    - Doing a Landscape-driven release upgrade from a release running python 2
      to one running python 3 no longer hangs forever (LP: #1943291)

-- Mitch Burton <email address hidden> Wed, 08 Feb 2023 10:23:31 -0800

Changed in landscape-client (Ubuntu):
status:	New → Fix Released

Mitch Burton (mitchburton) on 2023-02-24

Changed in landscape-client:
status:	Fix Committed → Fix Released

Revision history for this message

Haw Loeung (hloeung) wrote on 2023-02-26:

Can we get the fix to landscape-client backported to other releases too?

no longer affects:	landscape-client
Changed in landscape-client:
status:	New → Fix Released

Revision history for this message

Mitch Burton (mitchburton) wrote on 2023-02-27:

Yes, we will be working on SRU for a number of landscape-client bugfixes.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2024-05-02:

This bug was fixed in the package landscape-client - 23.02-0ubuntu1~20.04.2

---------------
landscape-client (23.02-0ubuntu1~20.04.2) focal; urgency=medium

  * d/p/0001-start-service-during-config.patch: fix landscape-config does not
    start landscape-client service (LP: #2040189)
  * d/landscape-sysinfo.wrapper: fix handle using cache when permissions allow
    (LP: #2040924)

landscape-client (23.02-0ubuntu1~20.04.1) focal; urgency=medium

* Backporting release 23.02 for SRU (LP: #2006402):
- Service is no longer stopped on upgrade (LP: #2027613)

-- Mitch Burton <email address hidden> Wed, 14 Feb 2024 15:34:10 -0800

Changed in landscape-client (Ubuntu Focal):
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.