Bug#917029: systemd: Reproducible instant reboot without diagnostics even in debug mode
Teddy Hogeborn
teddy.h at nmugroup.com
Fri Dec 21 17:56:14 GMT 2018
Package: systemd
Version: 239-12~bpo9+1
Severity: normal
Tags: upstream
There is a way to get systemd to instantly reboot the system; this
behaviour is 100% reproducible if run on real hardware, i.e. not in
Qemu or similar. The cause is a misconfigured system, but this bug is
mainly about the lack of any diagnostics or journal messages of any
kind - the system instantly reboots without any message, even in
systemd debug mode.
Steps to reproduce:
1. Make sure nss-systemd is used in /etc/nsswitch.conf; i.e. that file
should contain this line:
passwd: compat systemd
2. Create a systemd generator script (i.e. an arbitrarily named
executable file in the /lib/systemd/system-generators directory),
containing only the following two lines:
#!/bin/sh
getent passwd > /dev/null
3. Run "sudo systemctl daemon-reload".
4. The system will reboot in a few seconds, without any journal
message or console output of any kind, even when running systemd in
debug mode.
Again, note that we have never been able to reproduce this reboot when
running an emulated system using Qemu, only when running on real
hardware. The bug has been reproduced on multiple different hardware
platforms.
-- Package-specific info:
-- System Information:
Debian Release: 9.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/24 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages systemd depends on:
ii adduser 3.115
ii libacl1 2.2.52-3+b1
ii libapparmor1 2.11.0-3+deb9u2
ii libaudit1 1:2.6.7-2
ii libblkid1 2.29.2-1+deb9u1
ii libc6 2.24-11+deb9u3
ii libcap2 1:2.25-1
ii libcryptsetup4 2:1.7.3-4
ii libgcrypt20 1.7.6-2+deb9u3
ii libgnutls30 3.5.8-5+deb9u4
ii libgpg-error0 1.26-2
ii libidn11 1.33-1
ii libip4tc0 1.6.0+snapshot20161117-6
ii libkmod2 23-2
ii liblz4-1 0.0~r131-2+b1
ii liblzma5 5.2.2-1.2+b1
ii libmount1 2.29.2-1+deb9u1
ii libpam0g 1.1.8-3.6
ii libseccomp2 2.3.1-2.1+deb9u1
ii libselinux1 2.6-3+b3
ii libsystemd0 239-12~bpo9+1
ii mount 2.29.2-1+deb9u1
ii procps 2:3.3.12-3+deb9u1
ii util-linux 2.29.2-1+deb9u1
Versions of packages systemd recommends:
ii dbus 1.10.26-0+deb9u1
ii libpam-systemd 239-12~bpo9+1
Versions of packages systemd suggests:
pn policykit-1 <none>
pn systemd-container <none>
Versions of packages systemd is related to:
pn dracut <none>
ii initramfs-tools 0.130
ii udev 239-12~bpo9+1
-- Configuration Files:
/etc/systemd/resolved.conf changed:
[Resolve]
FallbackDNS=
/etc/systemd/system.conf changed:
[Manager]
RuntimeWatchdogSec=20
-- no debconf information
-------------- next part --------------
[EXTENDED] /lib/systemd/system/apache2.service -> /etc/systemd/system/apache2.service.d/requires-etc-apache2.conf
[EXTENDED] /lib/systemd/system/apache2.service -> /etc/systemd/system/apache2.service.d/stop.conf
[EXTENDED] /lib/systemd/system/apache2.service -> /etc/systemd/system/apache2.service.d/var-run-evasive.conf
[EXTENDED] /lib/systemd/system/rc-local.service -> /lib/systemd/system/rc-local.service.d/debian.conf
[EXTENDED] /lib/systemd/system/systemd-journald.service -> /etc/systemd/system/systemd-journald.service.d/restart.conf
[EXTENDED] /lib/systemd/system/systemd-networkd-wait-online.service -> /etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf
[EXTENDED] /lib/systemd/system/systemd-resolved.service -> /lib/systemd/system/systemd-resolved.service.d/resolvconf.conf
[EXTENDED] /lib/systemd/system/systemd-timesyncd.service -> /lib/systemd/system/systemd-timesyncd.service.d/disable-with-time-daemon.conf
8 overridden configuration files found.
-------------- next part --------------
==> /var/lib/systemd/deb-systemd-helper-enabled/quota.service.dsh-also <==
/etc/systemd/system/sysinit.target.wants/quota.service
==> /var/lib/systemd/deb-systemd-helper-enabled/inetd.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/inetd.service
==> /var/lib/systemd/deb-systemd-helper-enabled/smartd.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/smartd.service
==> /var/lib/systemd/deb-systemd-helper-enabled/irqbalance.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/irqbalance.service
==> /var/lib/systemd/deb-systemd-helper-enabled/network-online.target.wants/networking.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/syslog.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/uuidd.service.dsh-also <==
/etc/systemd/system/sockets.target.wants/uuidd.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/lvm2-monitor.service.dsh-also <==
/etc/systemd/system/sysinit.target.wants/lvm2-monitor.service
==> /var/lib/systemd/deb-systemd-helper-enabled/vsftpd.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/vsftpd.service
==> /var/lib/systemd/deb-systemd-helper-enabled/mysql.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/netfilter-persistent.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/netfilter-persistent.service
==> /var/lib/systemd/deb-systemd-helper-enabled/ssh.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/ssh.service
/etc/systemd/system/sshd.service
==> /var/lib/systemd/deb-systemd-helper-enabled/apache2.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/apache2.service
==> /var/lib/systemd/deb-systemd-helper-enabled/bind9.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/bind9.service
==> /var/lib/systemd/deb-systemd-helper-enabled/unattended-upgrades.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/unattended-upgrades.service
==> /var/lib/systemd/deb-systemd-helper-enabled/redis.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/rsync.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/rsync.service
==> /var/lib/systemd/deb-systemd-helper-enabled/phpsessionclean.timer.dsh-also <==
/etc/systemd/system/timers.target.wants/phpsessionclean.timer
==> /var/lib/systemd/deb-systemd-helper-enabled/dm-event.service.dsh-also <==
/etc/systemd/system/sysinit.target.wants/dm-event.service
==> /var/lib/systemd/deb-systemd-helper-enabled/atd.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/atd.service
==> /var/lib/systemd/deb-systemd-helper-enabled/acpid.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/acpid.service
==> /var/lib/systemd/deb-systemd-helper-enabled/cron.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/cron.service
==> /var/lib/systemd/deb-systemd-helper-enabled/sshd.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/bind9-resolvconf.service.dsh-also <==
/etc/systemd/system/bind9.service.wants/bind9-resolvconf.service
==> /var/lib/systemd/deb-systemd-helper-enabled/lm-sensors.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/lm-sensors.service
==> /var/lib/systemd/deb-systemd-helper-enabled/rsyslog.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/rsyslog.service
/etc/systemd/system/syslog.service
==> /var/lib/systemd/deb-systemd-helper-enabled/fancontrol.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/fancontrol.service
==> /var/lib/systemd/deb-systemd-helper-enabled/postfix.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/postfix.service
==> /var/lib/systemd/deb-systemd-helper-enabled/ssh.socket.dsh-also <==
/etc/systemd/system/sockets.target.wants/ssh.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/mariadb.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/mariadb.service
/etc/systemd/system/mysql.service
/etc/systemd/system/mysqld.service
==> /var/lib/systemd/deb-systemd-helper-enabled/console-setup.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/console-setup.service
==> /var/lib/systemd/deb-systemd-helper-enabled/apt-daily-upgrade.timer.dsh-also <==
/etc/systemd/system/timers.target.wants/apt-daily-upgrade.timer
==> /var/lib/systemd/deb-systemd-helper-enabled/timers.target.wants/phpsessionclean.timer <==
==> /var/lib/systemd/deb-systemd-helper-enabled/timers.target.wants/apt-daily.timer <==
==> /var/lib/systemd/deb-systemd-helper-enabled/timers.target.wants/apt-daily-upgrade.timer <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sockets.target.wants/acpid.socket <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sockets.target.wants/dm-event.socket <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sockets.target.wants/uuidd.socket <==
==> /var/lib/systemd/deb-systemd-helper-enabled/bacula-fd.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/bacula-fd.service
