QA Regression Testing

test-glibc-security failed due to LD_AUDIT issue

Bug #2004159 reported by Pavel Kopylov
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QA Regression Testing
New
Undecided
Unassigned

Bug Description

I tried to run test-glibc-security.py on Ububtu18.04. There was an issue with the LD_AUDIT, environment variable. I had the following errors:

--------------- Begin of the console output ---------------
...
Running test: './test-glibc-security.py' distro: 'Ubuntu 18.04' kernel: '4.15.0-200.211 (Ubuntu 4.15.0-200.211-generic 4.15.18)' arch: 'amd64' uid: 0/0 SUDO_USER: 'testuser')
...
======================================================================
FAIL: test_70_env_okay_non_setuid (__main__.GlibcSecurityTest)
Ensure environment vars passed through to non-setuid progs
----------------------------------------------------------------------
Traceback (most recent call last):
  File "./test-glibc-security.py", line 172, in test_70_env_okay_non_setuid
    self._run_env_cmd("./env-is-defined", env, value)
  File "./test-glibc-security.py", line 161, in _run_env_cmd
    self.assertShellExitEquals(expected, ['su', '-c', '%s %s' % (cmd, env_var), os.environ['SUDO_USER']], env=new_env)
  File "/root/qrt-test-glibc-security/testlib.py", line 1249, in assertShellExitEquals
    self.assertEqual(expected, rc, msg + result + report)
AssertionError: Got exit code -11, expected 0
Command: 'su', '-c', './env-is-defined LD_AUDIT', 'testuser'
Output:

======================================================================
FAIL: test_71_env_filtered_setuid (__main__.GlibcSecurityTest)
Ensure environment vars filtered for setuid progs
----------------------------------------------------------------------
Traceback (most recent call last):
  File "./test-glibc-security.py", line 177, in test_71_env_filtered_setuid
    self._run_env_cmd("./env-is-defined-setuid", env, value, expected=1)
  File "./test-glibc-security.py", line 161, in _run_env_cmd
    self.assertShellExitEquals(expected, ['su', '-c', '%s %s' % (cmd, env_var), os.environ['SUDO_USER']], env=new_env)
  File "/root/qrt-test-glibc-security/testlib.py", line 1249, in assertShellExitEquals
    self.assertEqual(expected, rc, msg + result + report)
AssertionError: Got exit code -11, expected 1
Command: 'su', '-c', './env-is-defined-setuid LD_AUDIT', 'testuser'
Output:
---------------- End of the console output ----------------

However, the reason for the test to fail is the LD_AUDIT issue. For example, I ran the following command and got a SIGSEGV:

--------------- Begin of the console output ---------------
# LD_AUDIT=/lib/x86_64-linux-gnu/libmemusage.so nano
Segmentation fault
---------------- End of the console output ----------------

On the other hand, the "LD_PRELOAD=/lib/x86_64-linux-gnu/libmemusage.so nano" worked fine.

Moreover, the attempt to run the library /lib/x86_64-linux-gnu/libmemusage.so was failed with SIGSEVG, after it had been made executable of course:

--------------- Begin of the console output ---------------
# cp /lib/x86_64-linux-gnu/libmemusage.so /root/libmemusage.so
# chmod 755 /root/libmemusage.so
# /root/libmemusage.so
Segmentation fault
---------------- End of the console output ----------------

The following information about the library's version:

--------------- Begin of the console output ---------------
# dpkg -S /lib/x86_64-linux-gnu/libmemusage.so
libc6:amd64: /lib/x86_64-linux-gnu/libmemusage.so
# dpkg -s libc6
Package: libc6
Status: install ok installed
Priority: required
Section: libs
Installed-Size: 11886
Maintainer: Ubuntu Developers &lt;<email address hidden>&gt;
Architecture: amd64
Multi-Arch: same
Source: glibc
Version: 2.27-3ubuntu1.6
Replaces: libc6-amd64
Depends: libgcc1
Suggests: glibc-doc, debconf | debconf-2.0, locales
Breaks: hurd (&lt;&lt; 1:0.5.git20140203-1), libtirpc1 (&lt;&lt; 0.2.3), locales (&lt;&lt; 2.27), locales-all (&lt;&lt; 2.27), nscd (&lt;&lt; 2.27)
Conflicts: openrc (&lt;&lt; 0.27-2~)
Conffiles:
 /etc/ld.so.conf.d/x86_64-linux-gnu.conf d4e7a7b88a71b5ffd9e2644e71a0cfab
Description: GNU C Library: Shared libraries
 Contains the standard libraries that are used by nearly all programs on
 the system. This package includes shared versions of the standard C library
 and the standard math library, as well as many others.
Homepage: https://www.gnu.org/software/libc/libc.html
Original-Maintainer: GNU Libc Maintainers &lt;<email address hidden>&gt;
Original-Vcs-Browser: https://salsa.debian.org/glibc-team/glibc
Original-Vcs-Git: https://salsa.debian.org/glibc-team/glibc.git

---------------- End of the console output ----------------

I faced the aforementioned issue with libmemusage.so not only on the glibc 2.27 version but also on the glibc 2.35 version.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.