Ubuntu
systemd package

autopkgtest regression TEST-22-TMPFILES are not executable

Bug #1804864 reported by Dimitri John Ledkov
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Fix Released
Undecided
Unassigned
Bionic
Fix Released
Undecided
Unassigned
Cosmic
Fix Released
Undecided
Unassigned

Bug Description

[Impact]

 * Newly added testcase in a security upload used a traditional GNU patch format, instead of using extended git patch format, as supported by GNU patch. Therefore, executable bits on shells scripts were lost, resulting in autopkgtest failures.

[Test Case]

 * `upstream` test/TEST-22-TMPFILES autopkgtest case should pass.

[Regression Potential]

 * This is testcode change only.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI for others checking for current known test issues like me - this is in systemd/239-7ubuntu12 currently in -proposed

Due to that I'd think this must at least be triaged as there is this changelog entry:
  * test: Set executable bits on TEST-22-TMPFILES shell scripts. (LP: #1804864)
    File: debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0e5b6e44a962f299565949e1006a4ba86d171dc3

Changed in systemd (Ubuntu):
status: New → Triaged
Brian Murray (brian-murray)
summary: - autopkgtest regression TEST-22-TMPFILES are note executable
+ autopkgtest regression TEST-22-TMPFILES are not executable
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 239-7ubuntu14

---------------
systemd (239-7ubuntu14) disco; urgency=medium

  * Fix compat with new meson.
    File: debian/patches/meson-rename-Ddebug-to-Ddebug-extra.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3b764ec1b76768a8c40635019fa5a8acb81b223e

 -- Dimitri John Ledkov <email address hidden> Thu, 29 Nov 2018 16:53:00 +0000

Changed in systemd (Ubuntu):
status: Triaged → Fix Released
Dimitri John Ledkov (xnox)
Changed in systemd (Ubuntu Cosmic):
status: New → In Progress
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Dimitri, or anyone else affected,

Accepted systemd into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/239-7ubuntu10.5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in systemd (Ubuntu Cosmic):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-cosmic
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

========== TEST-22-TMPFILES ==========
make: Entering directory '/tmp/autopkgtest.K5eYsC/build.9vm/src/test/TEST-22-TMPFILES'
TEST CLEANUP: Tmpfiles related tests
TEST SETUP: Tmpfiles related tests
...
TEST RUN: Tmpfiles related tests
...
TEST RUN: Tmpfiles related tests [OK]
make: Leaving directory '/tmp/autopkgtest.K5eYsC/build.9vm/src/test/TEST-22-TMPFILES'

autopkgtest [02:14:17]: test upstream: -----------------------]
upstream PASS

the test case succeeds, and thus has the right executable permission.

tags: added: verification-done verification-done-cosmic
removed: verification-needed verification-needed-cosmic
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 237-3ubuntu10.11

---------------
systemd (237-3ubuntu10.11) bionic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden> Wed, 09 Jan 2019 15:11:53 +0000

Changed in systemd (Ubuntu Bionic):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 239-7ubuntu10.6

---------------
systemd (239-7ubuntu10.6) cosmic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden> Wed, 09 Jan 2019 14:37:15 +0000

Changed in systemd (Ubuntu Cosmic):
status: Fix Committed → Fix Released
Revision history for this message
Kleber Sacilotto de Souza (kleber-souza) wrote :

This bug was supposed to be fixed on bionic with systemd (237-3ubuntu10.11) but it's still failing:

https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/s/systemd/20190118_154706_1d013@/log.gz

========== TEST-22-TMPFILES ==========
make: Entering directory '/tmp/autopkgtest.wPokuU/build.7Yo/src/test/TEST-22-TMPFILES'
/bin/sh: 1: ./test.sh: Permission denied
make: *** [clean] Error 126
Makefile:4: recipe for target 'clean' failed
make: Leaving directory '/tmp/autopkgtest.wPokuU/build.7Yo/src/test/TEST-22-TMPFILES'

Revision history for this message
Kleber Sacilotto de Souza (kleber-souza) wrote :

While running ADT tests with the new systemd packages on both Bionic and Cosmic we get the following error on the src pkg install phase:

dpkg-source: warning: diff 'src/debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch' doesn't contain any patch

Looking back at the log history of the tests, the testcase never failed on Cosmic. An example is this test result with systemd 239-7ubuntu9:
https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-cosmic/cosmic/amd64/s/systemd/20181013_012203_828ba@/log.gz

And as I stated on my previous comment, the test is still failing on Bionic. So it seems that the fix proposed for this issue is not taking any effect.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

The warning is always there, but the permissions are correctly applied in cosmic+
So for bionic we will need a chmod +x added in the debian/tests/upstream, or somewhere like that.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.