[MIR] Glusterfs

Bug #1274247 reported by André Bauer
84
This bug affects 13 people
Affects Status Importance Assigned to Milestone
glusterfs (Ubuntu)
High
Unassigned
libvirt (Ubuntu)
Undecided
Unassigned
qemu (Ubuntu)
Undecided
Unassigned
samba (Ubuntu)
Undecided
Unassigned
tgt (Ubuntu)
Undecided
Unassigned

Bug Description

Availability:
- Currently in universe

Rationale:
- Dependency for qemu's native glusterfs-support (bug 1246924)
- Debian enabled glusterfs support in samba and we have to carry a delta to disable it
- Preferred Shared FS option for Ubuntu

Security:
- https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=glusterfs

Some security history; nothing that impacts 3.10.3 AFAICT.

Quality Assurance:
- Package works out of the box with no prompting

Standards Compliance:
- FHS and Debian Policy compliant

Maintenance:
- Maintainer: Ubuntu Developers <email address hidden>
- Original-Maintainer: Patrick Matthäi <email address hidden>
- Well maintained in Debian; small Ubuntu delta which will be fed back.
- ubuntu-openstack team.

Dependencies:
- All in main.

Michael Terry (mterry)
affects: ubuntu → glusterfs (Ubuntu)
Revision history for this message
Michael Terry (mterry) wrote :

@ubuntu-server, do you folks want to add & maintain glusterfs support to qemu?

@monotek, thanks for the report! I'm just asking the current Ubuntu overseers of qemu whether this is a change they want to maintain. If so, we can move forward.

Changed in glusterfs (Ubuntu):
assignee: nobody → Ubuntu Server Team (ubuntu-server)
status: New → Incomplete
Revision history for this message
Louis Zuckerman (semiosis) wrote :

Latest glusterfs (3.4.2 currently) is in Universe for Trusty already (https://code.launchpad.net/~semiosis/ubuntu/trusty/glusterfs/fix-for-1268064/+merge/201280).

Let me know how I can be of assistance for this MIR.

Revision history for this message
Louis Zuckerman (semiosis) wrote :
Revision history for this message
Michael Terry (mterry) wrote :

Ah, thanks for the blueprint link. That confirms that ubuntu-server wants this. Thanks!

Changed in glusterfs (Ubuntu):
assignee: Ubuntu Server Team (ubuntu-server) → nobody
status: Incomplete → New
Revision history for this message
Michael Terry (mterry) wrote :

Between the system daemon, it being a networked filesystem, and the past CVEs, this'll need a security audit.

Changed in glusterfs (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
Revision history for this message
James Page (james-page) wrote :

@mterry

ubuntu-server team are happy to enable glusterfs support in qemu

Changed in glusterfs (Ubuntu):
assignee: Jamie Strandboge (jdstrand) → Seth Arnold (seth-arnold)
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in glusterfs (Ubuntu):
status: New → Confirmed
Revision history for this message
trendzetter (trendzetter) wrote :

Please let this make it into 14.04

Dave Walker (davewalker)
Changed in glusterfs (Ubuntu):
status: Confirmed → New
Revision history for this message
André Bauer (monotek) wrote :

There is a ppa available now with qemu/glusterfs support:

https://launchpad.net/~semiosis/+archive/ubuntu-qemu-glusterfs

Revision history for this message
Louis Zuckerman (semiosis) wrote :

@sarnold - Is there any update?

Revision history for this message
Louis Zuckerman (semiosis) wrote :

Another motivation...

Samba now supports glusterfs natively through the API. If glusterfs were in main (and glusterfs-common added to samba's build deps) this feature would be enabled. It's already included in samba in trusty, just not enabled during build because the glusterfs lib is missing.

Revision history for this message
André Bauer (monotek) wrote :

If somebody is interested... there is also a ppa for samba with glusterfs support: https://launchpad.net/~monotek/+archive/samba-vfs-glusterfs

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in glusterfs (Ubuntu):
status: New → Confirmed
Revision history for this message
Seth Arnold (seth-arnold) wrote :

I reviewed glusterfs version 3.4.2-1ubuntu1 as checked into trusty. This
should not be considered a full security audit, but rather a quick gauge
of maintainability.

I'm not going to fill in the full review checklist; I don't think that
the results would be that useful for anyone, so here's just a list
of what I found while reading the code:

- cppcheck reports ~20 real coding mistakes, perhaps a few false positives
- get_uuid_via_daemon() doesn't check fork() for error return
- rdd_valid_config() buffer overflow rdd_config.out_file.path
- gf_cli_print_limit_list() doesn't check sprintf(abspath) return value
- rb_malloc() and rb_free() ignore their allocator argument
  Not a security problem, but might be very surprising
- int_to_data() data_from_[u]int{64,32,16,8}() data_from_double()
  all re-calculate the length rather than use the return value from
  gf_asprintf(). (Not a security problem, just redundant.)

Because a filesystem is supposed to be extremely high quality, I'm very
concerned about the issues found with cppcheck and the issues I found
by hand. While nothing looked security-relevant on a first glance, the
architecture of a clustered filesystem may turn otherwise benign issues
into serious security issues. Unchecked error returns, null-pointer
dereferences, and buffer overflows are all together too much.

The general coding style is good and shows discipline and promise, but
I don't believe we should bless this current codebase. Perhaps we can
reconsider this for a future release: in the meantime, please address
the cppcheck issues. (I see on the glusterfs wiki that recently Coverity
scans are being run on glusterfs; hopefully this work will land before
the next Ubuntu release.)

Security team NACK for glusterfs in main for 14.04 LTS. With the proper
quality work, this may be suitable for support in future releases.

Thanks

Revision history for this message
Seth Arnold (seth-arnold) wrote :
Changed in glusterfs (Ubuntu):
assignee: Seth Arnold (seth-arnold) → nobody
Revision history for this message
Louis Zuckerman (semiosis) wrote :

Seth,

Thank you for your time & hard work reviewing the GlusterFS code for this MIR. I've opened a bug in the GlusterFS bug tracker and will engage the core GlusterFS developers regarding your feedback.

https://bugzilla.redhat.com/show_bug.cgi?id=1086460

Best regards,

Louis Zuckerman

Revision history for this message
André Bauer (monotek) wrote :

For trusty users there is a new ppa available with qemu 2.0 and glusterfs support:

https://launchpad.net/~monotek/+archive/qemu-glusterfs

Revision history for this message
André Bauer (monotek) wrote :

If this should be added in the future please get sure to also update apparmor profile for libvirt-qemu:

edit /etc/apparmor.d/abstractions/libvirt-qemu and add:

# for glusterfs
/proc/sys/net/ipv4/ip_local_reserved_ports r,
/usr/lib/@{multiarch}/glusterfs/**.so mr,
/tmp/** rw,

Revision history for this message
André Bauer (monotek) wrote :

Whats the status of this?

Imho most of the mentioned stuff should be fixed meanwhile -> https://bugzilla.redhat.com/show_bug.cgi?id=1086460

Could somebod recheck against the new gluster packages please? -> https://launchpad.net/~gluster

Revision history for this message
Michael Terry (mterry) wrote :

Looks like upstream fixed the cppcheck errors, which is great! But that was just one item in Seth's list.

To advance this MIR, we'd need another look over from Seth. But I'm leery of throwing it back to him when there hasn't been significant progress. But I'm not close to the matter and could be convinced that there has been significant progress.

André Bauer (monotek)
description: updated
Revision history for this message
André Bauer (monotek) wrote :

Could somebody review the current version 3.7.x?
Would be nice to see this in 16.04.

Revision history for this message
Michael Terry (mterry) wrote :

Alright, I'll give to Seth again, but this is too close to FF to expect it to be reviewed before then.

Changed in glusterfs (Ubuntu):
assignee: nobody → Seth Arnold (seth-arnold)
Revision history for this message
ISIDOROS (imoulas) wrote :

is there any distribution that solves this bug? i'm using ubuntu 14.04, updated cluster to 3.6 and is not working.

Revision history for this message
André Bauer (monotek) wrote :

@ imoulas

No. Only way at the moment is to compile by yourself or to use my Qemu/Samba PPA:

https://launchpad.net/~monotek

Revision history for this message
André Bauer (monotek) wrote :

Is there any progress?
Would be nice to see it at least in 16.10.

Revision history for this message
Stephen (belrik) wrote :

Any update on this?

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Just FYI - for now this is a support we drop in libvirt and qemu due to component mismatches.
Subscribing myself to re-enable once resolved.

Revision history for this message
André Bauer (monotek) wrote :

Could you clarify what this means please?
Libgfapi support will be dropped completly?
If so, from which version?

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi André,
nothing will be dropped more than it is already.

I just wanted to mention that Debian recently enabled glusterfs support in qemu (and has for quite a while in libvirt) and I have to carry a Delta to Debian that disables that until glusterfs is in main.
Since you host a ppa with those enabled you know that already for sure.

But the only mentioning what actually benefits from getting glusterfs into main so far was the link to your ppa (thanks for your work btw!) - I had the feeling it wasn't obvious enough and wanted to point that out more clearly.

So no new extra change by/due-to me, but more an extra hint what could benefit from including glusterfs as requested in this mir.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Note: Add "tgt" to the list of packages that disable a feature because it is waiting for this MIR.

Revision history for this message
André Bauer (monotek) wrote :

@paelzer

Thanks for clarifying :-)

So we have now dependencies for:

libvirt
qemu
samba
tgt

Added tgt to my PPA now: https://launchpad.net/~monotek

Revision history for this message
Stephen (belrik) wrote :

I'm using GlusterFS but hitting problems with qemu/gluster/libgfapi in 16.04 that don't exist in 14.04. I guess this is due to the GlusterFS components not being fully supported in Ubuntu.

I've used Andre's ppa repos for a long while now but since moving to 16.04 I have had to move back to FUSE mounts due to some issues opening connections from qemu to the bricks for these direct connections (port 49152 typically). Is Gluster likely to land in main anytime soon so that more these issues have more eyeballs on them?

Thanks for your work.

James Page (james-page)
Changed in glusterfs (Ubuntu):
assignee: Seth Arnold (seth-arnold) → James Page (james-page)
importance: Undecided → High
status: Confirmed → In Progress
milestone: none → ubuntu-17.10
Revision history for this message
James Page (james-page) wrote :

I've uploaded glusterfs 3.10.3 to artful today; please can glusterfs be re-reviewed for main inclusion for Ubuntu 17.10.

Changed in glusterfs (Ubuntu):
status: In Progress → New
description: updated
description: updated
James Page (james-page)
tags: added: openstack-mir
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

I'm looking at libvirt soon'ish which is one of the places this would have to be enabled.
Any updates to this MIR?

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Debian's samba has enabled glusterfs support, we will have to drop that from our build-depends until (or if) this MIR is accepted.

Changed in glusterfs (Ubuntu):
assignee: James Page (james-page) → Seth Arnold (seth-arnold)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in glusterfs (Ubuntu):
status: New → Confirmed
Changed in glusterfs (Ubuntu):
assignee: Seth Arnold (seth-arnold) → Ubuntu Security Team (ubuntu-security)
Revision history for this message
Snowman (snowmanko) wrote :

Any updates related to this MIR ?

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Adding tasks for packages carrying Delta due to this (those that I know of)

Changed in libvirt (Ubuntu):
status: New → Triaged
Changed in samba (Ubuntu):
status: New → Triaged
Changed in tgt (Ubuntu):
status: New → Triaged
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Since nothing seems to happen here other than people including myself waiting&asking for updates I'll get in contact with the security Team on this - maybe there are reasons not to do so, just unclear to us?

Revision history for this message
Snowman (snowmanko) wrote :

@thanks I think many gluster users will be interested in this

Revision history for this message
David Britton (dpb) wrote :

https://wiki.ubuntu.com/MainInclusionProcess

One of the requirements for Main inclusion is an owning team for
maintenance of the package and support of customers of the package.
Ubuntu Server (which this packae would naturally fall) will not be
maintainig this at the current time.

ubuntu-server: nack

Revision history for this message
Matthias Klose (doko) wrote :

still needs re-review by the security team, and a bug subscriber.

Changed in glusterfs (Ubuntu):
milestone: ubuntu-17.10 → ubuntu-18.10
Revision history for this message
Robie Basak (racb) wrote :

As there isn't currently a team volunteering to take on maintenance of this package in main, I think Won't Fix is appropriate. If this changes it we can always reopen the bug.

Revision history for this message
Robie Basak (racb) wrote :

Or do we want a security review prior to that regardless?

Revision history for this message
Snowman (snowmanko) wrote :

Let's do both, it seems we will not get it anyway :( this request was not closed for 4 years..

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

If there is no one willing to step up to maintain this in Ubuntu, then it is not a candidate for main inclusion. Since David Britton NAKed it, I'm unsubscribing the server team. If another team wants to have it included in main, please feel free to resubscribe the security team.

Changed in glusterfs (Ubuntu):
assignee: Ubuntu Security Team (ubuntu-security) → nobody
milestone: ubuntu-18.10 → none
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Since this didn't find an owning Team per comment #41 we should update the status to reflect that.

The extra tasks are all packages that would have dropped Delta due to that, they will become invalid.
The main task of glusterfs will become "Won't Fix"

Changed in glusterfs (Ubuntu):
status: Confirmed → Won't Fix
Changed in libvirt (Ubuntu):
status: Triaged → Invalid
Changed in qemu (Ubuntu):
status: New → Invalid
Changed in samba (Ubuntu):
status: Triaged → Invalid
Changed in tgt (Ubuntu):
status: Triaged → Invalid
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I'm starting a new fresh MIR attempt for glusterfs at https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1950321

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.