[Bug 1637026] Re: kill incorrectly parses negative PIDs

Martin Pitt martin.pitt at ubuntu.com
Fri Oct 28 10:00:04 UTC 2016 

> systemd-sysctl.service failed

This is indeed a known wart in LXD containers, and it's conceptually
difficult to fix (see bug 1576341 or
https://github.com/lxc/lxcfs/issues/111 for some earlier discussion).

It would be wrong if sysctl would entirely ignore all failures, as this
would make actual (unintended) failures/typos/etc. much harder to detect
-- we don't want to hide these.

"apt-get install --reinstall procps" in lxd actually works fine in
zesty, but not in xenial -- in xenial the postinst has "invoke-rc.d
procps start" which is gone from zesty.

The current versions (also in Debian) do not start the init script on
install/upgrades:

  https://anonscm.debian.org/cgit/collab-
maint/procps.git/tree/debian/rules#n89

and I think that's the right thing -- this is usually something you want
done at boot, but not during runtime, and it potentially breaks package
upgrades too. So if you want to SRU this override_dh_install along, that
would be fine with me (with my SRU hat on).

** Bug watch added: LXCFS bug tracker #111
   https://github.com/lxc/lxcfs/issues/111

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/1637026

Title:
  kill incorrectly parses negative PIDs

Status in procps package in Ubuntu:
  Fix Released
Status in procps source package in Xenial:
  Fix Committed

Bug description:
  [Impact]
  When kill is called with a negative argument, incorrect parsing can lead it to call sys_kill(-1), thus sending a signal to all permitted processes on the system. A couple of users have hit this while deploying Hadoop, which seems to tickle this - basically killing everything on the system.

  [Test Case]
  Though I don't know what Hadoop is calling, here's a couple of ways to trigger this:

  One possibility is if kill were called w/ a numeric signal that
  happened to start with a '1' and while omitting the required <pid>
  argument:

  kill -12

  Another would be to specify a numeric signal (that again happened to
  start with a 1) multiple times:
  kill -13 -13 12345

  [Regression Risk]
  This is a backport from upstream that is already available in 16.10, with no known regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1637026/+subscriptions

More information about the foundations-bugs mailing list