2020-05-15 00:18:03 |
Anders Kaseorg |
bug |
|
|
added bug |
2020-05-15 00:35:34 |
Anders Kaseorg |
attachment added |
|
memcached_1.5.22-2_lp1878721.debdiff https://bugs.launchpad.net/ubuntu/+source/memcached/+bug/1878721/+attachment/5371790/+files/memcached_1.5.22-2_lp1878721.debdiff |
|
2020-05-15 00:36:01 |
Anders Kaseorg |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2020-05-15 00:36:24 |
Anders Kaseorg |
tags |
focal patch-accepted-upstream regression-release |
focal patch patch-accepted-upstream regression-release |
|
2020-05-18 16:35:22 |
Launchpad Janitor |
memcached (Ubuntu): status |
New |
Confirmed |
|
2020-05-19 18:07:41 |
Lucas Kanashiro |
bug |
|
|
added subscriber Ubuntu Server |
2020-05-19 18:07:56 |
Lucas Kanashiro |
tags |
focal patch patch-accepted-upstream regression-release |
focal patch patch-accepted-upstream regression-release server-next |
|
2020-05-19 18:08:28 |
Lucas Kanashiro |
memcached (Ubuntu): importance |
Undecided |
High |
|
2020-05-19 18:10:22 |
Lucas Kanashiro |
nominated for series |
|
Ubuntu Focal |
|
2020-05-19 18:10:22 |
Lucas Kanashiro |
bug task added |
|
memcached (Ubuntu Focal) |
|
2020-05-19 18:10:39 |
Lucas Kanashiro |
memcached (Ubuntu Focal): status |
New |
Confirmed |
|
2020-05-19 18:10:42 |
Lucas Kanashiro |
memcached (Ubuntu Focal): importance |
Undecided |
High |
|
2020-05-19 18:10:58 |
Lucas Kanashiro |
memcached (Ubuntu): status |
Confirmed |
Fix Released |
|
2020-05-19 18:21:21 |
Lucas Kanashiro |
nominated for series |
|
Ubuntu Eoan |
|
2020-05-19 18:21:21 |
Lucas Kanashiro |
bug task added |
|
memcached (Ubuntu Eoan) |
|
2020-05-19 18:23:57 |
Lucas Kanashiro |
memcached (Ubuntu Eoan): status |
New |
Triaged |
|
2020-05-20 05:11:10 |
Navjot |
bug |
|
|
added subscriber Navjot |
2020-05-20 20:16:03 |
Rafael David Tinoco |
tags |
focal patch patch-accepted-upstream regression-release server-next |
block-proposed-eoan block-proposed-focal block-proposed-groovy focal patch patch-accepted-upstream regression-release server-next |
|
2020-05-20 20:17:44 |
Rafael David Tinoco |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
2020-05-20 20:19:30 |
Rafael David Tinoco |
memcached (Ubuntu Focal): assignee |
|
Sergio Durigan Junior (sergiodj) |
|
2020-05-20 20:19:39 |
Rafael David Tinoco |
memcached (Ubuntu): assignee |
|
Sergio Durigan Junior (sergiodj) |
|
2020-05-20 20:19:42 |
Rafael David Tinoco |
memcached (Ubuntu Focal): assignee |
Sergio Durigan Junior (sergiodj) |
|
|
2020-05-20 20:22:12 |
Rafael David Tinoco |
nominated for series |
|
Ubuntu Bionic |
|
2020-05-20 20:22:12 |
Rafael David Tinoco |
bug task added |
|
memcached (Ubuntu Bionic) |
|
2020-05-20 20:22:35 |
Rafael David Tinoco |
memcached (Ubuntu Bionic): status |
New |
Triaged |
|
2020-05-20 20:22:37 |
Rafael David Tinoco |
memcached (Ubuntu Eoan): importance |
Undecided |
High |
|
2020-05-20 20:22:39 |
Rafael David Tinoco |
memcached (Ubuntu Bionic): importance |
Undecided |
High |
|
2020-05-21 02:54:38 |
Rafael David Tinoco |
memcached (Ubuntu Bionic): status |
Triaged |
Fix Released |
|
2020-05-23 03:28:49 |
Mathew Hodson |
bug task deleted |
memcached (Ubuntu Bionic) |
|
|
2020-05-27 13:55:38 |
Sergio Durigan Junior |
bug |
|
|
added subscriber Sergio Durigan Junior |
2020-05-28 18:28:09 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~sergiodj/ubuntu/+source/memcached/+git/memcached/+merge/384764 |
|
2020-05-28 18:28:33 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~sergiodj/ubuntu/+source/memcached/+git/memcached/+merge/384765 |
|
2020-06-02 04:12:02 |
Anders Kaseorg |
description |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Works in bionic; fails in focal with “Failed to ping 127.0.0.1:11211 WRITE FAILURE”.
