I've verified the fix for this issue, but it appears to have exposed a
bug with updating procps in an LXD container. Below I'll show the
verification, followed by the update issue.
root@procps:~# apt-cache policy procps | grep Installed
Installed: 2:3.3.10-4ubuntu2
root@procps:~# strace -f -o /tmp/strace.out su dannf -c '/bin/kill -12'
root@procps:~# grep sys_kill /tmp/strace.out
root@procps:~# grep kill /tmp/strace.out
3057 execve("/bin/su", ["su", "dannf", "-c", "/bin/kill -12"], [/* 11 vars
*/]) = 0
3062 execve("/bin/bash", ["bash", "-c", "/bin/kill -12"], [/* 17 vars */]
<unfinished ...>
3062 execve("/bin/kill", ["/bin/kill", "-12"], [/* 17 vars */]) = 0
3062 kill(4294967295, SIGUSR2) = 0
(strace is interpreting the first arg as an unsigned int - it is -1 when
signed.)
After the upgrade:
root@procps:~# strace -f -o /tmp/strace.out.new su dannf -c '/bin/kill -12'
root@procps:~# grep kill /tmp/strace.out.new
4241 execve("/bin/su", ["su", "dannf", "-c", "/bin/kill -12"], [/* 11 vars
*/]) = 0
4246 execve("/bin/bash", ["bash", "-c", "/bin/kill -12"], [/* 17 vars */]
<unfinished ...>
4246 execve("/bin/kill", ["/bin/kill", "-12"], [/* 17 vars */]) = 0
4246 kill(-12, SIGUSR2) = -1 ESRCH (No such process)
However, here's the issue I observed upgrading in a container:
root@procps:~# apt install procps
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
procps
1 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.
Need to get 208 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://ports.ubuntu.com/ubuntu-ports xenial-proposed/main arm64 procps
arm64 2:3.3.10-4ubuntu2.1 [208 kB]
Fetched 208 kB in 0s (230 kB/s)
(Reading database ... 25398 files and directories currently installed.)
Preparing to unpack .../procps_2%3a3.3.10-4ubuntu2.1_arm64.deb ...
Unpacking procps (2:3.3.10-4ubuntu2.1) over (2:3.3.10-4ubuntu2) ...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for systemd (229-4ubuntu11) ...
Setting up procps (2:3.3.10-4ubuntu2.1) ...
update-rc.d: warning: start and stop actions are no longer supported; falling
back to defaults
Job for systemd-sysctl.service failed because the control process exited with
error code. See "systemctl status systemd-sysctl.service" and "journalctl -xe"
for details.
invoke-rc.d: initscript procps, action "start" failed.
dpkg: error processing package procps (--configure):
subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
procps
E: Sub-process /usr/bin/dpkg returned an error code (1)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/1637026
Title:
kill incorrectly parses negative PIDs
Status in procps package in Ubuntu:
Fix Released
Status in procps source package in Xenial:
Fix Committed
Bug description:
[Impact]
When kill is called with a negative argument, incorrect parsing can lead it
to call sys_kill(-1), thus sending a signal to all permitted processes on the
system. A couple of users have hit this while deploying Hadoop, which seems to
tickle this - basically killing everything on the system.
[Test Case]
Though I don't know what Hadoop is calling, here's a couple of ways to
trigger this:
One possibility is if kill were called w/ a numeric signal that
happened to start with a '1' and while omitting the required <pid>
argument:
kill -12
Another would be to specify a numeric signal (that again happened to
start with a 1) multiple times:
kill -13 -13 12345
[Regression Risk]
This is a backport from upstream that is already available in 16.10, with no
known regressions.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1637026/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
