| 2020-09-01 02:19:10 |
Thomas Leavitt |
bug |
|
|
added bug |
| 2020-09-01 02:35:32 |
Thomas Leavitt |
description |
My client has 200+ devices automatically uploading information via sftp and scp to a server every few minutes. After a recent update, I noticed the load on their server spiking through the roof. Upon investigation, I discovered a horde of landscape-sysinfo and /usr/bin/lsb_release processes running that correlated with login session notifications in /etc/syslog and the load spikes.
It appears that even in non-interactive sessions where this information will never be seen, the configuration options below in /etc/pam.d/sshd cause these items to be launched (in fact, probably everything in /etc/update-motd.d). This only started on the system in question after a recent set of system updates were in stalled.
The content of /etc/update-motd.d/* really, really, really shouldn't be executed if the session in question is not interactive, as it provides no value at all. Unfortunately, to disable it for these non-interactive sessions, we also have to disable it for the interactive ones as well where it has some value (though not enough to make spiking the load on this server through the roof an acceptable tradeoff).
# Print the message of the day upon successful login.
# This includes a dynamically generated part from /run/motd.dynamic
# and a static (admin-editable) part from /etc/motd.
#session optional pam_motd.so motd=/run/motd.dynamic
#session optional pam_motd.so noupdate
Also, looking at the script 00-header in /etc/update-motd.d/, /usr/bin/lsb_release is being improperly launched, as /etc/lsb_release does include the necessary information:
[ -r /etc/lsb-release ] && . /etc/lsb-release
if [ -z "$DISTRIB_DESCRIPTION" ] && [ -x /usr/bin/lsb_release ]; then
# Fall back to using the very slow lsb_release utility
DISTRIB_DESCRIPTION=$(lsb_release -s -d)
fi
# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.7 LTS" |
My client has 200+ devices automatically uploading information via sftp and scp to a server every few minutes. After a recent update, I noticed the load on their server spiking through the roof. Upon investigation, I discovered a horde of landscape-sysinfo and /usr/bin/lsb_release processes running that correlated with login session notifications in /var/log/syslog and the load spikes.
It appears that even in non-interactive sessions where this information will never be seen, the configuration options below in /etc/pam.d/sshd cause these items to be launched (in fact, probably everything in /etc/update-motd.d). This only started on the system in question after a recent set of system updates were in stalled.
The content of /etc/update-motd.d/* really, really, really shouldn't be executed if the session in question is not interactive, as it provides no value at all. Unfortunately, to disable it for these non-interactive sessions, we also have to disable it for the interactive ones as well where it has some value (though not enough to make spiking the load on this server through the roof an acceptable tradeoff).
# Print the message of the day upon successful login.
# This includes a dynamically generated part from /run/motd.dynamic
# and a static (admin-editable) part from /etc/motd.
#session optional pam_motd.so motd=/run/motd.dynamic
#session optional pam_motd.so noupdate
Also, looking at the script 00-header in /etc/update-motd.d/, /usr/bin/lsb_release is being improperly launched, as /etc/lsb_release does include the necessary information:
[ -r /etc/lsb-release ] && . /etc/lsb-release
if [ -z "$DISTRIB_DESCRIPTION" ] && [ -x /usr/bin/lsb_release ]; then
# Fall back to using the very slow lsb_release utility
DISTRIB_DESCRIPTION=$(lsb_release -s -d)
fi
# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.7 LTS" |
|
| 2020-09-01 02:36:03 |
Thomas Leavitt |
description |
My client has 200+ devices automatically uploading information via sftp and scp to a server every few minutes. After a recent update, I noticed the load on their server spiking through the roof. Upon investigation, I discovered a horde of landscape-sysinfo and /usr/bin/lsb_release processes running that correlated with login session notifications in /var/log/syslog and the load spikes.
It appears that even in non-interactive sessions where this information will never be seen, the configuration options below in /etc/pam.d/sshd cause these items to be launched (in fact, probably everything in /etc/update-motd.d). This only started on the system in question after a recent set of system updates were in stalled.
The content of /etc/update-motd.d/* really, really, really shouldn't be executed if the session in question is not interactive, as it provides no value at all. Unfortunately, to disable it for these non-interactive sessions, we also have to disable it for the interactive ones as well where it has some value (though not enough to make spiking the load on this server through the roof an acceptable tradeoff).
