Your message dated Thu, 25 Apr 2019 14:04:33 +0200
with message-id <[email protected]>
and subject line Re: Bug#927953: systemd: user and group files ignored in
tmpfiles.d files
has caused the Debian Bug report #927953,
regarding systemd: user and group files ignored in tmpfiles.d files
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
927953: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927953
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: systemd
Version: 215-17+deb8u12
Severity: important
Dear Maintainer,
it seems the recent security update led to systemd ignoring the user and
group columns in tmpfiles.d files. This immediately leads to postgresql
in the current oldstable version (postgresql-9.4 9.4.21-0+deb8u1,
postgresql-common 165+deb8u3) breaking on reboot.
This is /usr/lib/tmpfiles.d/postgrestql.conf from
postgresql-common 165+deb8u3:
# Directory for PostgreSQL sockets, lockfiles and stats tempfiles
d /var/run/postgresql 2775 postgres postgres - -
User and group postgres exist on the system. However, after reboot,
/var/run/postgresql has root:root as owner:
# stat /var/run/postgresql
File: ‘/var/run/postgresql’
Size: 60 Blocks: 0 IO Block: 4096 directory
Device: eh/14d Inode: 9690 Links: 3
Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2019-04-25 13:19:45.279148802 +0200
Modify: 2019-04-25 13:19:48.963148802 +0200
Change: 2019-04-25 13:19:48.963148802 +0200
Birth: -
This means postgres can't write its lock file in that directory, and
fails to start:
# systemctl status [email protected] -l
● [email protected] - PostgreSQL Cluster 9.4-main
Loaded: loaded (/lib/systemd/system/[email protected]; disabled)
Active: failed (Result: exit-code) since Thu 2019-04-25 13:19:49 CEST; 15s
ago
Process: 352 ExecStart=postgresql@%i %i start (code=exited, status=1/FAILURE)
Apr 25 13:19:49 [server] [email protected][352]: The PostgreSQL server failed
to start. Please check the log output:
Apr 25 13:19:49 [server] [email protected][352]: 2019-04-25 11:19:49 UTC
[390-1] FATAL: could not create lock file
"/var/run/postgresql/.s.PGSQL.5432.lock": Permission denied
Apr 25 13:19:49 [server] systemd[1]: [email protected]: control
process exited, code=exited status=1
Apr 25 13:19:49 [server] systemd[1]: Failed to start PostgreSQL Cluster
9.4-main.
Apr 25 13:19:49 [server] systemd[1]: Unit [email protected] entered
failed state.
I wonder whether that has something to do with the following item in the
change log:
* CVE-2017-18078: tmpfiles: refuse to chown()/chmod() files which are
hardlinked, unless protected_hardlinks sysctl is on.
Though protected_hardlinks is on:
# cat /proc/sys/fs/protected_hardlinks
1
And a directory can't be hardlinked anyway, so the relationship to that
change log entry might be a red herring.
-- Package-specific info:
-- System Information:
Debian Release: 8.11
APT prefers oldstable-updates
APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-8-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages systemd depends on:
ii acl 2.2.52-2
ii adduser 3.113+nmu3
ii initscripts 2.88dsf-59
ii libacl1 2.2.52-2
ii libaudit1 1:2.4-1+b1
ii libblkid1 2.25.2-6
ii libc6 2.19-18+deb8u10
ii libcap2 1:2.24-8
ii libcap2-bin 1:2.24-8
ii libcryptsetup4 2:1.6.6-5
ii libgcrypt20 1.6.3-2+deb8u5
ii libkmod2 18-3
ii liblzma5 5.1.1alpha+20120614-2+b3
ii libpam0g 1.1.8-3.1+deb8u2+b1
ii libselinux1 2.3-2
ii libsystemd0 215-17+deb8u12
ii mount 2.25.2-6
ii sysv-rc 2.88dsf-59
ii udev 215-17+deb8u12
ii util-linux 2.25.2-6
Versions of packages systemd recommends:
ii dbus 1.8.22-0+deb8u1
pn libpam-systemd <none>
Versions of packages systemd suggests:
pn systemd-ui <none>
-- Configuration Files:
/etc/systemd/timesyncd.conf changed [not included]
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 215-17+deb8u13
Am 25.04.19 um 13:37 schrieb Michael Prokop:
> * Florian Schmidt [Thu Apr 25, 2019 at 01:29:45PM +0200]:
>> Package: systemd
>> Version: 215-17+deb8u12
>> Severity: important
>
>> it seems the recent security update led to systemd ignoring the user and
>> group columns in tmpfiles.d files. This immediately leads to postgresql
>> in the current oldstable version (postgresql-9.4 9.4.21-0+deb8u1,
>> postgresql-common 165+deb8u3) breaking on reboot.
> [...]
>
> JFYI, this is already known and work in progress, see
> https://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/2019-April/038787.html
>
Closed by Mike Gabriel in 215-17+deb8u13
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
--- End Message ---
_______________________________________________
Pkg-systemd-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
