[Bug 1908065] [NEW] Invalid SYSLOG_PID for (systemd) journal messages
Launchpad Bug Tracker
1908065 at bugs.launchpad.net
Sat Jan 23 16:31:10 UTC 2021
You have been subscribed to a public bug by Ubuntu Foundations Team Bug Bot (crichton):
[Impact]
* On Ubuntu (Focal) 20.04, SSSD 2.2.3-3, logs in Journald have invalid
(non-numeric) SYSLOG_PID. Any tooling collecting SYSLOG_PID further, or
attempting to work with syslog directly, fail to parse the PID as
number.
* Systemd does not validate, and simply expects SYSLOG_PID as numeric integers formatted as decimal strings:
https://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html#SYSLOG_FACILITY=
[Test Case]
* Deploy fresh 20.04 image, and update:
apt update && apt dist-upgrade
* apt -qqy install sssd
* cat << EOF > /etc/sssd/sssd.conf
[sssd]
config_file_version = 2
domains = EXAMPLE.COM
services =
[nss]
[pam]
[sudo]
[domain/EXAMPLE.COM]
id_provider = files
access_provider = permit
EOF
* chmod 600 /etc/sssd/sssd.conf
* systemctl restart sssd.service
* journalctl -o verbose -u sssd-sudo.service | grep SYSLOG_PID=
SYSLOG_PID=sudo
* journalctl -u sssd.service # Produces malformed example lines:
Dec 07 14:10:00 servername sssd[be[1234]: Starting up
* grep sssd /var/log/syslog # Displays non-numeric PIDs:
Dec 7 08:00:00 servername sssd[be[EXAMPLE.COM]]: Starting up
Dec 7 08:00:00 servername sssd[nss]: Starting up
Dec 7 08:00:00 servername sssd[sudo]: Starting up
Dec 7 08:00:00 servername sssd[pam]: Starting up
[Where problems could occur]
* Someone might depend on the malformed output already, and have
tooling in place to transform it manually.
[Other Info]
* Is not reproducible on Ubuntu (Groovy) 20.10 containing SSSD 2.3.1-3.
Considering Debian testing is currently at SSSD 2.4.0-1, it does not
appear applicable to fix in upstream.
* The package itself does not appear to provide any SYSLOG_PID. The
SYSLOG_IDENTIFIER appears to instead 'leak' over into PID, hinting at
trouble on systemd side. SSSD source at:
https://github.com/SSSD/sssd/blob/sssd-2_2_3/src/util/sss_log.c#L110
* Applying a change to SYSLOG_IDENTIFIER (prefixing with "sssd[" and suffixing with "]") results in "SYSLOG_IDENTIFIER=sssd_be" being logged, and no SYSLOG_PID being reported.
Cherry-picked upstream commit for testing: https://github.com/SSSD/sssd/commit/18233532b72e62452eac6886652fa633ba055d8c
** Affects: sssd (Ubuntu)
Importance: Undecided
Status: Triaged
** Affects: systemd (Ubuntu)
Importance: Undecided
Status: Invalid
** Tags: patch
--
Invalid SYSLOG_PID for (systemd) journal messages
https://bugs.launchpad.net/bugs/1908065
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list