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/quotarpc.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/postgresql.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/smartd.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/bind9.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/postfix.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/rsync.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/atd.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/rsyslog.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/apache2.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/vsftpd.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/fail2ban.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/networking.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/munin-node.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/memcached.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/console-setup.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/cron.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/fancontrol.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/bacula-fd.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/lm-sensors.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/netfilter-persistent.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/mariadb.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/snmpd.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/redis-server.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/ssh.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/binfmt-support.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/multi-user.target.wants/inetd.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/acpid.path.dsh-also <==
/etc/systemd/system/paths.target.wants/acpid.path
==> /var/lib/systemd/deb-systemd-helper-enabled/networking.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/networking.service
/etc/systemd/system/network-online.target.wants/networking.service
==> /var/lib/systemd/deb-systemd-helper-enabled/dm-event.socket.dsh-also <==
/etc/systemd/system/sockets.target.wants/dm-event.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/lvm2-lvmetad.service.dsh-also <==
/etc/systemd/system/sysinit.target.wants/lvm2-lvmetad.service
==> /var/lib/systemd/deb-systemd-helper-enabled/postgresql.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/postgresql.service
==> /var/lib/systemd/deb-systemd-helper-enabled/keyboard-setup.service.dsh-also <==
/etc/systemd/system/sysinit.target.wants/keyboard-setup.service
==> /var/lib/systemd/deb-systemd-helper-enabled/apache-htcacheclean.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/apache-htcacheclean.service
==> /var/lib/systemd/deb-systemd-helper-enabled/lvm2-lvmpolld.socket.dsh-also <==
/etc/systemd/system/sysinit.target.wants/lvm2-lvmpolld.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/apt-daily.timer.dsh-also <==
/etc/systemd/system/timers.target.wants/apt-daily.timer
==> /var/lib/systemd/deb-systemd-helper-enabled/paths.target.wants/acpid.path <==
==> /var/lib/systemd/deb-systemd-helper-enabled/quotarpc.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/quotarpc.service
==> /var/lib/systemd/deb-systemd-helper-enabled/memcached.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/memcached.service
==> /var/lib/systemd/deb-systemd-helper-enabled/lvm2-lvmetad.socket.dsh-also <==
/etc/systemd/system/sysinit.target.wants/lvm2-lvmetad.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/binfmt-support.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/binfmt-support.service
==> /var/lib/systemd/deb-systemd-helper-enabled/munin-node.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/munin-node.service
==> /var/lib/systemd/deb-systemd-helper-enabled/redis-server.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/redis-server.service
/etc/systemd/system/redis.service
==> /var/lib/systemd/deb-systemd-helper-enabled/acpid.socket.dsh-also <==
/etc/systemd/system/sockets.target.wants/acpid.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/mysqld.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/bind9-pkcs11.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/bind9-pkcs11.service
==> /var/lib/systemd/deb-systemd-helper-enabled/lvm2-lvmpolld.service.dsh-also <==
/etc/systemd/system/sysinit.target.wants/lvm2-lvmpolld.service
==> /var/lib/systemd/deb-systemd-helper-enabled/uuidd.socket.dsh-also <==
/etc/systemd/system/sockets.target.wants/uuidd.socket
==> /var/lib/systemd/deb-systemd-helper-enabled/sysinit.target.wants/lvm2-lvmpolld.socket <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sysinit.target.wants/lvm2-monitor.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sysinit.target.wants/lvm2-lvmetad.socket <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sysinit.target.wants/keyboard-setup.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/sysinit.target.wants/quota.service <==
==> /var/lib/systemd/deb-systemd-helper-enabled/fail2ban.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/fail2ban.service
==> /var/lib/systemd/deb-systemd-helper-enabled/snmpd.service.dsh-also <==
/etc/systemd/system/multi-user.target.wants/snmpd.service
-------------- next part --------------
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
/dev/mapper/mesh--vg-root / ext4 errors=remount-ro,discard 0 1
# /boot was on /dev/md0 during installation
/dev/md0 /boot ext2 defaults 0 2
# /boot/efi was on /dev/sda1 during installation
UUID=56A4-305A /boot/efi vfat umask=0077 0 1
/dev/mapper/mesh--vg-swap_1 none swap sw 0 0
/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/drbd/by-res/web /srv/drbd-web ext4 usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv1,errors=remount-ro,_netdev,discard 0 2
#/srv/drbd-web/home /home none bind,noauto,_netdev 0 0
#fs mpt type opts dump pass
/srv/drbd-web/etc/apache2 /etc/apache2 none bind,noauto,_netdev 0 0
More information about the Pkg-systemd-maintainers
mailing list