Update of fprintd and libfprint. There are two main tests:
sudo dnf upgrade --advisory=FEDORA-2020-f997de7d0e
This update has been submitted for testing by benzea.
This update's test gating status has been changed to 'failed'.
This update's test gating status has been changed to 'waiting'.
This update has been pushed to testing.
Outch, looks like we have a regression in the dbus rules: https://gitlab.freedesktop.org/libfprint/fprintd/-/issues/92
This update has been unpushed.
benzea edited this update.
Karma has been reset.
This update's test gating status has been changed to 'passed'.
I know this is unpushed now (or in process), to me this breaks my system, su/sudo segfaults, or other kinds of logins which load pam_fprintd.so.
It's segfaulting in libc ( ...__strlen_avx2... ), but I was able to use gdb to get some info and pinpoint it to pam_fprintd.so and this update.
To revert this I booted with rd.break remounted /sysroot (if I remember correctly, that's where rootfs is mounted) as rw and moved /lib64/security/pam_fprintd.so
The fix is already committed upstream.
The easiest workaround will probably be to just mask the systemd fprintd service. It only happens on machines without a fingerprint reader.
I'll post an update tomorrow.
Ah, a good trick to work around it is to log in via SSH. Because then you are remote and pam_fprintd will disable itself early and the crash should not happen.
Also I have found a #1905667 too late I guess ;-)
It break sudo/su as well. I had to "delete" in rescue mode.
OK, another update now. This should fix the problems.
Erf, this package clearly needs to be in critpath since it can break login and su :( Not being in critpath is why openQA didn't test it; it would have caught the bug immediately.
I'll add it to critpath in comps and whitelist it for openQA testing, since critpath generation from comps is still broken AFAIK :/
Sounds like a plan.
As it happens, the crash we ran into here was one of the few corner cases that was not covered in the automated tests (i.e. no fingerprint device available). :-/
The upstream tests have been improved a lot recently and now also include the buggy corner case that we hit here. Those tests are run during package build. I don't have the PAM tests duplicated in the gating currently though (anything testing libfprint interactions is more interesting there).
https://pagure.io/fedora-comps/pull-request/561 adds fprintd to critpath in comps.
Tested on two VMs and it worked fine with the new builds.
This update's test gating status has been changed to 'ignored'.
Tested now on my bare metal installation and it worked fine.
Bare metal install on Acer Aspire V3-571 v: V2.11 CPU: Quad Core Intel Core i7-3632QM GPU: Intel 3rd Gen Core processor Graphics Controller Desktop: KDE Plasma 5.20.4 Kernel: 5.9.13-200.fc33.x86_64
OK, restarted the process again for an fprintd update.
This is pretty minor in comparison to the other ones though. i.e. pam_fprintd would not allow fingerprint authentication when fprintd was just started. It would work if you tried again within 5 seconds (the timeout in which fprintd does an idle-shutdown).
works for me
This update can be pushed to stable now if the maintainer wishes
no issues now
This update has been submitted for stable by bodhi.
This update has been pushed to stable.
Please login to add feedback.
Confirm request to re-trigger tests.
Copyright © 2007-2019 Red Hat, Inc. and
bodhi is Free Software.
if you have any problems. Read the documentation.