[Pkg-xen-devel] Bug#702046: Bug#702046: xen-utils-4.0: PyGrub VM Boot fails after xen-utils 4.0.1-5.6 -> 4.0.1-5.7 Update

Ian Campbell ijc at hellion.org.uk
Sat Mar 2 09:41:47 UTC 2013 

Adding security folks to cc.
On Sat, 2013-03-02 at 08:46 +0100, Sebastian Melchior wrote:
> Package: xen-utils-4.0
> Version: 4.0.1-5.7
> Severity: important
> 
> After Upgrading to xen-utils 4.0.1-5.7 my pygrub Xen VMs won't boot. Running pygrub manually shows:
> 
> /usr/lib/xen-default/bin/pygrub --args=root="/dev/xvda ro" --output=/tmp/foo  /dev/vg0/vm-disk
> Using <class 'grub.GrubConf.Grub2ConfigFile'> to parse /boot/grub/grub.cfg
> WARNING:root:Unknown directive load_video
> WARNING:root:Unknown directive terminal_output
> WARNING:root:Unknown directive source
> Traceback (most recent call last):
>   File "/usr/lib/xen-default/bin/pygrub", line 705, in <module>
>     output_directory, not_really)
> NameError: name 'output_directory' is not defined
> 
> After replacing the new pygrub file with the one from the previous package everything works as expected.
> 
> I looked in the upstream source and this suggests that there should be a:
>     output_directory = "/var/run/xend/boot"
>     not_really = False
> somewhere around L646
> If i insert that, it also works as expected.

The fix for CVE-2012-4544 relies on two previous fixes which were not
backported:
21734:b2a89e9e4630 tools/pygrub: --not-really option for debugging
21796:acd99661ba05 pygrub: introduce easier to parse output format

However I think rather than backporting them the find which Sebastian
has identified, i.e. adding those two definitions, is the more minimal
but just as correct fix.

I've attached a debdiff of what I believe the fix is going to be.
However I'm travelling at the moment and on a slight dodgy Internet link
so testing is taking a little longer than normal. I'll try and report
back ASAP.

Sorry for not properly testing this aspect of the backport in the first
place.

Ian.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xen.debdiff
Type: text/x-patch
Size: 2206 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20130302/925d733e/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachments/20130302/925d733e/attachment.pgp>

More information about the Pkg-xen-devel mailing list