[Bug 1832074] [NEW] base-files '/etc/update-motd.d/50-motd-news' reports system use to Ubuntu
Public bug reported: System information:: root@here $ lsb_release -rd Description:Ubuntu 18.04.2 LTS Release:18.04 root@here$ dpkg -l base-files | tail -1 ii base-files 10.1ubuntu2.4 amd64Debian base system miscellaneous files What I expect to happen:: Logins to my machine should not be communicated to anyone else, and should not provide anyone else of information about my machine. What does happen:: Logins to my machine report that a login occurred, and provide details about the installed system, to Ubuntu. Report:: I've just upgraded fromt Trusty to Bionic, and found that on login I get a message telling me something about Ubuntu's Kubernetes. I don't want advertising presented to me when I log in to MY system, so I began to investigate where this is happening - assuming that /etc/update- motd.d/10-help-text or 00-header had been updated during the upgrade and recreated with this content. Instead, I discover that there is another script that has been added - /etc/update-motd.d/50-motd-news - which adds this junk text to the login. Not only that, but the script comminucates with Ubuntu, to fetch that information. Not only that, but it provides information about the system that is running as part of the request. During the upgrade, I was not asked about whether it was ok for the system to call home every time I login (or every 12 hours, whichever is sooner, but at least a minute after you boot), and it absolutely would not be my expectation that this be the default. When I log in to my machine, I do not expect that the event would be reported to any off- site system, and I suspect that most other users would be surprised if not horrified to find that the fact that a system is in use was being reported to Ubuntu. The service can be disabled by changing a setting in /etc/defaults/motd- news from ENABLED=1 to ENABLED=0, but this almost certainly should be defaulting to 0 - tracking disabled by default, not tracking enabled by default. For example, on my system this provides a user agent containing: ``` curl/7.58.0-2ubuntu3.7 Ubuntu/18.04.2/LTS GNU/Linux/4.15.0-50-generic/x86_64 Intel(R)/Xeon(R)/CPU/X5675/@/3.07GHz uptime/580915.35/4598709.84 ``` This means that every time the user logs in (or after 12 hours from the prior log in, whichever is longer) Ubuntu receives: * The IP address of a system that is in use (which might be behind NAT, but it's still a report). * The Distribution version details. * The Kernel version details * The CPU type * The uptime Knowing where a machine is, that it is active, exactly what type of system it is an how often it is restarted, would be an awesome dataset for any attacker to obtain - ideally (for them) it tells them the location of systems that are alive, how they might be attacked - from the distribution version, the kernel and the CPU information, you can determine a set of vulnerabilities to attack - and the uptime, which will indicate how likely the system is to be patched. The only thing that might be worse might be to include a cookie-jar on the curl command, which would allow tracking of individual systems, rather than aggregating them behind NAT using the IP (although it's still possible that the data reported in the user agent may be able to make that information individually usable). That said, the root user could (unintentionally) enable a cookie jar in their .curlrc and thus enable individual system tracking without realising. Whilst there may be legitimate reasons for reporting this information (say for reporting to the user that their system has updates available or that the system is vulnerable!), an advertising tool which reports the system's information regularly back to home does not seem appropriate for a 'base-files' package. The surprise at having my logins recorded on a remote site pales in comparison to the horror of recording a database of systems that might be abused. The Privacy and potential Security concerns of this feature hugely outweigh any perceived benefit to the user, and I believe that the right course of action is to remove this script entirely from the distribution. At the very least the script's operation should default to being disabled. ** Affects: base-files (Ubuntu) Importance: Undecided Status: New ** Tags: privacy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1832074 Title: base-files '/etc/update-motd.d/50-motd-news' reports system use to Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1832074/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 855800] Re: KVM crashes when attempting to restart migration
I haven't attempted to reproduce the issue recently, I'm afraid. I've changed jobs twice in the intervening time, so the immediate issue for me has gone away. If I find an opportunity, I shall try to reproduce with the most recent versions. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/855800 Title: KVM crashes when attempting to restart migration To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/855800/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1240143] Re: NFS client reports a 'readdir loop' with a corrupt name
Kernel bug remains. Realised that jsalisbury had said that I should mark it as confirmed, and I hadn't. ** Changed in: linux (Ubuntu) Status: Expired => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1240143 Title: NFS client reports a 'readdir loop' with a corrupt name To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1240143/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1240143] Re: NFS client reports a 'readdir loop' with a corrupt name
Tested with kernel 3.12 as advised and we still see the problem. ** Tags added: kernel-bug-exists-upstream -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1240143 Title: NFS client reports a 'readdir loop' with a corrupt name To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1240143/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1240143] Re: NFS client reports a 'readdir loop' with a corrupt name
Missing log files were intentional; these are company systems and I am not allowed by policy to upload arbitrary files without review. Testing to follow, but as the problem is sporadic, I'm not sure that we can say categorically that it is a fixed or not. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1240143 Title: NFS client reports a 'readdir loop' with a corrupt name To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1240143/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1240143] Re: NFS client reports a 'readdir loop' with a corrupt name
