Bug 751608

Summary: grubby --grub2 received SIGSEGV
Product: [Fedora] Fedora Reporter: Simone Tolotti <simone.tolotti>
Component: grubbyAssignee: Peter Jones <pjones>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 18CC: andrew.elwell, bcl, bpeck, eguan, emcnabb, jeviolle, kwizart, matthew.hirsch, pjones
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: grubby-8.25-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-07 13:32:23 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Attachments:
Description Flags
Patch to add test for null bootloader file name if no files could be read. none

Description Simone Tolotti 2011-11-06 04:34:09 EST
Description of problem:
Running:
grubby --grub2
grubby recieved SIGSEGV!  Backtrace (5):
grubby[0x404c4f]
/lib64/libc.so.6[0x3e8e836320]
grubby[0x403889]
/lib64/libc.so.6(__libc_start_main+0xed)[0x3e8e82169d]
grubby[0x403ff1]

Version-Release number of selected component (if applicable):
8.3-1.fc16

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Matt Hirsch 2012-06-01 14:54:39 EDT
I think that this occurs when a grub config file is not found. For example, On my system, I have grub2 installed, but not grub. I.e.:


# ls -d /boot/grub2
/boot/grub2
# ls -d /boot/grub
ls: cannot access /boot/grub: No such file or directory

When I run 

grubby --grub2

I get the expected behavior. When I run 

grubby --grub

I get a similar segfault.


grubby recieved SIGSEGV!  Backtrace (6):
/sbin/grubby[0x404fef]
/lib64/libc.so.6(+0x36300)[0x7f81a4716300]
/sbin/grubby[0x4018c3]
/sbin/grubby[0x403c1c]
/lib64/libc.so.6(__libc_start_main+0xed)[0x7f81a470169d]
/sbin/grubby[0x4042b1]
Comment 2 Andrew Elwell 2012-08-31 10:39:13 EDT
It's certainly permission related -- Running as a normal user it fails, but works OK as root.

straces attached but the difference is:

(as root [strace1]- OK)


open("/root/.popt", O_RDONLY)           = -1 ENOENT (No such file or directory)
access("/etc/grub2-efi.cfg", R_OK)      = -1 ENOENT (No such file or directory)
access("/etc/grub2.cfg", R_OK)          = 0
stat("/", {st_mode=S_IFDIR|0555, st_size=4096, ...}) = 0
stat("/boot", {st_mode=S_IFDIR|0555, st_size=3072, ...}) = 0
open("/etc/grub2.cfg", O_RDONLY)        = 3
read(3, "#\n# DO NOT EDIT THIS FILE\n#\n# It"..., 1024) = 1024
read(3, "ocale\n  set lang=en_US\n  insmod "..., 1024) = 1024
read(3, "gtelwell/lv_root LANG=en_US.UTF-"..., 1024) = 1024
read(3, "US.UTF-8 rhgb quiet\n\techo 'Loadi"..., 1024) = 1024
read(3, " 'Loading initial ramdisk ...'\n\t"..., 1024) = 1024
read(3, "_custom ###\n", 1024)          = 12
read(3, "", 1024)                       = 0
close(3)                                = 0
access("/boot/vmlinuz-3.5.2-3.fc17.x86_64", R_OK) = 0
... etc

but as a user ([strace2] not OK) I get

open("/home/aelwell/.popt", O_RDONLY)   = -1 ENOENT (No such file or directory)
access("/etc/grub2-efi.cfg", R_OK)      = -1 ENOENT (No such file or directory)
access("/etc/grub2.cfg", R_OK)          = -1 EACCES (Permission denied)
access("/etc/grub.d/", R_OK)            = -1 EACCES (Permission denied)
access("/etc/grub.conf", R_OK)          = -1 ENOENT (No such file or directory)
access("/boot/grub/menu.lst", R_OK)     = -1 ENOENT (No such file or directory)
stat("/", {st_mode=S_IFDIR|0555, st_size=4096, ...}) = 0
stat("/boot", {st_mode=S_IFDIR|0555, st_size=3072, ...}) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} ---
rt_sigaction(SIGSEGV, {SIG_DFL, [SEGV], SA_RESTORER|SA_RESTART, 0x32962359a0}, {0x405280, [SEGV], SA_RESTORER|SA_RESTART, 0x32962359a0}, 8) = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=111059, ...}) = 0
mmap(NULL, 111059, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fd97820b000
close(3)                                = 0
open("/lib64/libgcc_s.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320)`\2302\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=89656, ...}) = 0
mmap(0x3298600000, 2182584, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fd977ff2000
mprotect(0x7fd978007000, 2093056, PROT_NONE) = 0
mmap(0x7fd978206000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14000) = 0x7fd978206000
close(3)                                = 0
munmap(0x7fd97820b000, 111059)          = 0
write(2, "grubby recieved SIGSEGV!  Backtr"..., 41) = 41
writev(2, [{"grubby", 6}, {"[0x", 3}, {"4052af", 6}, {"]\n", 2}], 4) = 17
writev(2, [{"/lib64/libc.so.6", 16}, {"[0x", 3}, {"32962359a0", 10}, {"]\n", 2}], 4) = 31
writev(2, [{"grubby", 6}, {"[0x", 3}, {"401bc9", 6}, {"]\n", 2}], 4) = 17
writev(2, [{"grubby", 6}, {"[0x", 3}, {"404262", 6}, {"]\n", 2}], 4) = 17
writev(2, [{"/lib64/libc.so.6", 16}, {"(", 1}, {"__libc_start_main", 17}, {"+0x", 3}, {"f5", 2}, {")", 1}, {"[0x", 3}, {"3296221735", 10}, {"]\n", 2}], 9) = 55
writev(2, [{"grubby", 6}, {"[0x", 3}, {"4046c1", 6}, {"]\n", 2}], 4) = 17
exit_group(1)                           = ?
+++ exited with 1 +++


