GNU bug report logs - #47576
[security] ibus-daemon launches ungrafted subprocesses

Previous Next

Package: guix;

Reported by: Mark H Weaver <mhw <at> netris.org>

Date: Sat, 3 Apr 2021 04:46:01 UTC

Severity: normal

Tags: security

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Mark H Weaver <mhw <at> netris.org>
To: bug-guix <at> gnu.org
Subject: [security] ibus-daemon launches ungrafted subprocesses
Date: Sat, 03 Apr 2021 00:44:02 -0400

Several processes on my Guix system load shared libraries from the
*ungrafted* glib: specifically, all of the subprocesses of
'ibus-daemon'.

The 'ibus-daemon' process itself seems to be properly grafted.  However,
its subprocesses are from an old, ungrafted build of 'ibus':

--8<---------------cut here---------------start------------->8---
mhw <at> jojen ~$ pstree -up 796
.ibus-daemon-re(796,mhw)─┬─.ibus-dconf-rea(803)─┬─{.ibus-dconf-rea}(806)
                         │                      └─{.ibus-dconf-rea}(807)
                         ├─.ibus-engine-si(892)─┬─{.ibus-engine-si}(917)
                         │                      └─{.ibus-engine-si}(918)
                         ├─.ibus-extension(804)─┬─{.ibus-extension}(810)
                         │                      ├─{.ibus-extension}(811)
                         │                      └─{.ibus-extension}(819)
                         ├─{.ibus-daemon-re}(797)
                         └─{.ibus-daemon-re}(798)
mhw <at> jojen ~$ ps -fq 796,803,892,804
UID        PID  PPID  C STIME TTY          TIME CMD
mhw        796   698  0 00:10 tty8     00:00:00 /gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22/bin/ibus-daemon --panel disable -r --xim
mhw        803   796  0 00:10 tty8     00:00:00 /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-dconf
mhw        892   796  0 00:10 tty8     00:00:00 /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-engine-simple
mhw        804   796  2 00:10 tty8     00:00:01 /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-extension-gtk3
--8<---------------cut here---------------end--------------->8---

(The same issue occurs for the 'ibus-daemon' that's owned by 'gdm').

/gnu/store/radg…-ibus-1.5.22 seems to be the properly grafted 'ibus',
replacing the ungrafted /gnu/store/wnqv…-ibus-1.5.22 which I last built
on February 2nd: (I don't use substitutes)

--8<---------------cut here---------------start------------->8---
mhw <at> jojen ~$ bzcat $(guix build --log-file /gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22)
grafting '/gnu/store/wnqv8rj3ngjivl6334d1h8irszf39dm9-ibus-1.5.22' -> '/gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22'...
mhw <at> jojen ~$ ls -l $(guix build --log-file /gnu/store/wnqv8rj3ngjivl6334d1h8irszf39dm9-ibus-1.5.22)
-rw-r--r-- 1 root root 24923 Feb  2 10:35 /var/log/guix/drvs/hx/qpdblmghj7pvg0ni2l38p0a1s4igbd-ibus-1.5.22.drv.bz2
--8<---------------cut here---------------end--------------->8---

The reference scanner does not see any references to any other 'ibus',
from either my system, my user profile, or the grafted 'ibus':

--8<---------------cut here---------------start------------->8---
mhw <at> jojen ~$ guix gc -R $(readlink -f /run/current-system) | grep -e -ibus-
/gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22
mhw <at> jojen ~$ guix gc -R $(readlink -f ~/.guix-profile) | grep -e -ibus-
mhw <at> jojen ~$ guix gc -R /gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22 | grep -e -ibus-
/gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22
--8<---------------cut here---------------end--------------->8---

Interestingly, the subprocesses are *not* from the ungrafted 'ibus' that
I last built on February 2nd.  Instead, they are from a much older
ungrafted 'ibus', which I last built on December 20th of last year:

--8<---------------cut here---------------start------------->8---
mhw <at> jojen ~$ ls -l $(guix build --log-file /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22)
-rw-r--r-- 1 root root 24981 Dec 20 20:33 /var/log/guix/drvs/sn/k6581cpk6n8q3dvsarqmqimhx0n2i2-ibus-1.5.22.drv.bz2
--8<---------------cut here---------------end--------------->8---

I'm at a bit of a loss of where this much older, ungrafted 'ibus' is
coming from.  Running "guix build ibus", with and without grafts, give
the other two 'ibus' store items:

--8<---------------cut here---------------start------------->8---
mhw <at> jojen ~$ guix build ibus --no-grafts
/gnu/store/wnqv8rj3ngjivl6334d1h8irszf39dm9-ibus-1.5.22
mhw <at> jojen ~$ guix build ibus
/gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22
--8<---------------cut here---------------end--------------->8---

Is there another variant of the 'ibus' package hiding somewhere?
Where is "/gnu/store/a4r6…-ibus-1.5.22" coming from?

I don't know that I'll have the energy to investigate this further
anytime soon, so I'm hoping that someone else will pick this up.

* * *

FYI, I discovered this while doing sanity checks on my new preliminary
grafting implementation (which supports rewriting UTF-16/32 store
references).  Looking for references to the old 'glib' was the *first*
thing I checked.  I haven't yet checked anything else, so I don't know
how widespread this problem is.

       Mark
This bug report was last modified 4 years and 54 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.