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both locations, so if someone worked around this bug by creating /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected. |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
echo '-S' >> /etc/memcached.conf
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Works in bionic; fails in focal with “Failed to ping 127.0.0.1:11211 WRITE FAILURE”.
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both locations, so if someone worked around this bug by creating /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected. |
|
2020-06-02 04:47:17 |
Anders Kaseorg |
description |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
echo '-S' >> /etc/memcached.conf
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Works in bionic; fails in focal with “Failed to ping 127.0.0.1:11211 WRITE FAILURE”.
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both locations, so if someone worked around this bug by creating /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected. |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Succeeds in bionic (with no output); fails in focal with “Failed to ping 127.0.0.1:11211 UNKNOWN READ FAILURE” or “Failed to ping 127.0.0.1:11211 WRITE FAILURE”; should succeed with the patch.
If you want to test alternate locations for the SASL config file, here are all four locations that will now work by default:
• /etc/sasl/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should succeed with the patch
• /etc/sasl/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
• /etc/sasl2/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should work with the patch
• /etc/sasl2/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both the incorrect and correct paths, so even in the (unlikely) event that someone worked around this bug by manually creating a configuration file at the incorrect path /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected.
If there were to be a regression, it would likely manifest as an authentication failure, which clients may display as a read or write failure, like the failure mode of the regression being fixed here. |
|
2020-06-02 04:55:51 |
Anders Kaseorg |
description |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Succeeds in bionic (with no output); fails in focal with “Failed to ping 127.0.0.1:11211 UNKNOWN READ FAILURE” or “Failed to ping 127.0.0.1:11211 WRITE FAILURE”; should succeed with the patch.
If you want to test alternate locations for the SASL config file, here are all four locations that will now work by default:
• /etc/sasl/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should succeed with the patch
• /etc/sasl/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
• /etc/sasl2/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should work with the patch
• /etc/sasl2/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both the incorrect and correct paths, so even in the (unlikely) event that someone worked around this bug by manually creating a configuration file at the incorrect path /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected.
If there were to be a regression, it would likely manifest as an authentication failure, which clients may display as a read or write failure, like the failure mode of the regression being fixed here. |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
echo '-S' >> /etc/memcached.conf
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Succeeds in bionic (with no output); fails in focal with “Failed to ping 127.0.0.1:11211 UNKNOWN READ FAILURE” or “Failed to ping 127.0.0.1:11211 WRITE FAILURE”; should succeed with the patch.
If you want to test alternate locations for the SASL config file, here are all four locations that will now work by default:
• /etc/sasl/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should succeed with the patch
• /etc/sasl/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
• /etc/sasl2/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should work with the patch
• /etc/sasl2/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both the incorrect and correct paths, so even in the (unlikely) event that someone worked around this bug by manually creating a configuration file at the incorrect path /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected.
If there were to be a regression, it would likely manifest as an authentication failure, which clients may display as a read or write failure, like the failure mode of the regression being fixed here. |
|
2020-06-02 04:56:46 |
Anders Kaseorg |
description |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
echo '-S' >> /etc/memcached.conf
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Succeeds in bionic (with no output); fails in focal with “Failed to ping 127.0.0.1:11211 UNKNOWN READ FAILURE” or “Failed to ping 127.0.0.1:11211 WRITE FAILURE”; should succeed with the patch.
If you want to test alternate locations for the SASL config file, here are all four locations that will now work by default:
• /etc/sasl/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should succeed with the patch
• /etc/sasl/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
• /etc/sasl2/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should work with the patch
• /etc/sasl2/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both the incorrect and correct paths, so even in the (unlikely) event that someone worked around this bug by manually creating a configuration file at the incorrect path /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected.
If there were to be a regression, it would likely manifest as an authentication failure, which clients may display as a read or write failure, like the failure mode of the regression being fixed here. |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
echo '-S' >> /etc/memcached.conf
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Succeeds in bionic (with no output); fails in focal with “Failed to ping 127.0.0.1:11211 UNKNOWN READ FAILURE” or “Failed to ping 127.0.0.1:11211 WRITE FAILURE”; should succeed with the patch.
