FS#66147 - [dnscrypt-proxy] killed by SIGSYS when rotating logs
Attached to Project:
Community Packages
Opened by Steven Noonan (neunon) - Monday, 06 April 2020, 15:03 GMT
Last edited by David Runge (dvzrv) - Monday, 06 April 2020, 22:22 GMT
Opened by Steven Noonan (neunon) - Monday, 06 April 2020, 15:03 GMT
Last edited by David Runge (dvzrv) - Monday, 06 April 2020, 22:22 GMT
|
Details
When nx or query logs are enabled, dnscrypt-proxy will
periodically rotate the log files. It tries to do chown on
the new log file, and that causes the system call filter to
be displeased with it because chown/fchownat aren't
permitted by the systemd service definition.
I built a debug build of dnscrypt-proxy and got a backtrace via "coredumpctl gdb": (gdb) bt #0 syscall.Syscall6 () at /usr/lib/go/src/syscall/asm_linux_amd64.s:50 #1 0x0000562109e50e99 in syscall.Fchownat (dirfd=-100, path=..., uid=62582, gid=62582, flags=0, err=...) at /usr/lib/go/src/syscall/zsyscall_linux_amd64.go:372 #2 0x0000562109e72b01 in syscall.Chown (path=..., uid=62582, gid=62582, err=...) at /usr/lib/go/src/syscall/syscall_linux.go:31 #3 os.Chown (name=..., uid=62582, gid=62582, ~r3=...) at /usr/lib/go/src/os/file_posix.go:59 #4 0x000056210a1cbd66 in gopkg.in/natefinch/lumberjack%2ev2.chown (name=..., info=..., ~r2=...) at /home/steven/go/pkg/mod/gopkg.in/natefinch/lumberjack.v2@v2.0.0/chown_linux.go:18 #5 0x000056210a1cc7e1 in gopkg.in/natefinch/lumberjack%2ev2.(*Logger).openNew (l=0xc00028b2c0, ~r0=...) at /home/steven/go/pkg/mod/gopkg.in/natefinch/lumberjack.v2@v2.0.0/lumberjack.go:227 #6 0x000056210a1cc44e in gopkg.in/natefinch/lumberjack%2ev2.(*Logger).rotate (l=0xc00028b2c0, ~r0=...) at /home/steven/go/pkg/mod/gopkg.in/natefinch/lumberjack.v2@v2.0.0/lumberjack.go:199 #7 0x000056210a1cc04e in gopkg.in/natefinch/lumberjack%2ev2.(*Logger).Write (l=0xc00028b2c0, p=..., n=0, err=...) at /home/steven/go/pkg/mod/gopkg.in/natefinch/lumberjack.v2@v2.0.0/lumberjack.go:153 #8 0x000056210a21c5a2 in main.(*PluginQueryLog).Eval (plugin=0xc0001bb860, pluginsState=0xc0005e95e0, msg=0xc00060e990, ~r2=...) at /home/steven/dnscrypt-proxy/src/dnscrypt-proxy-2.0.42/dnscrypt-proxy/plugin_query_log.go:104 #9 0x000056210a220d34 in main.(*PluginsState).ApplyLoggingPlugins (pluginsState=0xc0005e95e0, pluginsGlobals=0xc00010a2e0, ~r1=...) at /home/steven/dnscrypt-proxy/src/dnscrypt-proxy-2.0.42/dnscrypt-proxy/plugins.go:348 #10 0x000056210a22579b in main.(*Proxy).processIncomingQuery (proxy=0xc00010a000, clientProto=..., serverProto=..., query=..., clientAddr=0xc000ab3500, clientPc=..., start=..., response=...) at /home/steven/dnscrypt-proxy/src/dnscrypt-proxy-2.0.42/dnscrypt-proxy/proxy.go:633 #11 0x000056210a23572c in main.(*Proxy).udpListener.func1 (proxy=0xc00010a000, packet=..., &clientAddr=0xc000ab3500, clientPc=0xc0001aa0d0) at /home/steven/dnscrypt-proxy/src/dnscrypt-proxy-2.0.42/dnscrypt-proxy/proxy.go:273 #12 0x0000562109e03b11 in runtime.goexit () at /usr/lib/go/src/runtime/asm_amd64.s:1373 #13 0x000000c00010a000 in ?? () #14 0x000000c0007f8000 in ?? () #15 0x0000000000000024 in ?? () #16 0x0000000000000fff in ?? () #17 0x000000c000ab3500 in ?? () #18 0x000000c0001aa0d0 in ?? () #19 0x0000000000000000 in ?? () (gdb) p path $2 = 0xc0001b6fc3 "/var/log/dnscrypt-proxy/query.log" One solution appears to be to add SystemCallFilter=@chown to the [Service] block. |
This task depends upon
Closed by David Runge (dvzrv)
Monday, 06 April 2020, 22:22 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed with dnscrypt-proxy 2.0.42-2
Monday, 06 April 2020, 22:22 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed with dnscrypt-proxy 2.0.42-2
I've not used the application with actual log files (always syslog/journal).
I'll add the SystemCallFilter in an upcoming pkgrel bump.
Thanks for fixing it!