autopkgtest regression TEST-22-TMPFILES are not executable

Bug #1804864 reported by Dimitri John Ledkov on 2018-11-23
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Undecided
Unassigned
Bionic
Undecided
Unassigned
Cosmic
Undecided
Unassigned

Bug Description

[Impact]

 * Newly added testcase in a security upload used a traditional GNU patch format, instead of using extended git patch format, as supported by GNU patch. Therefore, executable bits on shells scripts were lost, resulting in autopkgtest failures.

[Test Case]

 * `upstream` test/TEST-22-TMPFILES autopkgtest case should pass.

[Regression Potential]

 * This is testcode change only.

FYI for others checking for current known test issues like me - this is in systemd/239-7ubuntu12 currently in -proposed

Due to that I'd think this must at least be triaged as there is this changelog entry:
  * test: Set executable bits on TEST-22-TMPFILES shell scripts. (LP: #1804864)
    File: debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0e5b6e44a962f299565949e1006a4ba86d171dc3

Changed in systemd (Ubuntu):
status: New → Triaged
summary: - autopkgtest regression TEST-22-TMPFILES are note executable
+ autopkgtest regression TEST-22-TMPFILES are not executable
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 239-7ubuntu14

---------------
systemd (239-7ubuntu14) disco; urgency=medium

  * Fix compat with new meson.
    File: debian/patches/meson-rename-Ddebug-to-Ddebug-extra.patch
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3b764ec1b76768a8c40635019fa5a8acb81b223e

 -- Dimitri John Ledkov <email address hidden> Thu, 29 Nov 2018 16:53:00 +0000

Changed in systemd (Ubuntu):
status: Triaged → Fix Released
Changed in systemd (Ubuntu Cosmic):
status: New → In Progress

Hello Dimitri, or anyone else affected,

Accepted systemd into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/systemd/239-7ubuntu10.5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in systemd (Ubuntu Cosmic):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-cosmic
Dimitri John Ledkov (xnox) wrote :

========== TEST-22-TMPFILES ==========
make: Entering directory '/tmp/autopkgtest.K5eYsC/build.9vm/src/test/TEST-22-TMPFILES'
TEST CLEANUP: Tmpfiles related tests
TEST SETUP: Tmpfiles related tests
...
TEST RUN: Tmpfiles related tests
...
TEST RUN: Tmpfiles related tests [OK]
make: Leaving directory '/tmp/autopkgtest.K5eYsC/build.9vm/src/test/TEST-22-TMPFILES'

autopkgtest [02:14:17]: test upstream: -----------------------]
upstream PASS

the test case succeeds, and thus has the right executable permission.

tags: added: verification-done verification-done-cosmic
removed: verification-needed verification-needed-cosmic
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 237-3ubuntu10.11

---------------
systemd (237-3ubuntu10.11) bionic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden> Wed, 09 Jan 2019 15:11:53 +0000

Changed in systemd (Ubuntu Bionic):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 239-7ubuntu10.6

---------------
systemd (239-7ubuntu10.6) cosmic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix syslog_parse_identifier()
    - CVE-2018-16866

  * Fix LP: #1804603 - btrfs-util: unbreak tmpfiles' subvol creation
    - add debian/patches/btrfs-util-unbreak-tmpfiles-subvol-creation.patch
    - update debian/patches/series
  * Fix LP: #1804864 - test: Set executable bits on TEST-22-TMPFILES shell scripts
    - add debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch
    - update debian/patches/series

 -- Chris Coulson <email address hidden> Wed, 09 Jan 2019 14:37:15 +0000

Changed in systemd (Ubuntu Cosmic):
status: Fix Committed → Fix Released

This bug was supposed to be fixed on bionic with systemd (237-3ubuntu10.11) but it's still failing:

https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/s/systemd/20190118_154706_1d013@/log.gz

========== TEST-22-TMPFILES ==========
make: Entering directory '/tmp/autopkgtest.wPokuU/build.7Yo/src/test/TEST-22-TMPFILES'
/bin/sh: 1: ./test.sh: Permission denied
make: *** [clean] Error 126
Makefile:4: recipe for target 'clean' failed
make: Leaving directory '/tmp/autopkgtest.wPokuU/build.7Yo/src/test/TEST-22-TMPFILES'

While running ADT tests with the new systemd packages on both Bionic and Cosmic we get the following error on the src pkg install phase:

dpkg-source: warning: diff 'src/debian/patches/test-Set-executable-bits-on-TEST-22-TMPFILES-shell-script.patch' doesn't contain any patch

Looking back at the log history of the tests, the testcase never failed on Cosmic. An example is this test result with systemd 239-7ubuntu9:
https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-cosmic/cosmic/amd64/s/systemd/20181013_012203_828ba@/log.gz

And as I stated on my previous comment, the test is still failing on Bionic. So it seems that the fix proposed for this issue is not taking any effect.

Dimitri John Ledkov (xnox) wrote :

The warning is always there, but the permissions are correctly applied in cosmic+
So for bionic we will need a chmod +x added in the debian/tests/upstream, or somewhere like that.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers