Your message dated Mon, 22 Aug 2022 13:40:50 +0200 with message-id <[email protected]> and subject line Fixed with NMU has caused the Debian Bug report #1017423, regarding tripwire: Tripwire segfaults at start to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 1017423: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017423 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: tripwire Version: 2.4.3.7-4+b2 Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Dear Maintainer, Starting tripwire with either --check or --test (at least) causes it to segfault almost immediately. I would guess that the most likely cause of this is the new version of libc6 that arrived in testing this morning (a similar problem has been noted before: see bug #994910, for example). Here's what I get when I run it in check mode: > root:~# tripwire --check --interactive > Software interrupt forced exit: Arithmetic Exception > Software interrupt forced exit: Segmentation Fault > root:~# Here's an strace of the last few steps: > openat(AT_FDCWD, "/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2", > O_RDONLY|O_CLOEXEC) = 3 > read(3, > "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\247\1\0\0\0\0\0"..., 832) > = 832 > newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=206640, ...}, AT_EMPTY_PATH) > = 0 > mmap(NULL, 209464, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = > 0x7f62929c7000 > mmap(0x7f62929c8000, 151552, PROT_READ|PROT_EXEC, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f62929c8000 > mmap(0x7f62929ed000, 40960, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, > 3, 0x26000) = 0x7f62929ed000 > mmap(0x7f62929f7000, 16384, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2f000) = 0x7f62929f7000 > close(3) = 0 > mprotect(0x7f62929f7000, 8192, PROT_READ) = 0 > mprotect(0x7f62927ee000, 16384, PROT_READ) = 0 > mprotect(0x7f6292ca8000, 4096, PROT_READ) = 0 > prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, > rlim_max=RLIM64_INFINITY}) = 0 > --- SIGFPE {si_signo=SIGFPE, si_code=FPE_INTDIV, si_addr=0x7f6292750d85} --- > write(2, "Software interrupt forced exit: "..., 53Software interrupt forced > exit: Arithmetic Exception > ) = 53 > --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x421} --- > write(2, "Software interrupt forced exit: "..., 51Software interrupt forced > exit: Segmentation Fault > ) = 51 > exit_group(8) = ? > +++ exited with 8 +++ .....Ron Murray - -- Ron Murray <[email protected]> PGP Fingerprint: 4D99 70E3 2317 334B 141E 7B63 12F7 E865 B5E2 E761 - -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.19.1.khufu (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tripwire depends on: ii debconf [debconf-2.0] 1.5.79 ii sendmail-bin [mail-transport-agent] 8.17.1.9-1 tripwire recommends no packages. tripwire suggests no packages. - -- Configuration Files: /etc/tripwire/twpol.txt changed: @@section GLOBAL TWBIN = /usr/sbin; TWETC = /etc/tripwire; TWVAR = /var/lib/tripwire; @@section FS SEC_CRIT = $(IgnoreNone)-SHa ; # Critical files that cannot change SEC_BIN = $(ReadOnly) ; # Binaries that should not change SEC_CONFIG = $(Dynamic) ; # Config files that are changed # infrequently but accessed # often SEC_LOG = $(Growing) ; # Files that grow, but that # should never change ownership SEC_INVARIANT = +tpug ; # Directories that should never # change permission or ownership SIG_LOW = 33 ; # Non-critical files that are of # minimal security impact SIG_MED = 66 ; # Non-critical files that are of # significant security impact SIG_HI = 100 ; # Critical files that are # significant points of # vulnerability ( rulename = "Tripwire Binaries", severity = $(SIG_HI) ) { $(TWBIN)/siggen -> $(SEC_BIN) ; $(TWBIN)/tripwire -> $(SEC_BIN) ; $(TWBIN)/twadmin -> $(SEC_BIN) ; $(TWBIN)/twprint -> $(SEC_BIN) ; } ( rulename = "Tripwire Data Files", severity = $(SIG_HI) ) { $(TWVAR)/$(HOSTNAME).twd -> $(SEC_CONFIG) -i ; $(TWETC)/tw.pol -> $(SEC_BIN) -i ; $(TWETC)/tw.cfg -> $(SEC_BIN) -i ; $(TWETC)/$(HOSTNAME)-local.key -> $(SEC_BIN) ; $(TWETC)/site.key -> $(SEC_BIN) ; #don't scan the individual