Ubuntu
linux package

Replaced files truncated on upgrade on EXT4 filesystem, potentially leaving system inoperable

Bug #342142 reported by Colin Sindle on 2009-03-13

This bug report is a duplicate of: Bug #317781: Ext4 data loss. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: aptitude

I am using the ext4 filesystem, and Jaunty Desktop Alpha.

If, while doing an "aptitude full-upgrade", the system freezes (I assume due to independent reasons), then aptitude (or dpkg?) leaves the system in an unusable state since all files it was busy replacing (in my case, for example, one of the files was libpng12.so.0.27.0, from an libpng update) are truncated. That is, the file from the package exists, but is zero length.

I assume this bug is caused by precisely this reason: https://bugs.edge.launchpad.net/ubuntu/+source/linux/+bug/317781
for which Theodore Ts'o suggests what application programmers should be doing when *overwriting* important files here: https://bugs.edge.launchpad.net/ubuntu/+source/linux/+bug/317781/comments/54

What I expect to happen:
If and upgrade is interrupted, then I expect at least that complete copies of all system files will be preserved (who knows what version). Additionally, it would be great if aptitude (-f ?) could recover from this (after reboot), and sanely redo (or continue with) the upgrades.

What did happen:
Luckily, grub, the kernel, and bash, etc. were not touched, so I could boot. I recovered the system using aptitude to figure out and download new versions of the broken packages (about 10 packages), and then something like "dpkg -i --force-all foobar" to overwrite the truncated files.

More info:

# apt-cache policy aptitude
aptitude:
  Installed: 0.4.11.11-1ubuntu1
  Candidate: 0.4.11.11-1ubuntu1
  Version table:
*** 0.4.11.11-1ubuntu1 0
        500 http://za.archive.ubuntu.com jaunty/main Packages
        100 /var/lib/dpkg/status

ProblemType: Bug
Architecture: i386
DistroRelease: Ubuntu 9.04
Package: aptitude 0.4.11.11-1ubuntu1
ProcEnviron:
PATH=(custom, user)
LANG=en_ZA.UTF-8
SHELL=/bin/bash
SourcePackage: aptitude
Uname: Linux 2.6.28-9-generic i686

Tags:

Revision history for this message

Colin Sindle (csindle) wrote on 2009-03-13:

Dependencies.txt Edit (286 bytes, text/plain; charset="utf-8")

Revision history for this message

Chris Coulson (chrisccoulson) wrote on 2009-03-13:

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

Revision history for this message

Colin Sindle (csindle) wrote on 2009-03-13:

@Chris

I am sure you are right. I was [mistakenly] thinking that Denial of Service was a security issue (e.g. it would be easy for a user to crash the system when a scheduled "aptitude full-upgrade" was happening, potentially leaving the entire system inoperable).

Revision history for this message

Chris Coulson (chrisccoulson) wrote on 2009-03-13:

But this doesn't open an attack vector to allow someone to crash the system and cause a DoS. All it is saying is that if a user were to crash the system whilst an upgrade is being performed, it can leave the system in an inconsistent state. If you were reporting an attack vector that someone could exploit to cause a DoS, then that would be a security issue.

A system crash or power interruption whilst apt is running has always been bad anyway, not just with ext4. I think there might already be a separate bug report for that. The problem is, if you interrupt an upgrade, then the system can be left in an inconsistent state regardless of the filesystem you are using.

And me pulling the plug out of the wall socket could class as a DoS ;)