[Bug 1769301] Re: resetting /proc/thread-self/attr/fscreate results in 'Invalid Argument'

Igor Klyuchnikov 1769301 at bugs.launchpad.net
Thu Aug 23 17:39:57 UTC 2018 

Got the same problem. It looks like the problem is in the kernel 4.15
with Canonical patches. Vanilla 4.15, built from source, has no problem
with useradd. Ubuntu 16.04 LTS kernel 4.13 generic, built from source,
is also  ok. I've spent plenty of time trying to make it work.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libselinux in Ubuntu.
https://bugs.launchpad.net/bugs/1769301

Title:
  resetting /proc/thread-self/attr/fscreate results in 'Invalid
  Argument'

Status in libselinux package in Ubuntu:
  New

Bug description:
  root at ubuntu:~# useradd -g 100 tst003
  useradd: failure while writing changes to /etc/passwd

  root at ubuntu:~# sestatus 
  SELinux status:                 enabled
  SELinuxfs mount:                /sys/fs/selinux
  SELinux root directory:         /etc/selinux
  Loaded policy name:             default
  Current mode:                   permissive
  Mode from config file:          permissive
  Policy MLS status:              enabled
  Policy deny_unknown status:     allowed
  Memory protection checking:     requested (insecure)
  Max kernel policy version:      31

  
  The problem does not occur when SELinux is complete disabled.

  Please note that a very similar problem occurs using groupadd:

  root at ubuntu:~# groupadd tstgrp001
  groupadd: failure while writing changes to /etc/group

  
  = journal = 
  (Please note that there is *no* AVC!)

  May 05 05:11:44 ubuntu useradd[756]: new user: name=tst003, UID=1004, GID=100, home=/home/tst003, shell=/bin/sh
  May 05 05:11:44 ubuntu audit[756]: ADD_USER pid=756 uid=0 auid=1002 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=adding user id=1004 exe="/usr/sbin/useradd" hostname=ubuntu addr=? terminal=pts/0 res=success'
  May 05 05:11:44 ubuntu useradd[756]: failure while writing changes to /etc/passwd
  May 05 05:11:44 ubuntu audit[756]: ADD_USER pid=756 uid=0 auid=1002 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=adding user acct="tst003" exe="/usr/sbin/useradd" hostname=ubuntu addr=? terminal=pts/0 res=failed'
  May 05 05:11:44 ubuntu useradd[756]: failed adding user 'tst003', data deleted

  = ltrace =

  [pid 1074] SYS_write(12, "root:x:"..., 1360) = 1360
  [pid 1074] <... fflush resumed> )                = 0
  [pid 1074] fileno(0x5595b21c6200)                = 12
  [pid 1074] fsync(12, 0x5595b21c62e0, 0, 0x7ff933d5c154 <unfinished ...>
  [pid 1074] SYS_fsync(12)                         = 0
  [pid 1074] <... fsync resumed> )                 = 0
  [pid 1074] fclose(0x5595b21c6200 <unfinished ...>
  [pid 1074] SYS_close(12)                         = 0
  [pid 1074] <... fclose resumed> )                = 0
  [pid 1074] utime(0x7ffee34207e0, 0x7ffee34206b0, 0x5595b21af010, 1 <unfinished ...>
  [pid 1074] SYS_utime("/etc/passwd-", 0x7ffee34206b0) = 0
  [pid 1074] <... utime resumed> )                 = 0
  [pid 1074] fclose(0x5595b21af2a0 <unfinished ...>
  [pid 1074] SYS_close(5)                          = 0
  [pid 1074] <... fclose resumed> )                = 0
  [pid 1074] setfscreatecon(0, 0x5595b21af118, 1, 2 <unfinished ...>
  [pid 1074] SYS_openat(0xffffff9c, 0x5595b21cebc0, 0x80002, 0) = 5
  [pid 1074] SYS_write(5, nil, 0)                  = -22
  [pid 1074] SYS_close(5)                          = 0
  [pid 1074] <... setfscreatecon resumed> )        = 0xffffffff
  [pid 1074] free(0x5595b21b9dc0)                  = <void>
  [pid 1074] free(0x5595b21b8a00)                  = <void>
  [pid 1074] strlen("x")                           = 1
  [pid 1074] memset(0x5595b21b7560, '\0', 1)       = 0x5595b21b7560
  [pid 1074] free(0x5595b21b7560)                  = <void>
  [pid 1074] free(0x5595b21b94e0)                  = <void>
  [pid 1074] free(0x5595b21b9000)                  = <void>
  [pid 1074] free(0x5595b21b8fc0)                  = <void>

  = strace =

  write(12, "root:x:"..., 1360) = 1360
  fsync(12)                               = 0
  close(12)                               = 0
  utime("/etc/passwd-", {actime=1525497034 /* 2018-05-05T05:10:34+0000 */, modtime=1525496803 /* 2018-05-05T05:06:43+0000 */}) = 0
  close(5)                                = 0
  openat(AT_FDCWD, "/proc/thread-self/attr/fscreate", O_RDWR|O_CLOEXEC) = 5
  write(5, NULL, 0)                       = -1 EINVAL (Invalid argument)
  close(5)                                = 0

  = Version Information =
  root at ubuntu:~# lsb_release -rd
  Description:	Ubuntu 18.04 LTS
  Release:	18.04

  root at ubuntu:~# dpkg -l | grep passwd | grep -v base-pa
  ii  passwd                                1:4.5-1ubuntu1                    amd64        change and administer password and group data

  root at ubuntu:~# dpkg -l | grep selinux
  ii  libselinux1:amd64                     2.7-2build2                       amd64        SELinux runtime shared libraries
  ii  python3-selinux                       2.7-2build2                       amd64        Python3 bindings to SELinux shared libraries
  ii  selinux-basics                        0.5.6                             all          SELinux basic support
  ii  selinux-policy-default                2:2.20180114-1                    all          Strict and Targeted variants of the SELinux policy
  ii  selinux-policy-dev                    2:2.20180114-1                    all          Headers from the SELinux reference policy for building modules
  ii  selinux-utils                         2.7-2build2                       amd64        SELinux utility programs

  root at ubuntu:~# uname -a
  Linux ubuntu 4.15.0-20-generic #21-Ubuntu SMP Tue Apr 24 06:16:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libselinux/+bug/1769301/+subscriptions

More information about the foundations-bugs mailing list