"We have an NFS server running on a RedHat system." ... which we access through an Ubuntu 12.04 LTS system. It is on this system that the NFS client problems occur. Sorry, that wasn't especially clear :-( -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1240143 Title: NFS client reports a 'readdir loop' with a corrupt name To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1240143/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1240143] [NEW] NFS client reports a 'readdir loop' with a corrupt name
Public bug reported: We have an NFS server running on a RedHat system. One particular directory contains many, many RPMs (96850). It reports that there is a 'readdir loop', and the loop in question contains corrupted names. I assume the name corruption is happening on the Linux kernel end, not the server end: "NFS: directory Development/rpms contains a readdir loop.Please contact your server vendor. The file: foo-bar-11.0flange-12345.AB5.x86_64.rpmmpmpmmT53 has duplicate cookie 1110018804" "NFS: directory Development/rpms contains a readdir loop.Please contact your server vendor. The file: widget-wiggle-11.0-12356.AB5.x86_64.rpmpm.AB5.x86_64.rpm\xm has duplicate cookie 353422206" Since the corrupted names are never displayed in an 'ls' of the directory (even whilst the problem is occurring), I assume that this is a presentation problem in the warning message. Unfortunately the problem had gone away by the time I tried using tcpdump to capture the on-the-wire data. jfletcher@gromit:~$ cat /proc/version Linux version 3.2.0-29-generic (buildd@allspice) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #46-Ubuntu SMP Fri Jul 27 17:03:23 UTC 2012 jfletcher@gromit:~$ lsb_release -rd Description:Ubuntu 12.04.3 LTS Release:12.04 The lspci information would not be useful - the system was running under KVM, with a single interface. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1240143 Title: NFS client reports a 'readdir loop' with a corrupt name To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1240143/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 855800] Re: KVM crashes when attempting to restart migration
Oops, I meant "I cannot play a game of ..." -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/855800 Title: KVM crashes when attempting to restart migration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/855800/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 855800] Re: KVM crashes when attempting to restart migration
If you *need* to use the live migration (rather than offline migration by copying the disk images) you have already made a decision that the service is sufficiently important that you cannot have downtime on it. If the live migration could fail, and resuming it could crash (as reported), this is going to be a serious concern and most likely not a risk you would wish to take with a service that you have already decided is so vital as to not need downtime. The migration feature that if used might crash, is not a feature I would like to trust my valuable services to. Therefore I would suggest that this crash have the same priority as the migration feature. If migration is a low priority feature then it would be find as 'low' priority', but if the live migration is an important feature to have then it needs to be solid. As an administrator of services, I play have a game of Russian-roulette with them, and migration is that game at present. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/855800 Title: KVM crashes when attempting to restart migration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/855800/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 855800] Re: KVM crashes when attempting to restart migration
That's correct for the testing I have performed. I have been able to perform repeated migrate/migrate_cancel operations much more quickly than I have been able to perform actual migrations, therefore the test set of migrate operations after a cancel is at least an order of magnitude larger than the test set of completing migrations. Background in case it's relevant: I was doing this to test the behaviour if (for example) the target system failed during the migration and it was necessary to cancel and restart, as such resilience is important for the services I maintain. If there's any more information required, I'm happy to provide help :-) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/855800 Title: KVM crashes when attempting to restart migration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/855800/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 855800] [NEW] KVM crashes when attempting to restart migration
Public bug reported: Operations performed: Sequence to trigger crash: * Start two kvm systems, one on gerph (primary), one on nbuild2 (listening for incoming migration) - do not use -daemonize * On gerph, connect to monitor. * "migrate -d -b tcp:nbuild2:" * "info migrate" * "migrate_cancel" * "info migrate" * "migrate -d -b tcp:nbuild2:" * crashed with assertion: kvm: block-migration.c:355: flush_blks: Assertion `block_mig_state.read_done >= 0' failed. Connection closed by foreign host. [1]+ Aborted (core dumped) kvm -drive file=./copy-disk2.img,boot=on -m 4096 -serial mon:telnet::23023,server,nowait -balloon virtio -vnc :99 -usbdevice tablet -net nic,macaddr=f6:a6:31:53:89:9a,model=rtl8139,vlan=0 -net tap,vlan=0 Repeating the operations above often dies in different places; just repeat the cancel and restart the operation. Because the KVM system dies, the underlying VM is obviously terminated. Distribution: jfletcher@gerph:~$ lsb_release -rd Description:Ubuntu 10.04.3 LTS Release:10.04 Package: jfletcher@gerph:~$ apt-cache policy kvm kvm: Installed: 1:84+dfsg-0ubuntu16+0.12.3+noroms+0ubuntu9.15 Candidate: 1:84+dfsg-0ubuntu16+0.12.3+noroms+0ubuntu9.15 Version table: *** 1:84+dfsg-0ubuntu16+0.12.3+noroms+0ubuntu9.15 0 500 http://gb.archive.ubuntu.com/ubuntu/ lucid-updates/main Packages 500 http://security.ubuntu.com/ubuntu/ lucid-security/main Packages 100 /var/lib/dpkg/status 1:84+dfsg-0ubuntu16+0.12.3+noroms+0ubuntu9 0 500 http://gb.archive.ubuntu.com/ubuntu/ lucid/main Packages ** Affects: qemu-kvm (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/855800 Title: KVM crashes when attempting to restart migration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/855800/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs