Bug#1056066: systemd: rsyslog fails to start if /dev/xconsole exists
Am 27.11.23 um 16:43 schrieb Sven Joachim: Control: found -1 8.2310.0-3 On 2023-11-16 18:14 +0100, Michael Biebl wrote: Am 16.11.23 um 18:12 schrieb Michael Biebl: b/ Move /dev/xconsole to run and turn /dev/xconsole into a symlink The latter b/ will require updates to the local copies in /etc/tmpfiles.d/ and /etc/rsyslog.d/ They would look like this now: $ cat /etc/rsyslog.d/xconsole.conf daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/run/xconsole $ cat /etc/tmpfiles.d/xconsole.conf # Type Path Mode UID GID Age Argument p /run/xconsole 0640 root adm L /dev/xconsole - - - - /run/xconsole And you need to drop BindPaths=-/dev/xconsole from rsyslog.service again. Thanks, I had edited the service file in /usr/lib/systemd/system accordingly. Unfortunately you forgot to apply that change to rsyslog's debian/rsyslog.service, and so rsyslogd failed to start again after upgrading to 8.2310.0-3. Argh, sorry. Will fix immediately. Not sure why I missed that... The NEWS item looks fine to me, though. Thanks. OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1056066: systemd: rsyslog fails to start if /dev/xconsole exists
Control: found -1 8.2310.0-3 On 2023-11-16 18:14 +0100, Michael Biebl wrote: > Am 16.11.23 um 18:12 schrieb Michael Biebl: >> b/ Move /dev/xconsole to run and turn /dev/xconsole into a symlink >> The latter b/ will require updates to the local copies in >> /etc/tmpfiles.d/ and /etc/rsyslog.d/ >> They would look like this now: >> $ cat /etc/rsyslog.d/xconsole.conf >> daemon.*;mail.*;\ >> news.err;\ >> *.=debug;*.=info;\ >> *.=notice;*.=warn |/run/xconsole >> $ cat /etc/tmpfiles.d/xconsole.conf >> # Type Path Mode UID GID Age Argument >> p /run/xconsole 0640 root adm >> L /dev/xconsole - - - - /run/xconsole > > And you need to drop BindPaths=-/dev/xconsole from rsyslog.service again. Thanks, I had edited the service file in /usr/lib/systemd/system accordingly. Unfortunately you forgot to apply that change to rsyslog's debian/rsyslog.service, and so rsyslogd failed to start again after upgrading to 8.2310.0-3. The NEWS item looks fine to me, though. Cheers, Sven
Bug#1056066: systemd: rsyslog fails to start if /dev/xconsole exists
Control: reassign -1 rsyslog Control: found -1 8.2310.0-2 Am 16.11.23 um 19:53 schrieb Sven Joachim: On 2023-11-16 18:12 +0100, Michael Biebl wrote: Am 16.11.23 um 17:17 schrieb Sven Joachim: It appears, that PrivateTmp=yes was locked down further and is now remounted read-only (thanks bluca for the reference): https://github.com/systemd/systemd/commit/4a9e03aa6bb2cbd23dac00f2b2a7642cc79eaade Thanks, I had suspected something along these lines. It's unlikely that systemd upstream is going to revert this behaviour change, so I'm going to reassign this issue to rsyslog to handle it there. We basically have two options as I see it: a/ Drop PrivateDevices=yes from rsyslog.service b/ Move /dev/xconsole to run and turn /dev/xconsole into a symlink The latter b/ will require updates to the local copies in /etc/tmpfiles.d/ and /etc/rsyslog.d/ They would look like this now: $ cat /etc/rsyslog.d/xconsole.conf daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/run/xconsole $ cat /etc/tmpfiles.d/xconsole.conf # Type Path Mode UID GID Age Argument p /run/xconsole 0640 root adm L /dev/xconsole ---- /run/xconsole Conceptually, moving the named pipe out of /dev and into /run is the cleaner solution I think. The /dev/xconsole symlink should make it reasonably backwards compatible. Thoughts? I think b/ and an appropriate debian/NEWS entry in rsyslog are preferable to softening security, even if it means some disruption for the minority of users who still monitor logs via xconsole. But there may be more complaints once the changes arrive in testing. Since b/ is my favorite as well, let's go with this. Personally I have made your proposed changes, and after restarting rsyslog and xconsole everything works fine again. Thanks for testing. Will poke you, once I have a MR ready. Maybe you want to proof read the NEWS entry. Regards, Michael OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1056066: systemd: rsyslog fails to start if /dev/xconsole exists
