Your message dated Fri, 09 Feb 2018 22:52:12 +0000 with message-id <e1ekhwe-000evo...@fasolo.debian.org> and subject line Bug#889144: fixed in systemd 237-2 has caused the Debian Bug report #889144, regarding stricter PIDfile handling breaks several daemons to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 889144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889144 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: systemd Version: 237-1 Severity: important Tags: upstream Hi! The upstream commit db256aab13d8a89d583ecd2bacf0aca87c66effc "core: be stricter when handling PID files and MAINPID sd_notify() messages" breaks several daemons in Debian. Known issues exist for - munin-node https://bugs.debian.org/889073 - ulogd2 - dnsmasq https://lists.debian.org/debian-user/2018/01/msg01331.html and possibly others. Symptom is a timeout during service start, constant service restarts (if configured) and log messages like: Feb 2 14:22:49 HOST systemd[1]: ulogd2.service: Permission denied while opening PID file or unsafe symlink chain: /run/ulog/ulogd.pid Feb 2 14:23:54 HOST systemd[1]: munin-node.service: Permission denied while opening PID file or unsafe symlink chain: /run/munin/munin-node.pid Problem lies, as far as I understand the change, in the permissions of the directory in which the PIDfile is created by the daemon. In all cases it does not belong root:root but the respective service user: HOST:/run# ls -ld ulog munin drwxr-xr-x 2 munin root 100 Feb 2 14:50 munin drwxr-xr-x 2 ulog ulog 40 Feb 2 14:24 ulog My quick'n'dirty workaround for munin was to change the PIDfile path to just "/run" in both the systemd unit and the configuration file and for ulogd2 I converted the unit from Type=forking to Type=simple, omitting the PIDfile completely. But this can only be a workaround in my opinion, because the upstream change changes an assumption on how and where PIDfiles can work without any prior notice. This needs to be changed to a non-fatal warning and not an error, IMHO. Grüße, Sven. -- Package-specific info: -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable'), (500, 'testing'), (200, 'experimental'), (1, 'experimental-debug') Architecture: i386 (x86_64) Foreign Architectures: amd64 Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd depends on: ii adduser 3.116 ii libacl1 2.2.52-3+b1 ii libapparmor1 2.12-2 ii libaudit1 1:2.8.2-1 ii libblkid1 2.30.2-0.3 ii libc6 2.26-6 ii libcap2 1:2.25-1.2 ii libcryptsetup12 2:2.0.0-1 ii libgcrypt20 1.8.1-4 ii libgpg-error0 1.27-5 ii libidn11 1.33-2.1 ii libip4tc0 1.6.1-2+b1 ii libkmod2 25-1 ii liblz4-1 0.0~r131-2+b1 ii liblzma5 5.2.2-1.3 ii libmount1 2.30.2-0.3 ii libpam0g 1.1.8-3.6 ii libseccomp2 2.3.1-2.1 ii libselinux1 2.7-2 ii libsystemd0 237-1 ii mount 2.30.2-0.3 ii procps 2:3.3.12-3 ii util-linux 2.30.2-0.3 Versions of packages systemd recommends: ii dbus 1.12.2-1 ii libpam-systemd 237-1 Versions of packages systemd suggests: ii policykit-1 0.105-18 pn systemd-container <none> Versions of packages systemd is related to: pn dracut <none> ii initramfs-tools 0.130 ii udev 237-1 -- Configuration Files: /etc/systemd/journald.conf changed [not included] /etc/systemd/logind.conf changed [not included] /etc/systemd/system.conf changed [not included] -- debconf-show failed
--- End Message ---
