Source: snapd
Version: 2.75.2-1
Usertags: pidof-without-procps
Dear maintainer(s) of snapd,
it appears that snapd uses `pidof` in its testsuite, or that
at least one of its binary packages uses `pidof` at runtime.
Historically, `pidof` was provided by the Essential package
`sysvinit-tools`, making an explicit dependency unnecessary. However
`pidof` will soon be moved to `procps` and will no longer be part of
the Essential set.
Please add an explicit dependency on `procps`:
* via the `Depends:` field of all binary packages of snapd
that use `pidof` at runtime;
* via the `Build-Depends:` field of snapd, if `pidof` is
used in tests run at build-time;
* via the `Depends:` field of `debian/control/tests`, if `pidof` is
used in autopkgtests.
To prevent any disruption for users of snapd, please add
this dependency now, before `pidof` is moved from `sysvinit-utils` to
`procps`. Alternatively, you could remove all uses of `pidof`.
It is believed that snapd uses `pidof` due to the following
code snippets:
```
path: snapd_2.73-3/tests/main/snapd-reexec/task.yaml
# This check is valid only if snap command is re-executing to the snap
if [ "$IS_REEXEC" = true ]; then
SNAPD_PATH=$(readlink -f "/proc/$(pidof snapd)/exe")
if [ "$SNAPD_PATH" != "/snap/$SNAPD_SRC/${now_src}/usr/lib/snapd/snapd"
]; then
echo "unexpected $SNAPD_PATH for $now_src snap (previous $prev_src)"
path: snapd_2.73-3/core-initrd/26.04/bin/ubuntu-core-initramfs
"i2ctransfer", "ifconfig", "ip", "kill", "ln", "loadfont",
"loadkmap", "ls",
"lzop", "mkdir", "mkfifo", "mknod", "mkswap", "mktemp", "more",
"mv", "nuke", "openvt", "pidof", "printf", "ps", "pwd", "readlink",
"reset", "rm", "rmdir", "run-init", "sed", "seq", "setkeycodes",
"sh", "sleep", "sort", "stat", "static-sh", "stty", "switch_root",
"sync",
path: snapd_2.73-3/tests/main/fips/task.yaml
execute: |
pmap -p "$(pidof snapd)" > snapd-map.out
case "$SPREAD_SYSTEM" in
ubuntu-fips-*)
path: snapd_2.73-3/spread.yaml
# assert state of reexec
pmap -p "$(pidof snapd)" | MATCH
"$SNAP_MOUNT_DIR/snapd/.*/usr/lib/snapd/snapd"
snap debug execution snap | MATCH 'is-reexecd: true'
# assert internal apparmor?
path: snapd_2.73-3/tests/core/snapd-failover/task.yaml
echo "Ensure snapd is still running as part of the snapd.service
unit"
# shellcheck disable=SC2046,SC2002
cat /proc/$(pidof snapd)/cgroup | MATCH /snapd.service
fi
path: snapd_2.73-3/tests/core/snapd-failover/task.yaml
echo "Ensure snapd is running as part of the snapd.service unit"
# shellcheck disable=SC2046,SC2002
cat /proc/$(pidof snapd)/cgroup | MATCH /snapd.service
echo "restart snapd and ensure we can still talk to it"
path: snapd_2.73-3/tests/core/snapd-failover/task.yaml
echo "Ensure snapd is running as part of the snapd.service unit"
# shellcheck disable=SC2046,SC2002
cat /proc/$(pidof snapd)/cgroup | MATCH /snapd.service
echo "Verify that a random signal does not trigger the failure handling"
path: snapd_2.73-3/tests/core/snapd-failover/task.yaml
# snap-failure restarts the snapd service
# shellcheck disable=SC2046,SC2002,SC2016
retry -n 60 --wait 1 sh -e -c 'cat /proc/$(pidof snapd)/cgroup |
MATCH /snapd.service'
# the socket access is still functional
snap list
path: snapd_2.73-3/tests/lib/random.sh
sysctl kernel.random.entropy_avail || true
ls -l /dev/*random*
pids=$(pidof gpg-agent)
for p in $pids; do
ps -q "$p"
path: snapd_2.73-3/tests/core/snapd-refresh/task.yaml
exit 1
fi
running="$(readlink -f /proc/"$(pidof snapd)"/exe)"
if echo "$running" | grep "/snap/snapd/$current/usr/lib/"; then
echo "The current running snapd is not $running"
path: snapd_2.73-3/tests/core/snapd-refresh/task.yaml
snap list | MATCH "snapd.*$current "
echo "And we see the original snapd running"
running="$(readlink -f /proc/"$(pidof snapd)"/exe)"
echo "$running" | MATCH "/snap/snapd/$current/usr/lib/"
done
```
Feel free to close this issue if this is a false positive (for example
if this code is in an unreachable code path).
Regards,
--
Gioele Barabucci
