/proc/self/exe is not necessarily correct on overlayfs

Bug #1030519 reported by Mike Mestnik
20
This bug affects 2 people
Affects Status Importance Assigned to Milestone
logwatch (Ubuntu)
Invalid
Undecided
Unassigned
perl (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Perl should check the value from /proc/self/exe for correctness. I'll open a bug in logwatch also, however there are likely many more applications that make use of this and depend on it's correctness. Bug number 1007089 tracks the overlayfs bug.

/etc/cron.daily/00logwatch:
sh: 1: /bin/perl: not found
sh: 1: /bin/perl: not found
system 'cat '/var/log/mail.log' '/var/log/mail.log.1' | /bin/perl /usr/share/logwatch/scripts/shared/expandrepeats ''| /bin/perl /usr/share/logwatch/scripts/shared/applystddate ''>/tmp/logwatch.BMbdlb_J/maillog' failed: 32512 at /usr/sbin/logwatch line 871.
run-parts: /etc/cron.daily/00logwatch exited with return code 2

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: perl 5.14.2-6ubuntu2
ProcVersionSignature: Ubuntu 3.2.0-23.31-lowlatency-pae 3.2.14
Uname: Linux 3.2.0-23-lowlatency-pae i686
ApportVersion: 2.0.1-0ubuntu8
Architecture: i386
Date: Sun Jul 29 09:06:20 2012
SourcePackage: perl
UpgradeStatus: Upgraded to precise on 2012-01-03 (208 days ago)

Revision history for this message
Mike Mestnik (cheako) wrote :
Revision history for this message
Robie Basak (racb) wrote :

Posted in a duplicate:

Thank you for taking the time to report this bug and helping to make Ubuntu better.

It seems to me that /proc/self/exe being broken in overlayfs is a bug in overlayfs, not in perl or logwatch. But I am interested to hear what the kernel team decide on this.

Presumably this either needs to be fixed in overlayfs, or in every package that uses /proc/self/exe. It would make sense to make an Ubuntu-wide decision on the appropriate course of action here.

Launchpad's bug tracking allows for a single issue to be tracked across multiple packages. I think this is an appropriate issue to track this way, since it will stop discussion and appropriate decisions on the same issue being scattered across many bugs.

So I'm marking this bug as a dupe of bug 1030519, renaming bug 1030519 appropriately, and will add a logwatch task to bug 1030519 to track it there. Please continue discussion in bug 1030519.

I also think that this issue should probably be marked Invalid in both perl and logwatch, since it is reasonable to expect /proc/self/exe to work. But I would like to hear the kernel team's opinion on this first. I'm not marking this as a dupe of the kernel bug 1007089 pending feedback from the kernel team.

Mike, have you tried contacting the kernel team on this? The ubuntu-devel or kernel-team lists would probably be appropriate here. Also, this mailing list post seems relevant: https://lists.ubuntu.com/archives/ubuntu-devel/2012-February/034850.html

summary: - perlvar: EXECUTABLE_NAME or ^X broken under overlayfs.
+ /proc/self/exe is not necessarily correct on overlayfs
Revision history for this message
Robie Basak (racb) wrote :

Marking Incomplete in logwatch, pending feedback from kernel team.

Changed in logwatch (Ubuntu):
status: New → Incomplete
Revision history for this message
Mike Mestnik (cheako) wrote :

That's only some what reasonable. One would expect a perl API to work always(but it doesn't)... However the same is not true of kernel APIs, the opposite is vary much the case.

You don't call open() and then turn right around and operate on the new file handle, no you don't even do this usually in perl. The same could be true of files in proc and actually using stuff in proc is a vary bad API to begin with and perl should migrate to using another API for this.

With open you test the return code and based on that you 'trust' the file handle is iether usable or not usable. The same is true of proc, you need to at the vary least see if this is a file that's executable, a simple test.

I believe that every application using proc should be modified to not depend on the API, as it CAN be changed at any time. It's not supposed to be used by applications, that's why /sys was written.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in perl (Ubuntu):
status: New → Confirmed
Revision history for this message
Bryce Harrington (bryce) wrote :

While there was some discussion by the kernel community around this on the associated bug, it appears to remain unresolved there. But it looks to me that Robie's assessment still stands that it wouldn't be appropriate to change this in just the logwatch patch alone. Given the age of this bug, I'm going to mark the logwatch task closed as I don't think there's any further action we can take on it at this time.

Changed in logwatch (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.