[Bug 1982487] Re: apport fails with PermissionError for dump mode 2 in containers
Launchpad Bug Tracker
1982487 at bugs.launchpad.net
Sat Aug 27 20:26:30 UTC 2022
This bug was fixed in the package apport - 2.23.0-0ubuntu1
---------------
apport (2.23.0-0ubuntu1) kinetic; urgency=medium
* New upstream release:
- apport-gtk:
- Gracefully handle import failure of gi (LP: #1980561)
- Catch AssertionError when importing Gdk (LP: #1980238)
- data/apport:
- Fix PermissionError for setuid programs inside container (LP: #1982487)
- Fix reading from stdin inside containers (LP: #1982555)
- apport-kde:
- Fix inverse order of choices (LP: #1967965)
- Import apport before usage (LP: #1980553)
- Drop old workaround for bug in SIP destructor (LP: #1980553)
- apport-unpack: Fix ValueError: ['separator'] has no binary content
(LP: #1889443)
- Fix _run_hook getting called with ui=None (LP: #1983481)
* Refresh patches and drop backported patches
* Fix pydocstyle and pylint complains in patches
-- Benjamin Drung <bdrung at ubuntu.com> Mon, 22 Aug 2022 22:31:55 +0200
** Changed in: apport (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1982487
Title:
apport fails with PermissionError for dump mode 2 in containers
Status in Apport:
Fix Released
Status in apport package in Ubuntu:
Fix Released
Status in apport source package in Focal:
New
Status in apport source package in Jammy:
New
Bug description:
[Impact]
Apport will fail for processes with dump mode 2 inside of containers.
[Test plan]
Run following testcase script inside a LXC container:
```
#!/bin/sh
sudo rm -rf /var/crash/* /var/log/apport.log
sudo -u mail sh -c "ping 127.0.0.1 > /dev/null" &
sleep 0.3
killall -11 ping
sleep 0.3
cat /var/log/apport.log
```
apport.log for the affected version:
```
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: called for pid 6449, signal 11, core limit 0, dump mode 2
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: not creating core for pid with dump mode of 2
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: Unhandled exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/apport/report.py", line 681, in add_proc_info
self["ExecutablePath"] = _read_proc_link(
File "/usr/lib/python3/dist-packages/apport/report.py", line 92, in _read_proc_link
return os.readlink(path, dir_fd=dir_fd)
PermissionError: [Errno 13] Permission denied: 'exe'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/share/apport/apport", line 862, in <module>
info.add_proc_info(proc_pid_fd=proc_pid_fd)
File "/usr/lib/python3/dist-packages/apport/report.py", line 686, in add_proc_info
raise ValueError("not accessible")
ValueError: not accessible
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: pid: 6452, uid: 0, gid: 0, euid: 8, egid: 8
ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: environment: environ({'LANG': 'C.UTF-8', 'PATH': '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin', 'LISTEN_PID': '6452', 'LISTEN_FDS': '1', 'LISTEN_FDNAMES': 'connection', 'INVOCATION_ID': '1352c67b4a21480a9b35db8012dafb42', 'JOURNAL_STREAM': '8:29587491', 'SYSTEMD_EXEC_PID': '6452'})
```
The apport log should not show a Traceback.
[Where problems could occur]
The apport binary is called by the kernel when a process crashes.
Worst case scenarios include breaking the apport binary and no problem
report is generated any more (or apport uses too much resources).
Users will see problems reports inside the container which cause
additional load or disk usage. The fix is accompanied by a test case
(run in autopkgtest).
[Other Info]
The autopkgtest for armhf are run inside a LXC container and some test
cases like test_crash_setuid_drop trigger this bug.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1982487/+subscriptions
More information about the foundations-bugs
mailing list