which (as expected for security reasons) is rw root only

[aelwell@pcitgtelwell modules (devel)]$ ls -l /etc/grub2.cfg 
lrwxrwxrwx. 1 root root 22 Aug 28 10:28 /etc/grub2.cfg -> ../boot/grub2/grub.cfg
[aelwell@pcitgtelwell modules (devel)]$ ls -l /etc/../boot/grub2/grub.cfg
-rw-------. 1 root root 5132 Aug 25 22:50 /etc/../boot/grub2/grub.cfg



Wishlist -- it would be nice to fail with a 'cannot read configuration' rather than segfault
Comment 3 Andrew Elwell 2012-08-31 10:51:55 EDT
*** Bug 823270 has been marked as a duplicate of this bug. ***
Comment 4 Matt Hirsch 2012-10-10 11:59:30 EDT
This is still an issue in Fedora 17, grubby-8.12-1.fc17.x86_64. Even as root it segfaults if the corresponding grub directory is not present.

Now grubby requires another command.

# ls -d /boot/grub
ls: cannot access /boot/grub: No such file or directory

# grubby --grub
grubby: no action specified

# grubby --grub --default-title
grubby recieved SIGSEGV!  Backtrace (6):
grubby[0x4052af]
/lib64/libc.so.6(+0x359a0)[0x7f5b1bb559a0]
grubby[0x401bc9]
grubby[0x404262]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7f5b1bb41735]
grubby[0x4046c1]

Can't it just print "/boot/grub not found" or something, and exit with an error code?
Comment 5 jeviolle 2012-11-03 13:45:20 EDT
Not sure if there is a better way of doing this. I added a check that tests if the configuration name is null or not and if the effective uid is root to give a more detailed error instead of the backtrace:

For grubby-8.12-1.fc17.src.rpm:

--- grubby-8.12/grubby.c	2012-05-31 09:51:51.000000000 -0400
+++ grubby.c	2012-11-03 13:42:12.813481409 -0400
@@ -35,6 +35,7 @@
 #include <execinfo.h>
 #include <signal.h>
 #include <blkid/blkid.h>
+#include <sys/types.h>
 
 #ifndef DEBUG
 #define DEBUG 0
@@ -928,6 +929,15 @@
     int i, len;
     char * buf;
 
+    if (inName == NULL) {
+        if ( geteuid() != 0 ) {
+            printf("Unable to read bootloader configuration, please try again as root!\n");
+        } else {
+            printf("Unable to read bootloader configuration!\n");
+        }
+        exit(1);
+    }
+
     if (!strcmp(inName, "-")) {
 	in = 0;
     } else {
Comment 6 jeviolle 2012-11-03 20:22:07 EDT
If anyone wants an updated source rpm to test prior to an official release, let me know.
Comment 7 jeviolle 2012-11-03 20:24:28 EDT
Created attachment 637804 [details]
Patch to add test for null bootloader file name if no files could be read.
Comment 8 Fedora End Of Life 2013-01-16 11:57:48 EST
This message is a reminder that Fedora 16 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 16. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '16'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 16's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 16 is end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" and open it against that version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 9 Fedora End Of Life 2013-02-13 16:11:23 EST
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 10 Evan McNabb 2013-02-19 13:59:38 EST
This still happens on F18 when run as a non-root user, so reopening.

$ rpm -q grubby
grubby-8.22-1.fc18.x86_64

$ grubby --default-kernel
grubby received SIGSEGV!  Backtrace (6):
grubby[0x4055ef]
/lib64/libc.so.6[0x3e1ae35c20]
grubby[0x401d69]
grubby[0x404455]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x3e1ae21a05]
grubby[0x404a19]

$ su -
Password: 
# grubby --default-kernel
/boot/vmlinuz-3.7.6-201.fc18.x86_64
Comment 11 Peter Jones 2013-04-09 11:37:33 EDT
This is fixed in grubby-8.25-1
Comment 12 Fedora End Of Life 2013-12-21 10:40:13 EST
This message is a reminder that Fedora 18 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 18. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '18'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 18's end of life.

Thank you for reporting this issue and we are sorry that we may not be 
able to fix it before Fedora 18 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior to Fedora 18's end of life.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 13 Matt Hirsch 2013-12-31 15:59:22 EST
This works in the current version of grubby in Fedora 20. It should be closed.