[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-03-11 Thread David Wilde 
@f11gar0, thank you for the research on this.  Since you've modified
eventlet code it's not possible for Keystone to carry it directly but
I'm wondering if you've submitted this code to the eventlet repository
and/or if there is a public bug about this issue that has bee filed
there?

Thanks again!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-03-11 Thread Jeremy Stanley 
When switching a bug's type from Public to Public Security, please
clarify what about it leads you to suspect it represents an exploitable
vulnerability. I'm switching it back to a regular Public bug in the
meantime.

If this was triggered by the earlier mention of a use-after-free
condition, it didn't seem to imply that the underlying bug was inside
keystone, but maybe should be filed against the eventlet project
instead.

** Information type changed from Public Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-03-10 Thread willzhang 
** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-03-07 Thread Vinicius Stocker 
The fix provided by @f11gar0 solved the problem for me. Thank you dear
friend!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-03-06 Thread Alexandr 
i FIX this with some thread.py edit:

vi /usr/lib/python3/dist-packages/eventlet/green/thread.py
(or your path to thread.py from exception traceback)
find this code:

def get_ident(gr=None):
if gr is None:
return id(greenlet.getcurrent())
else:
return id(gr)

and make try-except contruction for get id like this:

def get_ident(gr=None):
try:
if gr is None:
return id(greenlet.getcurrent())
else:
return id(gr)
except:
return id(gr)

retry:
su -s /bin/bash keystone -c "keystone-manage db_sync"

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-03-04 Thread Patrick McClory 
W/ a fresh install of 22.04.04 + bobcat, not seeing the suggested fix
from @tshebin work:

```
root@utility-04:/home/pmdev# grep keystone /etc/passwd
keystone:x:122:130::/var/lib/keystone:/bin/bash
root@utility-04:/home/pmdev# su -s /bin/sh -c "keystone-manage db_sync" keystone
Exception ignored in: 
Traceback (most recent call last):
  File "/usr/lib/python3.10/logging/__init__.py", line 846, in _removeHandlerRef
  File "/usr/lib/python3.10/logging/__init__.py", line 226, in _acquireLock
  File "/usr/lib/python3.10/threading.py", line 164, in acquire
  File "/usr/lib/python3/dist-packages/eventlet/green/thread.py", line 34, in 
get_ident
AttributeError: 'NoneType' object has no attribute 'getcurrent'
```

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-03-04 Thread Florin Andrei 
This has nothing to do with the shell. I've changed the shell to
/bin/bash, then `su - keystone` then `keystone-manage db_sync` and I
still get the error.

I'm stuck trying to install it on Ubuntu 22.04.4 LTS.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-03-04 Thread Shebin Thomas 
guys the error occurs because of the permissions of keystone user
grep keystone /etc/passwd if this commands gives the result with something like 
this /usr/sbin/nologin or /bin/false then change it using usermod -s /bin/bash 
keystone after this install and configure within the keystone user or in root 
user also make sure the keystone user is not flagged as system account.
This helped me in setting the keystone i am using ubuntu 22.04.03 lts and 
openstack antelope

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-02-27 Thread git.user 
Seems like it's a weakref black magic. wr is dead when _removeHandlerRef called
It's too much for me, I just hack it out:
def _removeHandlerRef(wr):
"""
...
if wr() is None:
return
...

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-02-27 Thread David Wilde 
** Changed in: keystone
   Importance: Undecided => Critical

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2042744] Re: su -s /bin/sh -c "keystone-manage db_sync" keystone

2024-02-25 Thread git.user 
looks like kind of use-after-free
I tried to trace it
/usr/lib/python3/dist-packages/eventlet/green/thread.py
...
def get_ident(gr=None):
  traceback.print_stack()
...
and got AttributeError: 'NoneType' object has no attribute 'print_stack'

On the other side if traceback one level up
/usr/lib/python3.10/threading.py
 def acquire(self, blocking=True, timeout=-1):
...
traceback.print_stack()

then last 2 stacks begins with sys.exit() and h.close():

File "/usr/bin/keystone-manage", line 10, in 
  sys.exit(main())

File "/usr/lib/python3.10/threading.py", line 165, in acquire
  traceback.print_stack()
File "/usr/lib/python3.10/logging/__init__.py", line 2183, in shutdown
  h.close()
...
File "/usr/lib/python3.10/threading.py", line 165, in acquire
  traceback.print_stack()

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2042744

Title:
  su -s /bin/sh -c "keystone-manage db_sync" keystone

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/2042744/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs