Bug 37384 - sysinfo/upload fails with specific hardware
sysinfo/upload fails with specific hardware
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Sysinfo
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 4.0-0-errata
Assigned To: Florian Best
Drees Dormann
https://bugzilla.redhat.com/show_bug....
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-12-17 18:59 CET by Florian Best
Modified: 2016-09-21 18:10 CEST (History)
3 users (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Error handling, External feedback, Security
Max CVSS v3 score:


Attachments
univention-system-info_5.1.0-3_all.deb (6.60 KB, application/vnd.debian.binary-package)
2014-12-18 11:47 CET, Florian Best
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2014-12-17 18:59:51 CET
We received this very nice feedback from a customer:

Beim Hochladen der nötigen Hardwareinformationen für
die Zertifizierung bekam ich folgende Fehlermeldung:

----8<----
Die Ausführung des Kommandos sysinfo/upload ist fehlgeschlagen:

Traceback (most recent call last):
  File
"/usr/lib/pymodules/python2.7/univention/management/console/modules/__init__.py",
line 176, in _decorated
    return function(self, request, *args, **kwargs)
  File
"/usr/lib/pymodules/python2.7/univention/management/console/modules/sysinfo/__init__.py",
line 151, in upload_archive
    fd = open(os.path.join(SYSINFO_PATH, request.options['archive']), 'r')
IOError: [Errno 2] Datei oder Verzeichnis nicht gefunden:
'/var/www/univention-management-console/system-info/# SMBIOS
implementations newer than version 2.7 are not'

----8<----


"""Zur Erstellung der Hardwarelogs habe ich mich an der UMC als
Administrator angemeldet und habe über System den Punkt
Hardwareinformationen ausgewählt.

Auf der nächsten Seite stehen dann folgende Informationen:

Hersteller: # SMBIOS implementations newer than version 2.7 are not#
fully supported by this version of dmidecode.Supermicro

Modell: # SMBIOS implementations newer than version 2.7 are not# fully
supported by this version of dmidecode.X10DRi

Ist hieran die neue CPU-Generation in Verbindung mit dem C610 Chipsatz
vielleicht Schuld?"""
Comment 1 Florian Best univentionstaff 2014-12-17 19:19:00 CET
Another thing which is not really good are the following lines:

150 »   »   SYSINFO_PATH = '/var/www/univention-management-console/system-info/'
151 »   »   fd = open(os.path.join(SYSINFO_PATH, request.options['archive']), 'r')

With the following command I am able to trigger that the /etc/shadow file is sent to forge. This is also information disclosure because users can now see which files exists in the file system:
umc-command -U Administrator -P univention sysinfo/upload -o archive=../../../../etc/shadow
Comment 3 Florian Best univentionstaff 2014-12-17 20:02:23 CET
The output of dmidecode contains newlines and the command therefore fails:

dmidecode -s system-uuid
# SMBIOS implementations newer than version 2.7 are not
# fully supported by this version of dmidecode
ProLiant BL460c Gen8
Comment 4 Florian Best univentionstaff 2014-12-17 20:04:34 CET
tagged to erratum as it prevents hardware certification
Comment 5 Florian Best univentionstaff 2014-12-18 11:47:36 CET
Created attachment 6555 [details]
univention-system-info_5.1.0-3_all.deb

patched package univention-system-info_5.1.0-3_all.deb.
@Alex: we want to provide this package to a partner/customer. Can you please have a look at it?

Diff:
diff --git a/ucs-4.0-0/management/univention-system-info/univention-system-info b/ucs-4.0-0/management/univention-system-info/univention-system-info
index 12f62ed..e804892 100644
--- a/ucs-4.0-0/management/univention-system-info/univention-system-info
+++ b/ucs-4.0-0/management/univention-system-info/univention-system-info
@@ -172,11 +172,11 @@ echo " Comment     : "$comment >> "$TEMPDIR/info"
 echo " Ticket No   : "$support >> "$TEMPDIR/info"
 
 # find unique ID for the computer
-uuid=$(dmidecode -s system-uuid)
+uuid=$(dmidecode -s system-uuid | tr -cd '[:alnum:]')
 if [ -z "$uuid" ]; then
        # fallback 1
        if [ -f /sys/hypervisor/uuid -a $(cat /sys/hypervisor/uuid) != "00000000-0000-0000-0000-000000000000" -a $(cat /sys/hypervisor/type) != "xen" ]; then
-               uuid=$(cat /sys/hypervisor/uuid)
+               uuid=$(cat /sys/hypervisor/uuid | tr -cd '[:alnum:]')
        else
                # fallback 2
                uuid=$(ip -o -f link addr show up | grep -v lo: | head -n 1 | sed 's|.*link/ether \([0-9a-f:]*\) .*|\1|;s|:|-|g' | md5sum)


I tested it by replacing /usr/sbin/dmidecode by the following script:
#!/bin/bash
echo '# SMBIOS implementations newer than version 2.7 are not'
echo '# fully supported by this version of dmidecode'
echo 'ProLiant BL460c Gen8'
Comment 6 Alexander Kläser univentionstaff 2014-12-18 12:54:00 CET
(In reply to Florian Best from comment #5)
> Created attachment 6555 [details]
> univention-system-info_5.1.0-3_all.deb
> 
> patched package univention-system-info_5.1.0-3_all.deb.
> @Alex: we want to provide this package to a partner/customer. Can you please
> have a look at it?

This package worked fine in my tests.

> Diff:
> diff --git
> a/ucs-4.0-0/management/univention-system-info/univention-system-info
> b/ucs-4.0-0/management/univention-system-info/univention-system-info
> index 12f62ed..e804892 100644
> --- a/ucs-4.0-0/management/univention-system-info/univention-system-info
> +++ b/ucs-4.0-0/management/univention-system-info/univention-system-info
> @@ -172,11 +172,11 @@ echo " Comment     : "$comment >> "$TEMPDIR/info"
>  echo " Ticket No   : "$support >> "$TEMPDIR/info"
>  
>  # find unique ID for the computer
> -uuid=$(dmidecode -s system-uuid)
> +uuid=$(dmidecode -s system-uuid | tr -cd '[:alnum:]')

→ tr will remove '-' from uuid, as well.

>  if [ -z "$uuid" ]; then
>         # fallback 1
>         if [ -f /sys/hypervisor/uuid -a $(cat /sys/hypervisor/uuid) !=
> "00000000-0000-0000-0000-000000000000" -a $(cat /sys/hypervisor/type) !=
> "xen" ]; then
> -               uuid=$(cat /sys/hypervisor/uuid)
> +               uuid=$(cat /sys/hypervisor/uuid | tr -cd '[:alnum:]')

→ ditto

>         else
>                 # fallback 2
>                 uuid=$(ip -o -f link addr show up | grep -v lo: | head -n 1
> | sed 's|.*link/ether \([0-9a-f:]*\) .*|\1|;s|:|-|g' | md5sum)

On my VM, uuid will be in the format "63fddd69912a99f73e391476622e5c64  -", i.e., with "  -" as suffix.
Comment 7 Florian Best univentionstaff 2014-12-18 13:46:38 CET
(In reply to Alexander Kläser from comment #6)
> → tr will remove '-' from uuid, as well.
yes, in the final patch it is not anymore stripped. Also the lines with '#' are stripped.

> >  if [ -z "$uuid" ]; then
> >         # fallback 1
> >         if [ -f /sys/hypervisor/uuid -a $(cat /sys/hypervisor/uuid) !=
> > "00000000-0000-0000-0000-000000000000" -a $(cat /sys/hypervisor/type) !=
> > "xen" ]; then
> > -               uuid=$(cat /sys/hypervisor/uuid)
> > +               uuid=$(cat /sys/hypervisor/uuid | tr -cd '[:alnum:]')
> 
> → ditto
Also fixed.

> >         else
> >                 # fallback 2
> >                 uuid=$(ip -o -f link addr show up | grep -v lo: | head -n 1
> > | sed 's|.*link/ether \([0-9a-f:]*\) .*|\1|;s|:|-|g' | md5sum)
> 
> On my VM, uuid will be in the format "63fddd69912a99f73e391476622e5c64  -",
> i.e., with "  -" as suffix.
Also stripped.

Fix: svn r56970
YAML: 2014-12-18-univention-system-info.yaml
Comment 8 Drees Dormann univentionstaff 2014-12-18 15:06:15 CET
no traceback anymore, upload is working
Values are displayed / stored correctly
archive name is set corectly

YAML ok
Comment 9 Janek Walkenhorst univentionstaff 2014-12-19 11:47:53 CET
http://errata.univention.de/ucs/4.0/11.html
Comment 10 Florian Best univentionstaff 2015-01-05 13:52:39 CET
Ticket #2015010321000185 is a real life example.