On 2023-11-16 18:12 +0100, Michael Biebl wrote: > Am 16.11.23 um 17:17 schrieb Sven Joachim: >> Package: systemd >> Version: 255~rc2-1 >> Severity: important >> After upgrading systemd from 254.5-1 and rebooting, rsyslog failed >> to >> start on my system. These messages appear in the journal: >> , >> | Nov 16 16:58:10 localhost systemd[1]: Starting rsyslog.service - System >> Logging Service... >> | Nov 16 16:58:10 localhost (rsyslogd)[674]: Failed to create >> | destination mount point node >> | '/run/systemd/mount-rootfs/dev/xconsole', ignoring: Read-only file >> | system >> | Nov 16 16:58:10 localhost (rsyslogd)[674]: Failed to mount >> | /dev/xconsole to /run/systemd/mount-rootfs/dev/xconsole: No such >> | file or directory >> | Nov 16 16:58:10 localhost (rsyslogd)[674]: rsyslog.service: Failed >> | to set up mount namespacing: /dev/xconsole: No such file or >> | directory >> | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Main process >> exited, code=exited, status=226/NAMESPACE >> | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Failed with result >> 'exit-code'. >> | Nov 16 16:58:10 localhost systemd[1]: Failed to start rsyslog.service - >> System Logging Service. >> | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Scheduled restart >> job, restart counter is at 1. >> ` >> This gets repeated a few times, and after five restart attempts >> systemd >> gives up. >> It should be noted that I have enabled forwarding messages to >> xconsole >> according to the the "Logging to xconsole" section in >> /usr/share/doc/rsyslog/README.Debian, and the problem is obviously in >> the bind mount for /dev/xconsole. Removing /dev/xconsole so that the >> "BindPaths=-/dev/xconsole" statement in rsyslog.service has no effect >> lets rsyslog start, but recreates the problem of #1053913. > > It appears, that PrivateTmp=yes was locked down further and is now > remounted read-only (thanks bluca for the reference): > https://github.com/systemd/systemd/commit/4a9e03aa6bb2cbd23dac00f2b2a7642cc79eaade Thanks, I had suspected something along these lines. > We basically have two options as I see it: > > a/ Drop PrivateDevices=yes from rsyslog.service > > b/ Move /dev/xconsole to run and turn /dev/xconsole into a symlink > > > The latter b/ will require updates to the local copies in > /etc/tmpfiles.d/ and /etc/rsyslog.d/ > > They would look like this now: > > $ cat /etc/rsyslog.d/xconsole.conf > daemon.*;mail.*;\ > news.err;\ > *.=debug;*.=info;\ > *.=notice;*.=warn |/run/xconsole > > $ cat /etc/tmpfiles.d/xconsole.conf > # Type Path Mode UID GID Age Argument > p /run/xconsole 0640 root adm > L /dev/xconsole ---- /run/xconsole > > Conceptually, moving the named pipe out of /dev and into /run is the > cleaner solution I think. The /dev/xconsole symlink should make it > reasonably backwards compatible. > > Thoughts? I think b/ and an appropriate debian/NEWS entry in rsyslog are preferable to softening security, even if it means some disruption for the minority of users who still monitor logs via xconsole. But there may be more complaints once the changes arrive in testing. Personally I have made your proposed changes, and after restarting rsyslog and xconsole everything works fine again. Cheers, Sven
Bug#1056066: systemd: rsyslog fails to start if /dev/xconsole exists
Am 16.11.23 um 18:12 schrieb Michael Biebl: b/ Move /dev/xconsole to run and turn /dev/xconsole into a symlink The latter b/ will require updates to the local copies in /etc/tmpfiles.d/ and /etc/rsyslog.d/ They would look like this now: $ cat /etc/rsyslog.d/xconsole.conf daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/run/xconsole $ cat /etc/tmpfiles.d/xconsole.conf # Type Path Mode UID GID Age Argument p /run/xconsole 0640 root adm L /dev/xconsole - - - - /run/xconsole And you need to drop BindPaths=-/dev/xconsole from rsyslog.service again. OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1056066: systemd: rsyslog fails to start if /dev/xconsole exists
Am 16.11.23 um 17:17 schrieb Sven Joachim: Package: systemd Version: 255~rc2-1 Severity: important After upgrading systemd from 254.5-1 and rebooting, rsyslog failed to start on my system. These messages appear in the journal: , | Nov 16 16:58:10 localhost systemd[1]: Starting rsyslog.service - System Logging Service... | Nov 16 16:58:10 localhost (rsyslogd)[674]: Failed to create destination mount point node '/run/systemd/mount-rootfs/dev/xconsole', ignoring: Read-only file system | Nov 16 16:58:10 localhost (rsyslogd)[674]: Failed to mount /dev/xconsole to /run/systemd/mount-rootfs/dev/xconsole: No such file or directory | Nov 16 16:58:10 localhost (rsyslogd)[674]: rsyslog.service: Failed to set up mount namespacing: /dev/xconsole: No such file or directory | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Main process exited, code=exited, status=226/NAMESPACE | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Failed with result 'exit-code'. | Nov 16 16:58:10 localhost systemd[1]: Failed to start