If you want to test alternate locations for the SASL config file, here are all four locations that will now work by default:
• /etc/sasl/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should succeed with the patch
• /etc/sasl/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
• /etc/sasl2/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should succeed with the patch
• /etc/sasl2/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both the incorrect and correct paths, so even in the (unlikely) event that someone worked around this bug by manually creating a configuration file at the incorrect path /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected.
If there were to be a regression, it would likely manifest as an authentication failure, which clients may display as a read or write failure, like the failure mode of the regression being fixed here. |
|
2020-06-03 01:27:52 |
Sergio Durigan Junior |
description |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
[Test Case]
apt-get install memcached libmemcached-tools libsasl2-modules sasl2-bin
mkdir /etc/sasl2
echo 'mech_list: plain' > /etc/sasl2/memcached.conf
echo 'sasldb_path: /etc/sasl2/memcached-sasldb2' >> /etc/sasl2/memcached.conf
echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
chown memcache: /etc/sasl2/memcached-sasldb2
echo '-S' >> /etc/memcached.conf
systemctl restart memcached
memcping --servers=127.0.0.1 --binary --username=foo --password=bar
Succeeds in bionic (with no output); fails in focal with “Failed to ping 127.0.0.1:11211 UNKNOWN READ FAILURE” or “Failed to ping 127.0.0.1:11211 WRITE FAILURE”; should succeed with the patch.
If you want to test alternate locations for the SASL config file, here are all four locations that will now work by default:
• /etc/sasl/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should succeed with the patch
• /etc/sasl/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
• /etc/sasl2/memcached.conf/memcached.conf: fails in bionic; accidentally succeeds in focal; should succeed with the patch
• /etc/sasl2/memcached.conf: succeeds in bionic; fails in focal; should succeed with the patch
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both the incorrect and correct paths, so even in the (unlikely) event that someone worked around this bug by manually creating a configuration file at the incorrect path /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected.
If there were to be a regression, it would likely manifest as an authentication failure, which clients may display as a read or write failure, like the failure mode of the regression being fixed here. |
[Impact]
memcached 1.5.22 in focal has a bug where it looks for its SASL configuration at /etc/sasl2/memcached.conf/memcached.conf instead of /etc/sasl2/memcached.conf. This causes a memcached setup with authentication that was working in bionic to fail in focal.
The bug was introduced upstream in 1.5.7~3:
https://github.com/memcached/memcached/commit/39151c870c5e598f039714bdb790bd46f614856e
https://github.com/memcached/memcached/commit/80dd99d831535ddeec73d55a0adcaeaac8cb7298
https://github.com/memcached/memcached/pull/366
and fixed upstream in 1.6.0~15:
https://github.com/memcached/memcached/commit/6207330c2705fdb5f02de13b99a0d994f7c4f14a
The reason this bug happens is because sasl works with paths (i.e., directories) when determining which configuration files it should load, whereas, after the two commits mentioned above (version 1.5.7~3), memcached started to pass a full pathname (including the filename) of the configuration file.
So, while in a "normal" setup memcached's configuration file would live at /etc/sasl2/memcached.conf, meaning that memcached would tell sasl that the config path is "/etc/sasl2/", with the buggy memcached sasl would think that the configuration directory is "/etc/sasl2/memcached.conf/", and would try to look for a "memcached.conf" file inside it.
Users could workaroud this bug by creating a directory named "/etc/sasl2/memcached.conf/". For this reason, the backported patch also takes this workaround into account. The patch also accepts the "/etc/sasl/" directory.
[Test Case]
To test the fix, one can do:
$ lxc launch ubuntu-daily:focal memcached-bug1878721
$ lxc shell memcached-bug1878721
# apt update && apt upgrade -y
# apt install -y memcached libmemcached-tools libsasl2-modules sasl2-bin
# mkdir -p /etc/sasl2
# cat > /etc/sasl2/memcached.conf << __EOF__
mech_list: plain
sasldb_path: /etc/sasl2/memcached-sasldb2
__EOF__
# echo bar | saslpasswd2 -p -f /etc/sasl2/memcached-sasldb2 -a memcached foo
# chown memcache: /etc/sasl2/memcached-sasldb2
# echo '-S' >> /etc/memcached.conf
# systemctl restart memcached.service
# memcping --servers=127.0.0.1 --binary --username=foo --password=bar
With the last command, you should see an error like:
Failed to ping 127.0.0.1:11211 WRITE FAILURE
or:
Failed to ping 127.0.0.1:11211 READ FAILURE
You can also check its exit status:
# echo $?
1
It is possible to test the workaround workaround mentioned in the previous section by doing:
# mv /etc/sasl2/memcached.conf /tmp/
# mkdir /etc/sasl2/memcached.conf
# mv /tmp/memcached.conf /etc/sasl2/memcached.conf/
# systemctl restart memcached.service
# memcping --servers=127.0.0.1 --binary --username=foo --password=bar
# echo $?
0
Using the fix provided, one can verify that both tests above will work.
