Bug#775903: systemd: 'service initscript start' starts initscript.dpkg-dist under systemd

Florent Rougon f.rougon at free.fr
Wed Jan 21 11:05:38 GMT 2015 

Package: systemd
Version: 215-9
Severity: serious
Tags: security

Dear maintainer,

I tried systemd after a wheezy → sid upgrade and encountered an annoying
problem: after modifying a file related to my /etc/init.d/fetchmail script[1],
I decided to start the fetchmail service with 'service fetchmail start'[2]. To
my great surprise, this did not start my /etc/init.d/fetchmail script but
/etc/init.d/fetchmail.dpkg-dist, i.e., the script I had explicitely told dpkg
to disable when doing the wheezy to sid upgrade.

  [1] Apparently run with 'set -e' under systemd, but that is another issue.

  [2] Being new to systemd, I didn't know the systemd idiom for this, but my
      reading of /usr/sbin/service leads me to think that 'systemctl start
      fetchmail.service' would have done exactly the same, hence the report to
      systemd as opposed to sysvinit-utils.

Apparently, systemd somehow kept thinking that the fetchmail service
corresponded to that .dpkg-dist script until I ran 'systemctl daemon-reload'.
This behavior has the adverse effect of running a service the administrator
explicitely disabled, or of running it with completely different options from
those he configured, etc. This is why I set the security tag on this bug.
Maybe the severity should be raised too.

Here is a transcript of the commands I ran to trigger and work around the bug:

# service fetchmail start
# systemctl status -l fetchmail
● fetchmail.dpkg-dist.service - LSB: init-Script for system wide fetchmail daemon
   Loaded: loaded (/etc/init.d/fetchmail.dpkg-dist)
   Active: active (exited) since Mon 2015-01-19 10:26:35 CET; 51min ago

Jan 19 10:26:35 zita fetchmail.dpkg-dist[3090]: Not starting fetchmail daemon, disabled via /etc/default/fetchmail.
Jan 19 10:26:35 zita systemd[1]: Started LSB: init-Script for system wide fetchmail daemon.
# find /etc/rc*.d /etc/init.d |grep fetchmail
/etc/rc0.d/K01fetchmail
/etc/rc1.d/K01fetchmail
/etc/rc2.d/S01local-rotate-fetchmail-logfiles
/etc/rc2.d/S04fetchmail
/etc/rc3.d/S01local-rotate-fetchmail-logfiles
/etc/rc3.d/S04fetchmail
/etc/rc4.d/S01local-rotate-fetchmail-logfiles
/etc/rc4.d/S04fetchmail
/etc/rc5.d/S01local-rotate-fetchmail-logfiles
/etc/rc5.d/S04fetchmail
/etc/rc6.d/K01fetchmail
/etc/init.d/fetchmail.dpkg-dist
/etc/init.d/fetchmail
/etc/init.d/local-rotate-fetchmail-logfiles
# mv fetchmail.dpkg-dist /root/tmp
# service fetchmail start
Warning: Unit file of fetchmail.service changed on disk, 'systemctl daemon-reload' recommended.
Job for fetchmail.dpkg-dist.service failed. See 'systemctl status fetchmail.dpkg-dist.service' and 'journalctl -xn' for details.
# systemctl status -l fetchmail
● fetchmail.dpkg-dist.service - LSB: init-Script for system wide fetchmail daemon
   Loaded: loaded (/etc/init.d/fetchmail.dpkg-dist)
   Active: failed (Result: exit-code) since Mon 2015-01-19 11:25:15 CET; 36s ago
  Process: 13937 ExecStart=/etc/init.d/fetchmail.dpkg-dist start (code=exited, status=203/EXEC)

Jan 19 11:25:15 zita systemd[1]: fetchmail.dpkg-dist.service: control process exited, code=exited status=203
Jan 19 11:25:15 zita systemd[1]: Failed to start LSB: init-Script for system wide fetchmail daemon.
Jan 19 11:25:15 zita systemd[1]: Unit fetchmail.dpkg-dist.service entered failed state.

Warning: Unit file changed on disk, 'systemctl daemon-reload' recommended.
# systemctl daemon-reload
# service fetchmail start
# systemctl status -l fetchmail
● fetchmail.service - LSB: init script for per-user fetchmail daemons
   Loaded: loaded (/etc/init.d/fetchmail)
   Active: active (exited) since Mon 2015-01-19 11:26:28 CET; 6s ago
  Process: 13983 ExecStart=/etc/init.d/fetchmail start (code=exited, status=0/SUCCESS)

Jan 19 11:26:27 zita fetchmail[13983]: Starting mail retrieval agent: fetchmail.
Jan 19 11:26:28 zita fetchmail[13983]: Waiting for a Mail Transport Agent lising on the SMTP port...done.
Jan 19 11:26:28 zita su[13992]: Successful su for flo by root
Jan 19 11:26:28 zita su[13992]: + ??? root:flo
Jan 19 11:26:28 zita su[13992]: pam_unix(su:session): session opened for usero by (uid=0)
Jan 19 11:26:28 zita fetchmail[13983]: Starting fetchmail for user flo...done
Jan 19 11:26:28 zita systemd[1]: Started LSB: init script for per-user fetchm daemons.
#

Thanks for considering, have a nice day. :-)

(the 'Init: sysvinit (via /sbin/init)' bit below is misleading, I am running
systemd via the 'init' kernel command line parameter)


-- Package-specific info:

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages systemd depends on:
ii  acl             2.2.52-2
ii  adduser         3.113+nmu3
ii  initscripts     2.88dsf-58
ii  libacl1         2.2.52-2
ii  libaudit1       1:2.4-1+b1
ii  libblkid1       2.25.2-4.1
ii  libc6           2.19-13
ii  libcap2         1:2.24-6
ii  libcap2-bin     1:2.24-6
ii  libcryptsetup4  2:1.6.6-4
ii  libgcrypt20     1.6.2-4+b1
ii  libkmod2        18-3
ii  liblzma5        5.1.1alpha+20120614-2+b3
ii  libpam0g        1.1.8-3.1
ii  libselinux1     2.3-2
ii  libsystemd0     215-9
ii  mount           2.25.2-4.1
ii  sysv-rc         2.88dsf-58
ii  udev            215-9
ii  util-linux      2.25.2-4.1

Versions of packages systemd recommends:
ii  dbus            1.8.14-1
ii  libpam-systemd  215-9

Versions of packages systemd suggests:
pn  systemd-ui  <none>

-- no debconf information

More information about the Pkg-systemd-maintainers mailing list