Ubuntu
dropbear package

dropbear-initramfs init-bottom script uses wrong ps options, can't kill descendants

Bug #1804508 reported by Kevin McCormick
20
This bug affects 4 people
Affects Status Importance Assigned to Milestone
dropbear (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

/usr/share/initramfs-tools/scripts/init-bottom/dropbear uses 'ps -o' to find dropbear descendants to kill, but the busybox ps inside initramfs doesn't support -o so nothing is killed other than the main dropbear.

My session drops briefly when init-bottom/dropbear brings down the network interfaces then comes back when the same IP is assigned. At that point I'm left in a busybox shell with access to nothing. For some reason I can run find and ls but not other busybox built-in commands like ps, sleep, etc. `pwd` puts me at /root-yMx7eP, and `find /` returns only "/" and "/root". Exiting from this shell prints "Aiee, segfault! You should probably report this as a bug to the developer" on the main console.

Of note is that /bin/busybox (shipped with busybox-static) supports 'ps -o' but /usr/lib/initramfs-tools/bin/busybox is used in initramfs and does not:
===========================================
$ /bin/busybox ps --help
BusyBox v1.27.2 (Ubuntu 1:1.27.2-2ubuntu3) multi-call binary.

Usage: ps [-o COL1,COL2=HEADER] [-T]

Show list of processes

     -o COL1,COL2=HEADER Select columns for display
 -T Show threads
$ /usr/lib/initramfs-tools/bin/busybox ps --help
BusyBox v1.27.2 (Ubuntu 1:1.27.2-2ubuntu3) multi-call binary.

Usage: ps

Show list of processes

 w Wide output
 l Long output
===========================================

My system is amd64 18.04.1.
busybox-initramfs 1:1.27.2-2ubuntu3
busybox-static 1:1.27.2-2ubuntu3
dropbear-bin 2017.75-3build1
dropbear-initramfs 2017.75-3build1
initramfs-tools 0.130ubuntu3.5

Here's relevant console output during boot:
===========================================
Begin: Running /scripts/init-bottom ... Begin: Stopping dropbear ... ps: invalid option -- 'o'
BusyBox v1.27.2 (Ubuntu 1:1.27.2-2ubuntu3) multi-call binary.

Usage: ps

Show list of processes

        w Wide output
        l Long output
ps: invalid option -- 'o'
BusyBox v1.27.2 (Ubuntu 1:1.27.2-2ubuntu3) multi-call binary.

Usage: ps

Show list of processes

        w Wide output
        l Long output
done.
Begin: Bringing down ens3 ... done.
Begin: Bringing down lo ... done.
done.
===========================================

Tags: patch
Revision history for this message
Kevin McCormick (kmccormick) wrote :

I'm using the attached patch on my system without issue, but it only kills direct children instead of everything in the process group. (busybox's kill doesn't support PGID at all from what I can see)

It might be possible to solve this with a change to busybox-initramfs for additional ps options, or include /bin/busybox instead of /usr/lib/initramfs-tools/bin/busybox.

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "dropbear.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in dropbear (Ubuntu):
status: New → Confirmed
Revision history for this message
klemens_u (klemens) wrote :

Same problem for me, the provided path eliminates the problem.
Please accept the patch and release soon.

Revision history for this message
klemens_u (klemens) wrote :

Sorry "path" should read "patch"

Revision history for this message
Rafael (rvallel) wrote :

I patched this issue with the following fragment

if PID="$(cat /run/dropbear.pid)" 2>/dev/null &&
        [ "$(readlink -f "/proc/$PID/exe")" = /sbin/dropbear ]; then
    log_begin_msg "Stopping dropbear"

    # Patch issue #1804508
    # Kill all children and the parent dropbear
    kill -TERM $(ps l | awk '$4~/^'$PID'$/ {print $3}') $PID

    log_end_msg
fi

Revision history for this message
asdasda (kinnaman) wrote (last edit ):

This seems to be fixed since at least focal.

dropbear (2018.76-3) unstable; urgency=medium
  * debian/initramfs/bottom-dropbear:
    + Read and parse /proc/*/stat instead of ps(1)'s output, as ps(1) options
      differ between Debian and Ubunt's busybox. Thanks to 'eviljoel' for the
      patch. (LP: #1652091.)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.