Here are all four locations that will now work by default:
• /etc/sasl/memcached.conf/memcached.conf
• /etc/sasl/memcached.conf
• /etc/sasl2/memcached.conf/memcached.conf
• /etc/sasl2/memcached.conf
[Regression Potential]
Low risk. The upstream patch is targeted and applies cleanly to 1.5.22. It looks for the SASL configuration at both the incorrect and correct paths, so even in the (unlikely) event that someone worked around this bug by manually creating a configuration file at the incorrect path /etc/sasl2/memcached.conf/memcached.conf, that will continue to be respected.
If there were to be a regression, it would likely manifest as an authentication failure, which clients may display as a read or write failure, like the failure mode of the regression being fixed here. |
|
2020-06-12 23:03:24 |
Steve Langasek |
memcached (Ubuntu Focal): status |
Confirmed |
Fix Committed |
|
2020-06-12 23:03:27 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
2020-06-12 23:03:32 |
Steve Langasek |
tags |
block-proposed-eoan block-proposed-focal block-proposed-groovy focal patch patch-accepted-upstream regression-release server-next |
block-proposed-eoan block-proposed-focal block-proposed-groovy focal patch patch-accepted-upstream regression-release server-next verification-needed verification-needed-focal |
|
2020-06-13 07:49:21 |
Anders Kaseorg |
tags |
block-proposed-eoan block-proposed-focal block-proposed-groovy focal patch patch-accepted-upstream regression-release server-next verification-needed verification-needed-focal |
block-proposed-eoan block-proposed-focal block-proposed-groovy focal patch patch-accepted-upstream regression-release server-next verification-done-focal verification-needed |
|
2020-06-13 20:40:02 |
Anders Kaseorg |
tags |
block-proposed-eoan block-proposed-focal block-proposed-groovy focal patch patch-accepted-upstream regression-release server-next verification-done-focal verification-needed |
focal patch patch-accepted-upstream regression-release server-next verification-done-focal verification-needed |
|
2020-06-24 00:36:00 |
Launchpad Janitor |
memcached (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
2020-06-24 00:36:04 |
Chris Halse Rogers |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2020-06-24 12:30:35 |
Robie Basak |
memcached (Ubuntu Eoan): status |
Triaged |
Fix Committed |
|
2020-06-24 12:30:36 |
Robie Basak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2020-06-24 12:30:40 |
Robie Basak |
tags |
focal patch patch-accepted-upstream regression-release server-next verification-done-focal verification-needed |
focal patch patch-accepted-upstream regression-release server-next verification-done-focal verification-needed verification-needed-eoan |
|
2020-06-24 13:09:30 |
Robie Basak |
removed subscriber Ubuntu Sponsors Team |
|
|
|
2020-07-13 21:16:30 |
Sergio Durigan Junior |
tags |
focal patch patch-accepted-upstream regression-release server-next verification-done-focal verification-needed verification-needed-eoan |
focal patch patch-accepted-upstream regression-release server-next verification-done-eoan verification-done-focal verification-needed |
|
2020-08-18 15:16:27 |
Launchpad Janitor |
memcached (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
2020-08-18 15:16:28 |
Launchpad Janitor |
memcached (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
2020-08-31 23:45:43 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~bryce/ubuntu/+source/memcached/+git/memcached/+merge/390047 |
|
2020-09-11 10:50:04 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~moguimar/ubuntu/+source/memcached/+git/memcached/+merge/390612 |
|
2020-09-11 10:51:07 |
Moisés Guimarães de Medeiros |
merge proposal unlinked |
https://code.launchpad.net/~moguimar/ubuntu/+source/memcached/+git/memcached/+merge/390612 |
|
|
2020-09-11 10:54:35 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~moguimar/ubuntu/+source/memcached/+git/memcached/+merge/390612 |
|
2020-09-11 10:59:16 |
Moisés Guimarães de Medeiros |
merge proposal unlinked |
https://code.launchpad.net/~moguimar/ubuntu/+source/memcached/+git/memcached/+merge/390612 |
|
|