reports $(TWVAR)/report -> $(SEC_CONFIG) (recurse=0) ; } ( rulename = "Critical system boot files", severity = $(SIG_HI) ) { /boot -> $(SEC_CRIT) ; /lib/modules -> $(SEC_CRIT) ; } ( rulename = "Boot Scripts", severity = $(SIG_HI) ) { /etc/init.d -> $(SEC_BIN) ; /etc/rcS.d -> $(SEC_BIN) ; /etc/rc0.d -> $(SEC_BIN) ; /etc/rc1.d -> $(SEC_BIN) ; /etc/rc2.d -> $(SEC_BIN) ; /etc/rc3.d -> $(SEC_BIN) ; /etc/rc4.d -> $(SEC_BIN) ; /etc/rc5.d -> $(SEC_BIN) ; /etc/rc6.d -> $(SEC_BIN) ; /etc/systemd -> $(SEC_BIN) ; } ( rulename = "Root file-system executables", severity = $(SIG_HI) ) { /bin -> $(SEC_BIN) ; /sbin -> $(SEC_BIN) ; } ( rulename = "Root file-system libraries", severity = $(SIG_HI) ) { /lib -> $(SEC_BIN) ; } ( rulename = "Security Control", severity = $(SIG_MED) ) { /etc/passwd -> $(SEC_CONFIG) ; /etc/shadow -> $(SEC_CONFIG) ; } ( rulename = "Root config files", severity = 100 ) { /root -> $(SEC_CRIT) ; # Catch all additions to /root /root/.bashrc -> $(SEC_CONFIG) ; /root/.bash_profile -> $(SEC_CONFIG) ; /root/.Xdefaults -> $(SEC_CONFIG) ; /root/.Xauthority -> $(SEC_CONFIG) -i ; # Changes Inode number on login /root/.ICEauthority -> $(SEC_CONFIG) ; } ( rulename = "Devices & Kernel information", severity = $(SIG_HI), ) { /dev -> $(Device) ; } ( rulename = "Things that change all the time", severity = 0 ) { /etc/cups/printers.conf -> $(IgnoreAll) ; /etc/cups/printers.conf.O -> $(IgnoreAll) ; /etc/cups/subscriptions.conf -> $(IgnoreAll) ; /etc/cups/subscriptions.conf.O -> $(IgnoreAll) ; /root/.bash_history -> $(IgnoreAll) ; /root/.cache/dconf/user -> $(IgnoreAll) ; /root/.emacs.d/auto-save-list -> $(IgnoreAll) ; /root/.gnupg/random_seed -> $(IgnoreAll) ; /root/.lesshst -> $(IgnoreAll) ; /root/.local/share/lftp/transfer_log -> $(IgnoreAll) ; /root/.mc -> $(IgnoreAll) ; /root/.viminfo -> $(IgnoreAll) ; /root/.xsession-errors -> $(IgnoreAll) ; } ( rulename = "Other configuration files", severity = $(SIG_MED) ) { /etc -> $(SEC_BIN) ; } ( rulename = "Other binaries", severity = $(SIG_MED) ) { /usr/local/sbin -> $(SEC_BIN) ; /usr/local/bin -> $(SEC_BIN) ; /usr/sbin -> $(SEC_BIN) ; /usr/bin -> $(SEC_BIN) ; /opt -> $(SEC_BIN) ; } ( rulename = "Other libraries", severity = $(SIG_MED) ) { /usr/local/lib -> $(SEC_BIN) ; /usr/lib -> $(SEC_BIN) ; /usr/share/perl5 -> $(SEC_BIN) ; } ( rulename = "Invariant Directories", severity = $(SIG_MED) ) { / -> $(SEC_INVARIANT) (recurse = 0) ; /home -> $(SEC_INVARIANT) (recurse = 0) ; /tmp -> $(SEC_INVARIANT) (recurse = 0) ; /usr -> $(SEC_INVARIANT) (recurse = 0) ; /var -> $(SEC_INVARIANT) (recurse = 0) ; /var/tmp -> $(SEC_INVARIANT) (recurse = 0) ; } - -- debconf information: tripwire/upgrade: true tripwire/local-passphrase-incorrect: false tripwire/change-in-default-policy: tripwire/email-report: * tripwire/installed: * tripwire/rebuild-policy: true * tripwire/use-localkey: true tripwire/site-passphrase-incorrect: false * tripwire/rebuild-config: true tripwire/broken-passphrase: * tripwire/use-sitekey: true -----BEGIN PGP SIGNATURE----- iQJCBAEBCgAsFiEETZlw4yMXM0sUHntjEvfoZbXi52EFAmL6ubAOHHJqbXhAcmpt eC5uZXQACgkQEvfoZbXi52H8ow//cMDpAoJ4Hf33IXbM4taKSjsehtDj9n2pFbiV k86HrC6Z8bLtfb39ntdIx57EC5coXDA2JRtrrPnEsmHhb6hc6wYtOFzwVKGGbxeI cMk4ZZ+jZ/WjXRTLvatl5QcXIB46s1EOSVpzS8Fp2ufI5seRlmWza9QQeYi1SJxc rqWpIUGKjuzmBIwXlACy6jo6rDZ0VJyYSnMCe69LHzqGbBVgrHTg28apto+T/dNp d/xT9ukjqIKGpXa1hCmoDkKovcKSbA7MXdo6HuKEbo1aQBt9nn99M5vimY+LrEtA bf+PuqRTnCvpW94MqAnTsCzuDWeoNgvZqGHUes2WZee8dKKN2Hutz3gxUZdHvgrY b9z4XNsg8Tf1DFFeZeQhqay6XM1R3DISkx9XB1UT+ROPISDiaO9Uzl+jSPiunam2 1hKb502afBAEF+P1cJ4aGSpJxfrZtAtj2YOsKiqhuNoyRgOHNhj42bT4+dd6tDKn dUWfpMLL0D7h5B53CQC2YmLCfEfFcw68LxyaYy4+ei4RvcP7RW1HfzJuYO5atbz3 HIqbwmBIty8EQNJSCzq0G40X/2voofe/j7waZLBUvOoX8PmUgV46gojqwFmIgWSK LWS8c9xlTT8wIFLR35AUXCq6KrrYdXX0o9UJmxbKasE/ZwrQAh2IVddB0IodXwmM 5iLMtaw= =k/pB -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Hi, 2.4.3.7-4+b3 fixed this. Thanks for your bug report, Alberto -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico mailto/sip: [email protected] | en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
--- End Message ---
