14.04: l'application de la mise à jour de sécurité du superviseur ne l'a pas démarrée

Selon le journal des changements, une mise à jour de sécurité a été publiée il y a quelques jours:

superviseur (3.0b2-1ubuntu0.1) trusty-security; urgence = moyenne

• SECURITY UPDATE: injection de code arbitraire via XML-RPC
  • debian/patches/CVE-2017-11610.patch: désactivation de la traversée d'objet dans la répartition XML-RPC dans supervisor/test/test_xmlrc.py, supervisor/xmlrcp.py.
  • CVE-2017-11610

- Leonidas S. Barbosa jeu., 17 mai 2018 15:59:12 -0300

Voici le paquet que j'ai installé:

$ dpkg -p supervisorO
Package: supervisor
Priority: extra
Section: admin
Installed-Size: 1485
Maintainer: Ubuntu Developers <[email protected]>
Architecture: all
Version: 3.0b2-1
Depends: python, python-meld3, python-pkg-resources (>= 0.6c7)
Size: 313972
Description: A system for controlling process state
 Supervisor is a system for controlling and maintaining process state,
 similar to what init does, but not intended as an init replacement.
 .
 It will manage individual processes or groups of processes that
 need to be started and stopped in order, and it is possible to
 control individual process state via an rpc mechanism, thus allowing
 ordinary users to restart processes.
Original-Maintainer: Qijiang Fan <[email protected]>
Homepage: http://supervisord.org/

Voici comment j'ai mis à jour et comment s'est déroulé le processus:

$ Sudo apt-get install supervisor
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
  supervisor
1 upgraded, 0 newly installed, 0 to remove and 33 not upgraded.
Need to get 244 kB of archives.
After this operation, 67.6 kB disk space will be freed.
Get:1 http://us.archive.ubuntu.com/ubuntu/ trusty-updates/universe supervisor all 3.0b2-1ubuntu0.1 [244 kB]
Fetched 244 kB in 0s (281 kB/s)
(Reading database ... 73862 files and directories currently installed.)
Preparing to unpack .../supervisor_3.0b2-1ubuntu0.1_all.deb ...
Stopping supervisor: supervisord.
Unpacking supervisor (3.0b2-1ubuntu0.1) over (3.0b2-1) ...
Processing triggers for ureadahead (0.100.0-16) ...
ureadahead will be reprofiled on next reboot
Setting up supervisor (3.0b2-1ubuntu0.1) ...
Starting supervisor: invoke-rc.d: initscript supervisor, action "start" failed.
dpkg: error processing package supervisor (--configure):
 subprocess installed post-installation script returned error exit status 1
E: Sub-process /usr/bin/dpkg returned an error code (1)

À ce stade, le service ne fonctionnait pas.

Le démarrage manuel a bien fonctionné: Sudo service supervisor start

J'ai trouvé ceci dans le dpkg.log:

2018-05-22 10:18:19 startup archives unpack
2018-05-22 10:18:19 upgrade supervisor:all 3.0b2-1 3.0b2-1ubuntu0.1
2018-05-22 10:18:19 status half-configured supervisor:all 3.0b2-1
2018-05-22 10:18:20 status unpacked supervisor:all 3.0b2-1
2018-05-22 10:18:20 status half-installed supervisor:all 3.0b2-1
2018-05-22 10:18:20 status triggers-pending ureadahead:AMD64 0.100.0-16
2018-05-22 10:18:20 status half-installed supervisor:all 3.0b2-1
2018-05-22 10:18:20 status half-installed supervisor:all 3.0b2-1
2018-05-22 10:18:20 status unpacked supervisor:all 3.0b2-1ubuntu0.1
2018-05-22 10:18:20 status unpacked supervisor:all 3.0b2-1ubuntu0.1
2018-05-22 10:18:20 trigproc ureadahead:AMD64 0.100.0-16 0.100.0-16
2018-05-22 10:18:20 status half-configured ureadahead:AMD64 0.100.0-16
2018-05-22 10:18:20 status installed ureadahead:AMD64 0.100.0-16
2018-05-22 10:18:20 startup packages configure
2018-05-22 10:18:20 configure supervisor:all 3.0b2-1ubuntu0.1 <none>
2018-05-22 10:18:20 status unpacked supervisor:all 3.0b2-1ubuntu0.1
2018-05-22 10:18:20 status unpacked supervisor:all 3.0b2-1ubuntu0.1
2018-05-22 10:18:20 status unpacked supervisor:all 3.0b2-1ubuntu0.1
2018-05-22 10:18:20 status unpacked supervisor:all 3.0b2-1ubuntu0.1
2018-05-22 10:18:20 status half-configured supervisor:all 3.0b2-1ubuntu0.1

J'ai aussi consulté les journaux du superviseur, mais je n'ai rien trouvé de concluant:

2018-05-22 10:18:19,944 WARN received SIGTERM indicating exit request
2018-05-22 10:18:19,947 INFO waiting for laravel-daemon-es-posts_00, laravel-daemon-es-comments_00, laravel-horizon_00 to die
2018-05-22 10:18:22,008 INFO stopped: laravel-horizon_00 (exit status 0)
2018-05-22 10:18:23,014 INFO waiting for laravel-daemon-es-posts_00, laravel-daemon-es-comments_00 to die
2018-05-22 10:18:23,066 INFO stopped: laravel-daemon-es-posts_00 (terminated by SIGKILL)
2018-05-22 10:18:23,066 INFO stopped: laravel-daemon-es-comments_00 (terminated by SIGKILL)

2018-05-22 10:18:39,745 CRIT Supervisor running as root (no user in config file)
2018-05-22 10:18:39,745 WARN Included extra file "/etc/supervisor/conf.d/laravel.conf" during parsing
2018-05-22 10:18:39,764 INFO RPC interface 'supervisor' initialized
2018-05-22 10:18:39,764 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2018-05-22 10:18:39,765 INFO daemonizing the supervisord process
2018-05-22 10:18:39,765 INFO supervisord started with pid 9923
2018-05-22 10:18:40,771 INFO spawned: 'laravel-daemon-es-posts_00' with pid 9933
2018-05-22 10:18:40,773 INFO spawned: 'laravel-daemon-es-comments_00' with pid 9934
2018-05-22 10:18:40,775 INFO spawned: 'laravel-horizon_00' with pid 9935
2018-05-22 10:18:44,523 INFO success: laravel-daemon-es-posts_00 entered RUNNING state, process has stayed up for > than 3 seconds (startsecs)
2018-05-22 10:18:44,523 INFO success: laravel-daemon-es-comments_00 entered RUNNING state, process has stayed up for > than 3 seconds (startsecs)
2018-05-22 10:18:44,523 INFO success: laravel-horizon_00 entered RUNNING state, process has stayed up for > than 3 seconds (startsecs)

J'ai fait un espace artificiel où j'ai fait une pause pour regarder la situation et ensuite commencé manuellement.

Ai-je fait quelque chose de mal? Habituellement, je ne fais que Sudo apt-get upgrade mais un collègue de travail m'a déjà parlé de ce problème, mais comme elle n'enregistrait pas les détails, j'ai utilisé une machine de test pour l'exécuter.

merci!