Package: tripwire Version: 2.4.3.7-4+b2 Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Dear Maintainer, Starting tripwire with either --check or --test (at least) causes it to segfault almost immediately. I would guess that the most likely cause of this is the new version of libc6 that arrived in testing this morning (a similar problem has been noted before: see bug #994910, for example). Here's what I get when I run it in check mode: > root:~# tripwire --check --interactive > Software interrupt forced exit: Arithmetic Exception > Software interrupt forced exit: Segmentation Fault > root:~# Here's an strace of the last few steps: > openat(AT_FDCWD, "/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2", > O_RDONLY|O_CLOEXEC) = 3 > read(3, > "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\247\1\0\0\0\0\0"..., 832) > = 832 > newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=206640, ...}, AT_EMPTY_PATH) > = 0 > mmap(NULL, 209464, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = > 0x7f62929c7000 > mmap(0x7f62929c8000, 151552, PROT_READ|PROT_EXEC, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f62929c8000 > mmap(0x7f62929ed000, 40960, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, > 3, 0x26000) = 0x7f62929ed000 > mmap(0x7f62929f7000, 16384, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2f000) = 0x7f62929f7000 > close(3) = 0 > mprotect(0x7f62929f7000, 8192, PROT_READ) = 0 > mprotect(0x7f62927ee000, 16384, PROT_READ) = 0 > mprotect(0x7f6292ca8000, 4096, PROT_READ) = 0 > prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, > rlim_max=RLIM64_INFINITY}) = 0 > --- SIGFPE {si_signo=SIGFPE, si_code=FPE_INTDIV, si_addr=0x7f6292750d85} --- > write(2, "Software interrupt forced exit: "..., 53Software interrupt forced > exit: Arithmetic Exception > ) = 53 > --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x421} --- > write(2, "Software interrupt forced exit: "..., 51Software interrupt forced > exit: Segmentation Fault > ) = 51 > exit_group(8) = ? > +++ exited with 8 +++ .....Ron Murray - -- Ron Murray <r...@rjmx.net> PGP Fingerprint: 4D99 70E3 2317 334B 141E 7B63 12F7 E865 B5E2 E761 - -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.19.1.khufu (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tripwire depends on: ii debconf [debconf-2.0] 1.5.79 ii sendmail-bin [mail-transport-agent] 8.17.1.9-1 tripwire recommends no packages. tripwire suggests no packages. - -- Configuration Files: /etc/tripwire/twpol.txt changed: @@section GLOBAL TWBIN = /usr/sbin; TWETC = /etc/tripwire; TWVAR = /var/lib/tripwire; @@section FS SEC_CRIT = $(IgnoreNone)-SHa ; # Critical files that cannot change SEC_BIN = $(ReadOnly) ; # Binaries that should not change SEC_CONFIG = $(Dynamic) ; # Config files that are changed # infrequently but accessed # often SEC_LOG = $(Growing) ; # Files that grow, but that # should never change ownership SEC_INVARIANT = +tpug ; # Directories that should never # change permission or ownership SIG_LOW = 33 ; # Non-critical files that are of # minimal security impact SIG_MED = 66 ; # Non-critical files that are of # significant security impact SIG_HI = 100 ; # Critical files that are # significant points of # vulnerability ( rulename = "Tripwire Binaries", severity = $(SIG_HI) ) { $(TWBIN)/siggen -> $(SEC_BIN) ; $(TWBIN)/tripwire -> $(SEC_BIN) ; $(TWBIN)/twadmin -> $(SEC_BIN) ; $(TWBIN)/twprint -> $(SEC_BIN) ; } ( rulename = "Tripwire Data Files", severity = $(SIG_HI) ) { $(TWVAR)/$(HOSTNAME).twd -> $(SEC_CONFIG) -i ; $(TWETC)/tw.pol -> $(SEC_BIN) -i ; $(TWETC)/tw.cfg -> $(SEC_BIN) -i ; $(TWETC)/$(HOSTNAME)-local.key -> $(SEC_BIN) ; $(TWETC)/site.key -> $(SEC_BIN) ; #don't scan the individual reports $(TWVAR)/report -> $(SEC_CONFIG) (recurse=0) ; } ( rulename = "Critical system boot files", severity = $(SIG_HI) ) { /boot -> $(SEC_CRIT) ; /lib/modules -> $(SEC_CRIT) ; } ( rulename = "Boot Scripts", severity = $(SIG_HI) ) { /etc/init.d -> $(SEC_BIN) ; /etc/rcS.d -> $(SEC_BIN) ; /etc/rc0.d -> $(SEC_BIN) ; /etc/rc1.d -> $(SEC_BIN) ; /etc/rc2.d -> $(SEC_BIN) ; /etc/rc3.d -> $(SEC_BIN) ; /etc/rc4.d -> $(SEC_BIN) ; /etc/rc5.d -> $(SEC_BIN) ; /etc/rc6.d -> $(SEC_BIN) ; /etc/systemd -> $(SEC_BIN) ; } ( rulename = "Root file-system executables", severity = $(SIG_HI) ) { /bin -> $(SEC_BIN) ; /sbin -> $(SEC_BIN) ; } ( rulename = "Root file-system libraries", severity = $(SIG_HI) ) { /lib -> $(SEC_BIN) ; } ( rulename = "Security Control", severity = $(SIG_MED) ) { /etc/passwd -> $(SEC_CONFIG) ; /etc/shadow -> $(SEC_CONFIG) ; } ( rulename = "Root config files", severity = 100 ) { /root -> $(SEC_CRIT) ; # Catch all additions to /root /root/.bashrc -> $(SEC_CONFIG) ; /root/.bash_profile -> $(SEC_CONFIG) ; /root/.Xdefaults -> $(SEC_CONFIG) ; /root/.Xauthority -> $(SEC_CONFIG) -i ; # Changes Inode number on login /root/.ICEauthority -> $(SEC_CONFIG) ; } ( rulename = "Devices & Kernel information", severity = $(SIG_HI), ) { /dev -> $(Device) ; } ( rulename = "Things that change all the time", severity = 0 ) { /etc/cups/printers.conf -> $(IgnoreAll) ; /etc/cups/printers.conf.O -> $(IgnoreAll) ; /etc/cups/subscriptions.conf -> $(IgnoreAll) ; /etc/cups/subscriptions.conf.O -> $(IgnoreAll) ; /root/.bash_history -> $(IgnoreAll) ; /root/.cache/dconf/user -> $(IgnoreAll) ; /root/.emacs.d/auto-save-list -> $(IgnoreAll) ; /root/.gnupg/random_seed -> $(IgnoreAll) ; /root/.lesshst -> $(IgnoreAll) ; /root/.local/share/lftp/transfer_log -> $(IgnoreAll) ; /root/.mc -> $(IgnoreAll) ; /root/.viminfo -> $(IgnoreAll) ; /root/.xsession-errors -> $(IgnoreAll) ; } ( rulename = "Other configuration files", severity = $(SIG_MED) ) { /etc -> $(SEC_BIN) ; } ( rulename = "Other binaries", severity = $(SIG_MED) ) { /usr/local/sbin -> $(SEC_BIN) ; /usr/local/bin -> $(SEC_BIN) ; /usr/sbin -> $(SEC_BIN) ; /usr/bin -> $(SEC_BIN) ; /opt -> $(SEC_BIN) ; } ( rulename = "Other libraries", severity = $(SIG_MED) ) { /usr/local/lib -> $(SEC_BIN) ; /usr/lib -> $(SEC_BIN) ; /usr/share/perl5 -> $(SEC_BIN) ; } ( rulename = "Invariant Directories", severity = $(SIG_MED) ) { / -> $(SEC_INVARIANT) (recurse = 0) ; /home -> $(SEC_INVARIANT) (recurse = 0) ; /tmp -> $(SEC_INVARIANT) (recurse = 0) ; /usr -> $(SEC_INVARIANT) (recurse = 0) ; /var -> $(SEC_INVARIANT) (recurse = 0) ; /var/tmp -> $(SEC_INVARIANT) (recurse = 0) ; } - -- debconf information: tripwire/upgrade: true tripwire/local-passphrase-incorrect: false tripwire/change-in-default-policy: tripwire/email-report: * tripwire/installed: * tripwire/rebuild-policy: true * tripwire/use-localkey: true tripwire/site-passphrase-incorrect: false * tripwire/rebuild-config: true tripwire/broken-passphrase: * tripwire/use-sitekey: true -----BEGIN PGP SIGNATURE----- iQJCBAEBCgAsFiEETZlw4yMXM0sUHntjEvfoZbXi52EFAmL6ubAOHHJqbXhAcmpt eC5uZXQACgkQEvfoZbXi52H8ow//cMDpAoJ4Hf33IXbM4taKSjsehtDj9n2pFbiV k86HrC6Z8bLtfb39ntdIx57EC5coXDA2JRtrrPnEsmHhb6hc6wYtOFzwVKGGbxeI cMk4ZZ+jZ/WjXRTLvatl5QcXIB46s1EOSVpzS8Fp2ufI5seRlmWza9QQeYi1SJxc rqWpIUGKjuzmBIwXlACy6jo6rDZ0VJyYSnMCe69LHzqGbBVgrHTg28apto+T/dNp d/xT9ukjqIKGpXa1hCmoDkKovcKSbA7MXdo6HuKEbo1aQBt9nn99M5vimY+LrEtA bf+PuqRTnCvpW94MqAnTsCzuDWeoNgvZqGHUes2WZee8dKKN2Hutz3gxUZdHvgrY b9z4XNsg8Tf1DFFeZeQhqay6XM1R3DISkx9XB1UT+ROPISDiaO9Uzl+jSPiunam2 1hKb502afBAEF+P1cJ4aGSpJxfrZtAtj2YOsKiqhuNoyRgOHNhj42bT4+dd6tDKn dUWfpMLL0D7h5B53CQC2YmLCfEfFcw68LxyaYy4+ei4RvcP7RW1HfzJuYO5atbz3 HIqbwmBIty8EQNJSCzq0G40X/2voofe/j7waZLBUvOoX8PmUgV46gojqwFmIgWSK LWS8c9xlTT8wIFLR35AUXCq6KrrYdXX0o9UJmxbKasE/ZwrQAh2IVddB0IodXwmM 5iLMtaw= =k/pB -----END PGP SIGNATURE-----