Ubuntu
isc-dhcp package

dhclient segfaults on ubuntu 17.04 and 17.10

Bug #1696499 reported by guysoft
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
isc-dhcp (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

After upgrading, network-manager stopped running DHCP, after trying to run dhclient myself I found out it segfaults. Attached is its strace output.

I can connect to the internet by stopping network-manager and using ifconfig + route + /etc/resolv.conf.

Output:
guy@golem4:~$ dhclient
Segmentation fault (core dumped)

Revision history for this message
guysoft (guysoft) wrote :
Revision history for this message
guysoft (guysoft) wrote :

Current workaround:
Compile and build from here: http://www.linuxfromscratch.org/blfs/view/cvs/basicnet/dhcp.html

Note you need the patch dhcp-4.3.5-client_script-1.patch from the same page
Also run:
mv -v /usr/sbin/dhclient /sbin &&
install -v -m755 client/scripts/linux /sbin/dhclient-script

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in isc-dhcp (Ubuntu):
status: New → Confirmed
Revision history for this message
Edward Jiang (edwardrf-r) wrote :

Workaround provided does not seem to work for me. It seems the dhclient binary only fails with Seg fault when it is at /sbin/dhclient, when it is moved to /usr/sbin/dhclient it works fine from command line. But this made nm-dhclient-helper to fail.

Revision history for this message
Edward Jiang (edwardrf-r) wrote :

Inspection of the core dump and some testing proves the Segmentation fault error is caused by denied permission to read /proc/self/cmdline. Moving the executable anywhere else the problem would simply disappear.

Further inspection pointed the cause to be apparmor denied the open file call, thus, the obvious workaround is remove /sbin/dhclient's apparmor from enforcing mode:

sudo apt install apparmor-utils
sudo aa-complain /sbin/dhclient

This would allow the dhclient to run without error.

Revision history for this message
Edward Jiang (edwardrf-r) wrote :

If you are using network-manager, remove the following modules from the enforcing mode should allow automatic DHCP from network-manager:

   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/NetworkManager/nm-dhcp-helper

Revision history for this message
HuaiDan (dhutchison69) wrote :

The workaround was certainly helpful, but is there a more elegant solution? I had similar apparmor problem with cupsd (bug 1706052), which I worked around using the solution here, which eventually led to a fix via editing the cups apparmor profile.

Revision history for this message
HuaiDan (dhutchison69) wrote :

Actually, I was able to connect with the exact same fix I used for the cups issue:

add

@{PROC}/*/cmdline r,

to /etc/apparmor.d/sbin.dhclient

Revision history for this message
HuaiDan (dhutchison69) wrote :

Works on aa-enforce.

Revision history for this message
guysoft (guysoft) wrote :

Hey,
Upgraded to Ubuntu 17.10 and had to do the workaround again for

sudo aa-complain /sbin/dhclient

New programs are also affected. I had to run also:

sudo aa-complain /usr/lib/telepathy/mission-control-5

@dhutchison69 it is not clear where the line should go.

summary: - dhclient segfaults on ubuntu 17.04
+ dhclient segfaults on ubuntu 17.04 and 17.10
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.