# Print the message of the day upon successful login.
# This includes a dynamically generated part from /run/motd.dynamic
# and a static (admin-editable) part from /etc/motd.
#session optional pam_motd.so motd=/run/motd.dynamic
#session optional pam_motd.so noupdate
Also, looking at the script 00-header in /etc/update-motd.d/, /usr/bin/lsb_release is being improperly launched, as /etc/lsb_release does include the necessary information:
[ -r /etc/lsb-release ] && . /etc/lsb-release
if [ -z "$DISTRIB_DESCRIPTION" ] && [ -x /usr/bin/lsb_release ]; then
# Fall back to using the very slow lsb_release utility
DISTRIB_DESCRIPTION=$(lsb_release -s -d)
fi
# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.7 LTS" |
My client has 200+ devices automatically uploading information via sftp and scp to a server every few minutes. After a recent update, I noticed the load on their server spiking through the roof. Upon investigation, I discovered a horde of landscape-sysinfo and /usr/bin/lsb_release processes running that correlated with login session notifications in /var/log/syslog and the load spikes.
It appears that even in non-interactive sessions where this information will never be seen, the configuration options below in /etc/pam.d/sshd cause these items to be launched (in fact, probably everything in /etc/update-motd.d). This only started on the system in question after a recent set of system updates were installed.
The content of /etc/update-motd.d/* really, really, really shouldn't be executed if the session in question is not interactive, as it provides no value at all. Unfortunately, to disable it for these non-interactive sessions, we also have to disable it for the interactive ones as well where it has some value (though not enough to make spiking the load on this server through the roof an acceptable tradeoff).
# Print the message of the day upon successful login.
# This includes a dynamically generated part from /run/motd.dynamic
# and a static (admin-editable) part from /etc/motd.
#session optional pam_motd.so motd=/run/motd.dynamic
#session optional pam_motd.so noupdate
Also, looking at the script 00-header in /etc/update-motd.d/, /usr/bin/lsb_release is being improperly launched, as /etc/lsb_release does include the necessary information:
[ -r /etc/lsb-release ] && . /etc/lsb-release
if [ -z "$DISTRIB_DESCRIPTION" ] && [ -x /usr/bin/lsb_release ]; then
# Fall back to using the very slow lsb_release utility
DISTRIB_DESCRIPTION=$(lsb_release -s -d)
fi
# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.7 LTS" |
|
| 2020-09-01 09:48:41 |
Haw Loeung |
bug |
|
|
added subscriber Haw Loeung |
| 2020-09-01 09:51:16 |
Haw Loeung |
bug task added |
|
base-files (Ubuntu) |
|
| 2020-09-01 09:56:53 |
Haw Loeung |
bug task added |
|
landscape-client (Ubuntu) |
|
| 2020-09-03 14:26:21 |
Rafael David Tinoco |
bug task added |
|
update-motd (Ubuntu) |
|
| 2020-09-03 14:26:27 |
Rafael David Tinoco |
bug task deleted |
openssh (Ubuntu) |
|
|
| 2020-09-03 14:26:32 |
Rafael David Tinoco |
bug task deleted |
base-files (Ubuntu) |
|
|
| 2020-09-03 14:26:45 |
Rafael David Tinoco |
update-motd (Ubuntu): status |
New |
Triaged |
|
| 2020-09-03 14:26:47 |
Rafael David Tinoco |
update-motd (Ubuntu): importance |
Undecided |
Wishlist |
|
| 2020-09-03 14:31:54 |
Rafael David Tinoco |
bug task deleted |
landscape-client (Ubuntu) |
|
|
| 2020-09-03 14:32:00 |
Rafael David Tinoco |
bug |
|
|
added subscriber Ubuntu Server |
| 2020-09-03 17:20:05 |
Simon Déziel |
bug |
|
|
added subscriber Simon Déziel |
