Public bug reported:
Failure occurs on Ubuntu 16.04 with the apparmor-
profiles-2.10.95-0ubuntu2.10 package installed.
Running update-grub will run /usr/bin/os-prober, which spews about a
dozen of the following line to stderr:
logger: socket /dev/log: Protocol wrong type for socket
… but fails to report the existence of some installed operating systems
as expected.
Furthermore, /var/log/messages contains:
kernel: audit: type=1400 audit(1556043066.679:11460):
apparmor="ALLOWED" operation="sendmsg" info="Failed name lookup -
disconnected path" error=-13 profile="syslog-ng" name="dev/log"
pid=28566 comm="logger" requested_mask="r" denied_mask="r" fsuid=0
ouid=0
Here is a stripped-down skeleton of the /usr/bin/os-prober script, which
demonstrates the problem:
#!/bin/sh
set -e -x
newns () {
[ "$OS_PROBER_NEWNS" ] || exec /usr/lib/os-prober/newns "$0" "$@"
}
log() {
logger -t "$(basename "$0")" "$@"
}
debug() {
log "debug: $@"
}
ls -l /dev/log
debug "Hello world"
newns "$@"
The expected behavior is that it should write "debug: os-prober-testcase
Hello world" to /var/log/messages twice. However, it only succeeds in
writing "Hello world" once. After the script respawns itself with
/usr/lib/os-prober/newns (which is like `unshare -m`), the second
attempt to write to /dev/log fails as described above.
Since the os-prober Bash script runs with the -e flag, any error, even
just a logging error, causes the script to terminate prematurely.
(Arguably, the log() function should call `logger -t "$(basename "$0")"
"$@" || :` so that logging failures aren't fatal.)
The fix, for me, is to edit /etc/apparmor.d/sbin.syslog-ng, and change
profile syslog-ng /{usr/,}sbin/syslog-ng flags=(complain) {\
…
}
to
profile syslog-ng /{usr/,}sbin/syslog-ng
flags=(complain,attach_disconnected) {
…
}
… then run `aa-complain sbin.syslog-ng` and `service syslog-ng restart`,
before running update-grub again. I assume that similar fixes would be
required for the other logging daemons.
** Affects: apparmor-profiles
Importance: Undecided
Status: New
** Affects: os-prober (Ubuntu)
Importance: Undecided
Status: New
** Also affects: apparmor-profiles
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1826294
Title:
os-prober exits prematurely with "logger: socket /dev/log: Protocol
wrong type for socket"
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor-profiles/+bug/1826294/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