rsyslog.service - System Logging Service. | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Scheduled restart job, restart counter is at 1. ` This gets repeated a few times, and after five restart attempts systemd gives up. It should be noted that I have enabled forwarding messages to xconsole according to the the "Logging to xconsole" section in /usr/share/doc/rsyslog/README.Debian, and the problem is obviously in the bind mount for /dev/xconsole. Removing /dev/xconsole so that the "BindPaths=-/dev/xconsole" statement in rsyslog.service has no effect lets rsyslog start, but recreates the problem of #1053913. It appears, that PrivateTmp=yes was locked down further and is now remounted read-only (thanks bluca for the reference): https://github.com/systemd/systemd/commit/4a9e03aa6bb2cbd23dac00f2b2a7642cc79eaade We basically have two options as I see it: a/ Drop PrivateDevices=yes from rsyslog.service b/ Move /dev/xconsole to run and turn /dev/xconsole into a symlink The latter b/ will require updates to the local copies in /etc/tmpfiles.d/ and /etc/rsyslog.d/ They would look like this now: $ cat /etc/rsyslog.d/xconsole.conf daemon.*;mail.*;\ news.err;\ *.=debug;*.=info;\ *.=notice;*.=warn |/run/xconsole $ cat /etc/tmpfiles.d/xconsole.conf # Type Path Mode UID GID Age Argument p /run/xconsole 0640 root adm L /dev/xconsole ---- /run/xconsole Conceptually, moving the named pipe out of /dev and into /run is the cleaner solution I think. The /dev/xconsole symlink should make it reasonably backwards compatible. Thoughts? Michael OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1056066: systemd: rsyslog fails to start if /dev/xconsole exists
Package: systemd Version: 255~rc2-1 Severity: important After upgrading systemd from 254.5-1 and rebooting, rsyslog failed to start on my system. These messages appear in the journal: , | Nov 16 16:58:10 localhost systemd[1]: Starting rsyslog.service - System Logging Service... | Nov 16 16:58:10 localhost (rsyslogd)[674]: Failed to create destination mount point node '/run/systemd/mount-rootfs/dev/xconsole', ignoring: Read-only file system | Nov 16 16:58:10 localhost (rsyslogd)[674]: Failed to mount /dev/xconsole to /run/systemd/mount-rootfs/dev/xconsole: No such file or directory | Nov 16 16:58:10 localhost (rsyslogd)[674]: rsyslog.service: Failed to set up mount namespacing: /dev/xconsole: No such file or directory | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Main process exited, code=exited, status=226/NAMESPACE | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Failed with result 'exit-code'. | Nov 16 16:58:10 localhost systemd[1]: Failed to start rsyslog.service - System Logging Service. | Nov 16 16:58:10 localhost systemd[1]: rsyslog.service: Scheduled restart job, restart counter is at 1. ` This gets repeated a few times, and after five restart attempts systemd gives up. It should be noted that I have enabled forwarding messages to xconsole according to the the "Logging to xconsole" section in /usr/share/doc/rsyslog/README.Debian, and the problem is obviously in the bind mount for /dev/xconsole. Removing /dev/xconsole so that the "BindPaths=-/dev/xconsole" statement in rsyslog.service has no effect lets rsyslog start, but recreates the problem of #1053913. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (101, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.5.0-4-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd depends on: ii libacl12.3.1-3 ii libapparmor1 3.0.12-1 ii libaudit1 1:3.1.1-1 ii libblkid1 2.39.2-6 ii libc6 2.37-12 ii libcap21:2.66-4 ii libcryptsetup122:2.6.1-5 ii libfdisk1 2.39.2-6 ii libgcrypt201.10.2-3 ii libkmod2 30+20230601-2 ii liblz4-1 1.9.4-1 ii liblzma5 5.4.4-0.1 ii libmount1 2.39.2-6 ii libpam0g 1.5.2-9.1 ii libseccomp22.5.4-2 ii libselinux13.5-1 ii libssl33.0.12-2 ii libsystemd-shared 255~rc2-1 ii libsystemd0255~rc2-1 ii libzstd1 1.5.5+dfsg2-2 ii mount 2.39.2-6 ii systemd-dev255~rc2-1 Versions of packages systemd recommends: ii dbus [default-dbus-system-bus] 1.14.10-3 ii systemd-timesyncd [time-daemon] 255~rc2-1 Versions of packages systemd suggests: ii libfido2-11.13.0-1+b1 ii libip4tc2 1.8.9-2 ii libp11-kit0 0.25.0-5 ii libqrencode4 4.1.1-1 pn libtss2-esys-3.0.2-0 pn libtss2-mu0 pn libtss2-rc0 ii polkitd 123-3 ii python3 3.11.4-5+b1 pn python3-pefile pn systemd-boot pn systemd-container pn systemd-homed pn systemd-resolved pn systemd-userdbd Versions of packages systemd is related to: ii dbus-user-session 1.14.10-3 pn dracut ii initramfs-tools0.142 ii libnss-systemd 255~rc2-1 ii libpam-systemd 255~rc2-1 ii udev 255~rc2-1 -- no debconf information