apport uses sys.argv instead of named arguments
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Apport |
Fix Released
|
Low
|
Julian Andres Klode | ||
apport (Ubuntu) |
Fix Released
|
Low
|
Unassigned | ||
Trusty |
Won't Fix
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Cosmic |
Won't Fix
|
Undecided
|
Unassigned | ||
Disco |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
SRU Description
[Impact]
data/apport which processes core files expects a certain quantity of arguments in a specific order. This ended up causing an issue with some security updates where we were trying to support a new version of apport on a host system and one inside a container.
This SRU for xenial and bionic based on the work made in cosmic enabled proper handling of named argument.
Note that this is disabled for now on ALL series
[Test Case]
No real test here since apport general behavior should be unchanged Just to check that the feature is disable, /proc/sys/
content should remain unchanged :
$> cat /proc/sys/
|/usr/share/
[Regression Potential]
The new feature is not enabled so the regression risk is fairly low. this will take place in a future coordinated SRU across all LTS but in the meanwhile we can make sure that there's no regression by making sure apport still behave properly. starting and killing xeyes should trigger apport normal operation and start apport.
$> xeyes &
$> kill -SEGV $!
End SRU Description
data/apport which processes core files expects a certain quantity of arguments in a specific order. This ended up causing an issue with some security updates where we were trying to support a new version of apport on a host system and one inside a container. Here's something of an example:
347 # Normal startup
348 if len(sys.argv) not in (5, 6):
349 try:
350 print('Usage: %s <pid> <signal number> <core file ulimit> <dump mode> [global pid]' % sys.argv[0])
351 print('The core dump is read from stdin.')
We could not maintain backwards compatibility because "global pid" is an optional argument and "dump mode" was a new argument. So if there were five arguments its possible the last one was "dump mode" (no global pid) or "global pid" (no support for dump mode).
Its possible to use strings in /proc/sys/
$ cat /proc/sys/
|/usr/share/
['/home/
Tyler said "that's probably a nice cleanup to make no matter what because the magic arg ordering is dangerous".
Related branches
- Brian Murray: Approve
-
Diff: 164 lines (+57/-19)4 files modifiedNEWS (+2/-0)
data/apport (+48/-17)
etc/init.d/apport (+6/-1)
use-local (+1/-1)
Changed in apport: | |
importance: | Undecided → Low |
status: | New → In Progress |
assignee: | nobody → Julian Andres Klode (juliank) |
tags: | added: id-5a0f2a3d5a9357e93d7f6816 |
Changed in apport (Ubuntu): | |
status: | New → Fix Committed |
Changed in apport: | |
status: | In Progress → Fix Committed |
Changed in apport (Ubuntu Cosmic): | |
status: | New → Won't Fix |
Changed in apport (Ubuntu Trusty): | |
status: | New → Fix Committed |
status: | Fix Committed → Won't Fix |
Changed in apport (Ubuntu Xenial): | |
status: | New → In Progress |
Changed in apport (Ubuntu Bionic): | |
status: | New → In Progress |
description: | updated |
description: | updated |
description: | updated |
Changed in apport: | |
milestone: | none → 2.21.0 |
status: | Fix Committed → Fix Released |
Changed in apport (Ubuntu): | |
importance: | Undecided → Low |
Um, we can do that. But I think there's a problem with containers and compatibility in forwarding messages over the socket (think new container, old host).
I wonder if /proc/sys/ kernel/ core_pattern is per-namespace too. If it is, that would be great. If not, a new host with old containers would break too: The containers would not understand the arguments. Specifically, containers need to get the host_pid in sys.argv[5], they do not care about the other arguments, so these could be -- options like that:
--pid=%p --signal=%s --core-size=%c --dump-mode=%d %P
but we could not add more options then either, because the forwarding only works with 6 arguments.