The description was updated to reflect changes in the test case for Groovy verification, as the initial test case was valid for Bionic and Focal (already mitigated on Groovy from upstream).
** Description changed: [Impact] * On Ubuntu (Focal) 20.04, SSSD 2.2.3-3, logs in journald have invalid (non-numeric) SYSLOG_PID. Any tooling collecting SYSLOG_PID further, or attempting to work with syslog directly, fail to parse the PID as number. * systemd does not validate, and simply expects SYSLOG_PID as numeric - integers formatted as decimal strings: https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html#SYSLOG_FACILITY= + integers formatted as decimal strings: + https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html#SYSLOG_FACILITY= * Fixed upstream by https://github.com/SSSD/sssd/commit/00e7b1ada3d1c1071eac79b65c17cd2701c2ae6a and https://github.com/SSSD/sssd/commit/18233532b72e62452eac6886652fa633ba055d8c - and https://github.com/SSSD/sssd/commit/01cc2674959ec249702465621f57259fc779650b + and https://github.com/SSSD/sssd/commit/01cc2674959ec249702465621f57259fc779650b [Test Case] * Deploy fresh 20.04 image, and update: apt update && apt dist-upgrade * apt -qqy install sssd * cat << EOF > /etc/sssd/sssd.conf [sssd] config_file_version = 2 domains = EXAMPLE.COM services = [nss] [pam] [sudo] [domain/EXAMPLE.COM] id_provider = files access_provider = permit EOF * chmod 600 /etc/sssd/sssd.conf * systemctl restart sssd.service - * journalctl -o verbose -u sssd-sudo.service | grep SYSLOG_PID= - SYSLOG_PID=sudo + * journalctl -o verbose -u sssd.service 'MESSAGE=Starting up' | + grep SYSLOG_IDENTIFIER= + SYSLOG_IDENTIFIER=sssd + SYSLOG_IDENTIFIER=sssd[be - * journalctl -u sssd.service # Produces malformed example lines: - Dec 07 14:10:00 servername sssd[be[1234]: Starting up + * journalctl -u sssd.service 'MESSAGE=Starting up' + Dec 07 14:10:00 servername sssd[1234]: Starting up + Dec 07 14:10:00 servername sssd[be[1235]: Starting up - * grep sssd /var/log/syslog # Displays non-numeric PIDs: - Dec 7 08:00:00 servername sssd[be[EXAMPLE.COM]]: Starting up - Dec 7 08:00:00 servername sssd[nss]: Starting up - Dec 7 08:00:00 servername sssd[sudo]: Starting up - Dec 7 08:00:00 servername sssd[pam]: Starting up + * grep -E '(sssd|be)[\[\:]' /var/log/syslog + Dec 07 14:10:00 servername sssd: Starting up + Dec 07 14:10:00 servername sssd[be[PROD.WORK]]: Starting up [Where problems could occur] * Someone might depend on the malformed output already, and have tooling in - place to transform it manually. + place to transform it manually. * Changes to log messages can cause lines to get picked up by things like - logwatch that weren't before. + logwatch that weren't before. ** Description changed: [Impact] * On Ubuntu (Focal) 20.04, SSSD 2.2.3-3, logs in journald have invalid (non-numeric) SYSLOG_PID. Any tooling collecting SYSLOG_PID further, or attempting to work with syslog directly, fail to parse the PID as number. * systemd does not validate, and simply expects SYSLOG_PID as numeric integers formatted as decimal strings: - https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html#SYSLOG_FACILITY= + https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html#SYSLOG_FACILITY= * Fixed upstream by https://github.com/SSSD/sssd/commit/00e7b1ada3d1c1071eac79b65c17cd2701c2ae6a and https://github.com/SSSD/sssd/commit/18233532b72e62452eac6886652fa633ba055d8c and https://github.com/SSSD/sssd/commit/01cc2674959ec249702465621f57259fc779650b [Test Case] * Deploy fresh 20.04 image, and update: apt update && apt dist-upgrade * apt -qqy install sssd * cat << EOF > /etc/sssd/sssd.conf [sssd] config_file_version = 2 domains = EXAMPLE.COM services = [nss] [pam] [sudo] [domain/EXAMPLE.COM] id_provider = files access_provider = permit EOF * chmod 600 /etc/sssd/sssd.conf * systemctl restart sssd.service - * journalctl -o verbose -u sssd.service 'MESSAGE=Starting up' | + * journalctl -o verbose -u sssd.service 'MESSAGE=Starting up' | grep SYSLOG_IDENTIFIER= - SYSLOG_IDENTIFIER=sssd - SYSLOG_IDENTIFIER=sssd[be + SYSLOG_IDENTIFIER=sssd + SYSLOG_IDENTIFIER=sssd[be - * journalctl -u sssd.service 'MESSAGE=Starting up' + * journalctl -u sssd.service 'MESSAGE=Starting up' Dec 07 14:10:00 servername sssd[1234]: Starting up Dec 07 14:10:00 servername sssd[be[1235]: Starting up - * grep -E '(sssd|be)[\[\:]' /var/log/syslog + * grep -E '(sssd|be)[\[\:]' /var/log/syslog Dec 07 14:10:00 servername sssd: Starting up - Dec 07 14:10:00 servername sssd[be[PROD.WORK]]: Starting up + Dec 07 14:10:00 servername sssd[be[EXAMPLE.COM]]: Starting up [Where problems could occur] * Someone might depend on the malformed output already, and have tooling in - place to transform it manually. + place to transform it manually. * Changes to log messages can cause lines to get picked up by things like - logwatch that weren't before. + logwatch that weren't before. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908065 Title: Invalid SYSLOG_PID for (systemd) journal messages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1908065/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