| 2022-03-28 11:11:12 |
Christian Ehrhardt |
tags |
|
server-todo |
|
| 2022-03-28 11:11:16 |
Christian Ehrhardt |
update-motd (Ubuntu): importance |
Wishlist |
High |
|
| 2022-03-28 12:52:32 |
Christian Ehrhardt |
bug task added |
|
pam (Ubuntu) |
|
| 2022-03-28 12:52:39 |
Christian Ehrhardt |
pam (Ubuntu): status |
New |
Confirmed |
|
| 2022-03-28 12:52:42 |
Christian Ehrhardt |
update-motd (Ubuntu): status |
Triaged |
Confirmed |
|
| 2022-03-28 12:52:43 |
Christian Ehrhardt |
pam (Ubuntu): importance |
Undecided |
High |
|
| 2022-03-28 13:58:56 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
| 2022-03-28 15:05:25 |
Andreas Hasenack |
bug |
|
|
added subscriber Andreas Hasenack |
| 2022-03-29 14:22:02 |
Christian Ehrhardt |
bug task added |
|
ubuntu-release-upgrader (Ubuntu) |
|
| 2022-03-29 14:22:10 |
Christian Ehrhardt |
bug task added |
|
update-notifier (Ubuntu) |
|
| 2022-03-29 14:22:16 |
Christian Ehrhardt |
bug task added |
|
landscape-client (Ubuntu) |
|
| 2022-03-30 10:09:10 |
Christian Ehrhardt |
landscape-client (Ubuntu): status |
New |
In Progress |
|
| 2022-03-30 10:09:16 |
Christian Ehrhardt |
ubuntu-release-upgrader (Ubuntu): status |
New |
In Progress |
|
| 2022-03-30 10:09:18 |
Christian Ehrhardt |
update-notifier (Ubuntu): status |
New |
In Progress |
|
| 2022-03-30 10:09:21 |
Christian Ehrhardt |
update-notifier (Ubuntu): assignee |
|
Christian Ehrhardt (paelzer) |
|
| 2022-03-30 10:09:23 |
Christian Ehrhardt |
ubuntu-release-upgrader (Ubuntu): assignee |
|
Christian Ehrhardt (paelzer) |
|
| 2022-03-30 10:09:25 |
Christian Ehrhardt |
landscape-client (Ubuntu): assignee |
|
Christian Ehrhardt (paelzer) |
|
| 2022-03-30 10:09:27 |
Christian Ehrhardt |
landscape-client (Ubuntu): importance |
Undecided |
Critical |
|
| 2022-03-30 10:09:29 |
Christian Ehrhardt |
ubuntu-release-upgrader (Ubuntu): importance |
Undecided |
High |
|
| 2022-03-30 10:09:31 |
Christian Ehrhardt |
update-notifier (Ubuntu): importance |
Undecided |
High |
|
| 2022-03-30 10:09:34 |
Christian Ehrhardt |
update-motd (Ubuntu): importance |
High |
Medium |
|
| 2022-03-30 10:10:07 |
Christian Ehrhardt |
pam (Ubuntu): importance |
High |
Medium |
|
| 2022-03-30 10:12:07 |
Christian Ehrhardt |
update-motd (Ubuntu): status |
Confirmed |
Invalid |
|
| 2022-03-30 12:54:54 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/ubuntu/+source/update-notifier/+git/update-notifier/+merge/417912 |
|
| 2022-03-30 12:54:54 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/ubuntu/+source/ubuntu-release-upgrader/+git/ubuntu-release-upgrader/+merge/417913 |
|
| 2022-03-30 12:54:55 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/ubuntu/+source/landscape-client/+git/landscape-client/+merge/417914 |
|
| 2022-04-01 05:39:54 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/update-notifier/+git/update-notifier/+merge/418122 |
|
| 2022-04-01 11:35:52 |
Launchpad Janitor |
ubuntu-release-upgrader (Ubuntu): status |
In Progress |
Fix Released |
|
| 2022-04-04 12:59:41 |
Launchpad Janitor |
landscape-client (Ubuntu): status |
In Progress |
Fix Released |
|
| 2022-04-05 23:26:34 |
Launchpad Janitor |
update-notifier (Ubuntu): status |
In Progress |
Fix Released |
|
| 2022-04-06 06:16:25 |
Christian Ehrhardt |
bug watch added |
|
https://github.com/linux-pam/linux-pam/issues/452 |
|
| 2022-04-06 06:16:46 |
Christian Ehrhardt |
bug task added |
|
pam |
|
| 2022-04-06 07:41:50 |
Bug Watch Updater |
pam: status |
Unknown |
New |
|
| 2022-04-06 15:09:16 |
Christian Ehrhardt |
tags |
server-todo |
|
|