--- Begin Message ---Source: systemd Source-Version: 237-2 We believe that the bug you reported is fixed in the latest version of systemd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 889...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Biebl <bi...@debian.org> (supplier of updated systemd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 09 Feb 2018 23:35:31 +0100 Source: systemd Binary: systemd systemd-sysv systemd-container systemd-journal-remote systemd-coredump systemd-tests libpam-systemd libnss-myhostname libnss-mymachines libnss-resolve libnss-systemd libsystemd0 libsystemd-dev udev libudev1 libudev-dev udev-udeb libudev1-udeb Architecture: source Version: 237-2 Distribution: unstable Urgency: medium Maintainer: Debian systemd Maintainers <pkg-systemd-maintain...@lists.alioth.debian.org> Changed-By: Michael Biebl <bi...@debian.org> Description: libnss-myhostname - nss module providing fallback resolution for the current hostname libnss-mymachines - nss module to resolve hostnames for local container instances libnss-resolve - nss module to resolve names via systemd-resolved libnss-systemd - nss module providing dynamic user and group name resolution libpam-systemd - system and service manager - PAM module libsystemd-dev - systemd utility library - development files libsystemd0 - systemd utility library libudev-dev - libudev development files libudev1 - libudev shared library libudev1-udeb - libudev shared library (udeb) systemd - system and service manager systemd-container - systemd container/nspawn tools systemd-coredump - tools for storing and retrieving coredumps systemd-journal-remote - tools for sending and receiving remote journal logs systemd-sysv - system and service manager - SysV links systemd-tests - tests for systemd udev - /dev/ and hotplug management daemon udev-udeb - /dev/ and hotplug management daemon (udeb) Closes: 889144 889665 Changes: systemd (237-2) unstable; urgency=medium . * Drop debian/extra/rules/70-debian-uaccess.rules. Up-to-date udev rules for U2F devices are shipped in libu2f-udev nowadays. (Closes: #889665) * service: relax PID file symlink chain checks a bit. Let's read the PID file after all if there's a potentially unsafe symlink chain in place. But if we do, then refuse taking the PID if its outside of the cgroup. (Closes: #889144) Checksums-Sha1: 42a25a70aca4c68f37a91964699b0c359d51374f 4847 systemd_237-2.dsc 02bb23e925619c53888b9f8cc3ecc13156188218 134104 systemd_237-2.debian.tar.xz 38d09fcd0a0d9a3f7098b7e65fe90b31601574ab 9973 systemd_237-2_source.buildinfo Checksums-Sha256: ac589748103ad5e704cde8d6b69ce9a4b45370418b1486b4137c8bd20f1c0a13 4847 systemd_237-2.dsc ed743c30614252caafb5572582858aab7014a2452429448c06543ea6b1431441 134104 systemd_237-2.debian.tar.xz 1668fc3b33b4f235a71b2c4eed6e1b0786dba006e6f6e6b24644c0ca2455152a 9973 systemd_237-2_source.buildinfo Files: dfeb1cdc2dd35abd871663227329c798 4847 admin optional systemd_237-2.dsc 90279fd7bb8d221a61071c04956ecc51 134104 admin optional systemd_237-2.debian.tar.xz 309c7ebe56c26d0cd6632b6a0fdd1c93 9973 admin optional systemd_237-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEECbOsLssWnJBDRcxUauHfDWCPItwFAlp+ImwACgkQauHfDWCP Itz+OQ/9EgLy2/GsNV61+4CebTHkoyDVldQfJ3L2ziA58GqVmZfFJWIutnzjDlyv 9KIXl9VF+qe852nEosjtwRoEyjXA4QKP5IJmG5y5yepwX74Qx9vHLAkk/kfKWo4e 65Dkx50MF4IgTL+T32UsAbNicojmPGjMSiDK4Sc5u73i3TMbXFJNcJ/bM/UeSERi oUhvKPlpxN9LZVySYqpHvb2X2ukeb+HTRf48BBUsgGASKNyLNYEu917OHsDY6YB4 vGNZ3geel+kWL3H38Fsxklq/KjrlvAL02Sh2VY0UahrJFAHrbKedthOmqn2kLUdo EOV2iOQGk+q28iFprFCK3jtbaR3vWtq0Bd3D8aWSq3vavP8Ok2gWyMVNjb4A58xv +dZSbyn/iEU4pXu6HyaWoEIfbys9/cv9/RFdV8DHyHwUfPlO7vg9QBPyuNJWrzm7 htwkWtbqCpioSz/qncq3iyjl4qQ5iZ3k27tJ9w53JVM9NscrIBHceq2zrsrk/HBY CjDmKpc2h4T6ttgS5AjgDE91rS02sLEQTU6dVQ0p48CrSvdR0FV39ISGfGEIkVB1 o8gr+FHruPdnzXJP7jRTOrQs7ez6F13S0gimfY5PUzMdN7uqrW25oeWOlro8bQdu AS9+LAF8GUZWiKEhiwCbgQ+7TeMdfpOvZmtvZIXKzxzntoriWKs= =Wf4M -----END PGP SIGNATURE-----
--- End Message ---
