** Description changed: [Impact] - * On Ubuntu (Focal) 20.04, SSSD 2.2.3-3, logs in Journald have invalid + * On Ubuntu (Focal) 20.04, SSSD 2.2.3-3, logs in Journald have invalid (non-numeric) SYSLOG_PID. Any tooling collecting SYSLOG_PID further, or attempting to work with syslog directly, fail to parse the PID as number. - * Systemd does not validate, and simply expects SYSLOG_PID as numeric integers formatted as decimal strings: - https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html#SYSLOG_FACILITY= + * Systemd does not validate, and simply expects SYSLOG_PID as numeric integers formatted as decimal strings: + https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html#SYSLOG_FACILITY= [Test Case] - * Deploy fresh 20.04 image, and update: - apt update && apt dist-upgrade + * Deploy fresh 20.04 image, and update: + apt update && apt dist-upgrade - * apt -qqy install sssd + * apt -qqy install sssd - * cat << EOF > /etc/sssd/sssd.conf + * cat << EOF > /etc/sssd/sssd.conf [sssd] - config_file_version = 2 - domains = EXAMPLE.COM - services = + config_file_version = 2 + domains = EXAMPLE.COM + services = [nss] [pam] [sudo] [domain/EXAMPLE.COM] - id_provider = files - access_provider = permit + id_provider = files + access_provider = permit EOF - * chmod 600 /etc/sssd/sssd.conf + * chmod 600 /etc/sssd/sssd.conf - * systemctl restart sssd.service + * systemctl restart sssd.service - * journalctl -o verbose -u sssd-sudo.service | grep SYSLOG_PID= - SYSLOG_PID=sudo + * journalctl -o verbose -u sssd-sudo.service | grep SYSLOG_PID= + SYSLOG_PID=sudo - * journalctl -u sssd.service # Produces malformed example lines: - Dec 07 14:10:00 servername sssd[be[1234]: Starting up + * journalctl -u sssd.service # Produces malformed example lines: + Dec 07 14:10:00 servername sssd[be[1234]: Starting up - * grep sssd /var/log/syslog # Displays non-numeric PIDs: - Dec 7 08:00:00 servername sssd[be[EXAMPLE.COM]]: Starting up - Dec 7 08:00:00 servername sssd[nss]: Starting up - Dec 7 08:00:00 servername sssd[sudo]: Starting up - Dec 7 08:00:00 servername sssd[pam]: Starting up + * grep sssd /var/log/syslog # Displays non-numeric PIDs: + Dec 7 08:00:00 servername sssd[be[EXAMPLE.COM]]: Starting up + Dec 7 08:00:00 servername sssd[nss]: Starting up + Dec 7 08:00:00 servername sssd[sudo]: Starting up + Dec 7 08:00:00 servername sssd[pam]: Starting up [Where problems could occur] - * Someone might depend on the malformed output already, and have + * Someone might depend on the malformed output already, and have tooling in place to transform it manually. [Other Info] - - * Is not reproducible on Ubuntu (Groovy) 20.10 containing SSSD 2.3.1-3. Considering Debian testing is currently at SSSD 2.4.0-1, it does not appear applicable to fix in upstream. + + * Is not reproducible on Ubuntu (Groovy) 20.10 containing SSSD 2.3.1-3. + Considering Debian testing is currently at SSSD 2.4.0-1, it does not + appear applicable to fix in upstream. + + * The package itself does not appear to provide any SYSLOG_PID. The + SYSLOG_IDENTIFIER appears to instead 'leak' over into PID, hinting at + trouble on systemd side. SSSD source at: + https://github.com/SSSD/sssd/blob/sssd-2_2_3/src/util/sss_log.c#L110 + + * Applying a change to SYSLOG_IDENTIFIER (prefixing with "sssd[" and suffixing with "]") results in "SYSLOG_IDENTIFIER=sssd_be" being logged, and no SYSLOG_PID being reported. + Cherry-picked upstream commit for testing: https://github.com/SSSD/sssd/commit/18233532b72e62452eac6886652fa633ba055d8c
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908065 Title: Invalid SYSLOG_PID for (systemd) journal messages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1908065/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
