Package: dhcpcd
Version: 9.4.1-13
Severity: important
Dear Maintainer,
Since the most recent update I'm no longer able to use dhcpcd. I'm not
sure if there's an interaction with systemd and/or seccomp.
dhcpcd is killed after an audit event regarding syscall #318:
2023-01-18T09:05:44.299064+01:00 zbox kernel: [10110.299013] audit: type=1326
audit(1674029144.292:13): \
auid=4294967295 uid=120 gid=65534 ses=4294967295 subj=unconfined pid=16134 \
comm="dhcpcd" exe="/usr/sbin/dhcpcd" sig=31 arch=c000003e syscall=318
compat=0 ip=0x7fec5af9a045 code=0x0
According to /usr/include/x86_64-linux-gnu/asm/unistd_64.h, this syscall
number is getrandom(), which should be allowed by the @system-service
SystemCallFilter in /lib/systemd/system/dhcpcd.service. Disabling the
SystemCallFilter or changing it to @known doesn't improve the situation.
This is a complete syslog extract showing one failed start of dhcpcd:
2023-01-18T09:05:44.284259+01:00 zbox dhcpcd[16132]: dhcpcd-9.4.1 starting
2023-01-18T09:05:44.285906+01:00 zbox dhcpcd[16135]: dev: loaded udev
2023-01-18T09:05:44.286005+01:00 zbox dhcpcd[16135]: ps_dropprivs: chroot:
/usr/lib/dhcpcd: Operation not permitted
2023-01-18T09:05:44.286278+01:00 zbox dhcpcd[16132]: ps_dropprivs: chroot:
/usr/lib/dhcpcd: Operation not permitted
2023-01-18T09:05:44.286351+01:00 zbox dhcpcd[16132]: ps_dropprivs: chroot:
/usr/lib/dhcpcd: Operation not permitted
2023-01-18T09:05:44.286400+01:00 zbox dhcpcd[16135]: ps_dropprivs: chroot:
/usr/lib/dhcpcd: Operation not permitted
2023-01-18T09:05:44.286459+01:00 zbox dhcpcd[16135]: DUID
00:04:03:00:02:00:04:00:05:00:00:06:00:07:00:08:00:09
2023-01-18T09:05:44.296952+01:00 zbox dhcpcd[16135]: eth0: IAID 2e:4e:fe:b6
2023-01-18T09:05:44.297026+01:00 zbox dhcpcd[16135]: ps_ctl_listen: read:
Success
2023-01-18T09:05:44.297081+01:00 zbox dhcpcd[16135]: ps_ctl_recv: read: Success
2023-01-18T09:05:44.297172+01:00 zbox systemd[1]: dhcpcd.service: Main process
exited, code=killed, status=31/SYS
2023-01-18T09:05:44.299064+01:00 zbox kernel: [10110.299013] audit: type=1326
audit(1674029144.292:13): \
auid=4294967295 uid=120 gid=65534 ses=4294967295 subj=unconfined pid=16134 \
comm="dhcpcd" exe="/usr/sbin/dhcpcd" sig=31 arch=c000003e syscall=318
compat=0 ip=0x7fec5af9a045 code=0x0
2023-01-18T09:06:55.943107+01:00 zbox dhcpcd[16135]: ps_sendcmdmsg: Connection
refused
2023-01-18T09:06:55.943407+01:00 zbox dhcpcd[16135]: ps_inet_recvra: Connection
refused
2023-01-18T09:07:14.369135+01:00 zbox systemd[1]: dhcpcd.service: State
'stop-sigterm' timed out. Killing.
2023-01-18T09:07:14.369676+01:00 zbox systemd[1]: dhcpcd.service: Killing
process 16135 (dhcpcd) with signal SIGKILL.
2023-01-18T09:07:14.371498+01:00 zbox systemd[1]: dhcpcd.service: Failed with
result 'signal'.
My workaround was to install udhcpc from busybox, but this package
doesn't provide IPv6 connectivity.
Thanks,
Beat Bolli
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-1-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_CH.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages dhcpcd depends on:
ii dhcpcd-base 9.4.1-13
ii lsb-base 11.5
ii sysvinit-utils [lsb-base] 3.06-2
dhcpcd recommends no packages.
Versions of packages dhcpcd suggests:
pn dhcpcd-gtk <none>
ii openresolv [resolvconf] 3.12.0-3
-- no debconf information
