[Bug 1708008] Re: rabbitmq-server 3.5.7-1ubuntu0.16.04.2 security update dumped durable queues for autopkgtest.ubuntu.com
Christian Ehrhardt
1708008 at bugs.launchpad.net
Fri Jun 15 09:35:17 UTC 2018
Since the logs had no content of when it happened and we had no other
reports on it at all this is hard to action.
(Un?)Furtunately there also was no other upgrade of it since then.
The last still is: CVE-2016-9877 on Thu, 27 Jul 2017
Due to that we don't know if that would have happened again.
I tried to recreate this.
Based on [1] with this change for durable:
diff --git a/scripts/rabbitmq-server/receive.py b/scripts/rabbitmq-server/receive.py
index 80c7eb3e..cd5ce995 100755
--- a/scripts/rabbitmq-server/receive.py
+++ b/scripts/rabbitmq-server/receive.py
@@ -7,13 +7,13 @@ connection = pika.BlockingConnection(pika.ConnectionParameters(
channel = connection.channel()
-channel.queue_declare(queue='hello')
+channel.queue_declare(queue='hellod', durable=True)
def callback(ch, method, properties, body):
print(" [x] Received %r" % body)
channel.basic_consume(callback,
- queue='hello',
+ queue='hellod',
no_ack=True)
#print(' [*] Waiting for messages. To exit press CTRL+C')
diff --git a/scripts/rabbitmq-server/send.py b/scripts/rabbitmq-server/send.py
index 56117d5a..8e4d4b7f 100755
--- a/scripts/rabbitmq-server/send.py
+++ b/scripts/rabbitmq-server/send.py
@@ -7,10 +7,10 @@ connection = pika.BlockingConnection(pika.ConnectionParameters(
channel = connection.channel()
-channel.queue_declare(queue='hello')
+channel.queue_declare(queue='hellod', durable=True)
channel.basic_publish(exchange='',
- routing_key='hello',
+ routing_key='hellod',
body='Hello World!')
print(" [x] Sent 'Hello World!'")
connection.close(
Test 1 - non durable queues
root at x:~# ./send.py
[x] Sent 'Hello World!'
root at x:~# ./receive.py
[x] Received 'Hello World!'
Test 2 - non durable queues restarted
root at x:~# ./send.py
[x] Sent 'Hello World!'
root at x:~# systemctl restart rabbitmq-server
root at x:~# ./receive.py
(nothing - as expected)
Test 3 - durable queues [2]
root at x:~# ./send.py
[x] Sent 'Hello World!'
root at x:~# ./receive.py
[x] Received 'Hello World!'
root at x:~# rabbitmqctl list_queues name durable messages
Listing queues ...
hello false 0
hellod true 0
Test 3 - durable queues restart
root at x:~# ./send.py
[x] Sent 'Hello World!'
root at x:~# rabbitmqctl list_queues name durable messages
Listing queues ...
hello false 0
hellod true 1
root at x:~# systemctl restart rabbitmq-server
root at x:~# ./receive.py
root at x:~# rabbitmqctl list_queues name durable messages
Listing queues ...
hellod true 0
So the messages are lost on a server restart - even on the durable queue.
I thought to understand that this should not happen.
I'm not entirely sure if this is a valid reproducer yet, but it should be with my limited rabbitmq-foo
[1]: https://git.launchpad.net/qa-regression-testing/tree/scripts/test-rabbitmq-server.py
[2]: https://www.rabbitmq.com/tutorials/tutorial-two-python.html
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-9877
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to rabbitmq-server in Ubuntu.
https://bugs.launchpad.net/bugs/1708008
Title:
rabbitmq-server 3.5.7-1ubuntu0.16.04.2 security update dumped durable
queues for autopkgtest.ubuntu.com
Status in rabbitmq-server package in Ubuntu:
Triaged
Bug description:
A rabbitmq-server security update was released today. This was auto-
applied to the rabbitmq server that serves autopkgtest.ubuntu.com, and
as a result, it appears that all the messages that were in the queue
at the time were dropped.
According to Iain Lane, we are using durable queues in rabbitmq, so
this should not have happened.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/1708008/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list