Bug 12129 - boinc-client new security issue CVE-2013-2298
Summary: boinc-client new security issue CVE-2013-2298
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/578151/
Whiteboard: MGA3TOO MGA4-32-OK MGA4-64-OK MGA3-64...
Keywords: validated_update
Depends on:
Blocks: 9108 9109
  Show dependency treegraph
 
Reported: 2013-12-27 19:06 CET by David Walser
Modified: 2014-11-21 13:45 CET (History)
12 users (show)

See Also:
Source RPM: boinc-client-7.0.36-2.mga3.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2013-12-27 19:06:20 CET
Fedora has issued an advisory on December 21:
https://lists.fedoraproject.org/pipermail/package-announce/2013-December/125125.html

The RedHat bug links to an upstream patch:
https://bugzilla.redhat.com/show_bug.cgi?id=957771

There's also a format-string flaw, with an upstream patch linked here:
https://bugzilla.redhat.com/show_bug.cgi?id=957795

Reproducible: 

Steps to Reproduce:
David Walser 2013-12-27 19:06:42 CET

Blocks: (none) => 11726
Whiteboard: (none) => MGA3TOO

Damien Lallement 2013-12-28 01:03:02 CET

Status: NEW => ASSIGNED
Hardware: i586 => All

Comment 1 Morgan Leijström 2014-01-22 17:11:25 CET
1) berkley have released 7.2.33

2) please also test BOINC it works with CUDA. (Do not for me on mga3 with 7.0.65, nvidia proprietary driver and nvidia-current-cuda-opencl and nvidia-cuda-toolkit installed, and restarting boinc daemon.)

CC: (none) => fri

Comment 2 David Walser 2014-01-23 20:43:24 CET
Indeed, and Fedora fixed this by updating to 7.2.33.  It's a low severity issue, so fixing it is not urgent.  Whenever this package gets updated again in Cauldron, we should probably backport it to Mageia 3 and 4.  The current version as of today is 7.2.36:
http://boinc.berkeley.edu/trac/wiki/VersionHistory
Comment 3 David Walser 2014-01-26 23:22:20 CET
Removing this from the Mageia 4 security tracker, as this will not be fixed before release.

Blocks: 11726 => (none)
Whiteboard: MGA3TOO => MGA4TOO, MGA3TOO

Comment 4 Damien Lallement 2014-02-28 01:15:24 CET
boinc-client-7.2.39-1.mga5 in cauldron.
WIP for mga3/mga4.
David Walser 2014-02-28 01:19:54 CET

Version: Cauldron => 4
Whiteboard: MGA4TOO, MGA3TOO => MGA3TOO

Comment 5 Damien Lallement 2014-02-28 01:43:51 CET
boinc-client-7.2.39-1.mga4 in 4/core/updates_testing
boinc-client-7.2.39-1.mga3 in 3/core/updates_testing
Damien Lallement 2014-02-28 01:44:13 CET

Blocks: (none) => 9109

Damien Lallement 2014-02-28 01:44:26 CET

Blocks: (none) => 9108

Comment 6 David Walser 2014-02-28 01:55:46 CET
Thanks Damien!

For the advisory, could you write a brief description of the bugs fixed in Bug 9108 and Bug 9109?  For the security issues, we can use the descriptions in the RedHat bugs I linked in Comment 0.
Comment 7 David Walser 2014-03-01 15:53:40 CET
I guess I can try.

Advisory:
========================

Updated boinc-client packages fix security vulnerability:

Multiple stack overflow flaws were found in the way the XML parser of
boinc-client, a Berkeley Open Infrastructure for Network Computing (BOINC)
client for distributed computing, performed processing of certain XML files.
A rogue BOINC server could provide a specially-crafted XML file that, when
processed would lead to boinc-client executable crash (CVE-2013-2298).

Issues preventing the boinc-client service from working immediately after
installation have been fixed as well.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2298
https://lists.fedoraproject.org/pipermail/package-announce/2013-December/125125.html
https://bugs.mageia.org/show_bug.cgi?id=9108
https://bugs.mageia.org/show_bug.cgi?id=9109
https://bugs.mageia.org/show_bug.cgi?id=12129
========================

Updated packages in core/updates_testing:
========================
boinc-client-7.2.39-1.mga3
boinc-manager-7.2.39-1.mga3
boinc-client-devel-7.2.39-1.mga3
boinc-client-static-7.2.39-1.mga3
boinc-client-doc-7.2.39-1.mga3
boinc-client-7.2.39-1.mga4
boinc-manager-7.2.39-1.mga4
boinc-client-devel-7.2.39-1.mga4
boinc-client-static-7.2.39-1.mga4
boinc-client-doc-7.2.39-1.mga4

from SRPMS:
boinc-client-7.2.39-1.mga3.src.rpm
boinc-client-7.2.39-1.mga4.src.rpm

CC: (none) => elgrande71, mageia
Assignee: mageia => qa-bugs

Comment 8 Bill Wilkinson 2014-03-03 02:13:26 CET
attempting to do clean install under mga3-64 and an update under mga4-64.  After adding boinc-client service to startup and adding user to boinc group, boinc manager still does not connect to the client.  Most common error message is "client has stopped unexpectedly 3 times"

mga4-64 was working normally prior to update.

CC: (none) => wrw105
Whiteboard: MGA3TOO => MGA3TOO feedback

Comment 9 Morgan Leijström 2014-03-10 13:44:21 CET
@ Bill, where do you see the error messages?
- I see no error message in terminal nor any log.

@ All:

On mga3-64 I had 7.0.65-2 mga3 running nicely
 ( https://bugs.mageia.org/show_bug.cgi?id=9108#c16 )

And now updating (64 bits)
boinc-client-7.2.39-1.mga3
boinc-manager-7.2.39-1.mga3

result:

1) When started, the client seem to be continuing from where the former version left off, i see by it utilising the CPU.
However I had to go into mcc -> System -> Services to enable it to start at boot. (I could also mannually start it by the button there)


2) boinc manager fail connecting
On the previous version i used the computer name to connect. Now when i do that the only thing that happens is that boinc manager status at left bottom a half second say it is connecting, then "Disconnected".  Trying again, nothing at all happens. 
Starting boincmgr from terminal i do not see any specific problem, even when using --verbose

If i tell it to connect to this IP adress, it say connecting... seemingly forever.
If i tell it to connect to a nonexisting name, i get terminal output: getaddrinfo: Förbindelsen dog ut (timeout)
two lines per second and i have to issue ctrl-c for it to stop.

I also tried to remove the file
 ~/.BOINC Manager
but no change.

And i have checked i am still in the group "boinc".
Comment 10 Morgan Leijström 2014-03-10 13:48:10 CET
I wrote "status at left bottom"
- i meant down *right" in boinc manager window.
Comment 11 Bill Wilkinson 2014-03-10 14:56:51 CET
Morgan,

You've just described the problem in a nutshell. Without the manager being able to connect to the client, anyone using this package for a fresh install wouldn't be able to connect to any projects, making it useless....
Comment 12 Morgan Leijström 2014-03-11 12:48:56 CET
Bill, do you see the same problem on mga4 as on mga3?
Where do you see the error message?
Comment 13 Bill Wilkinson 2014-03-12 03:31:30 CET
I checked under mga3 and 4 64.  The disconnected message was in the lower right, as you saw.  I tried changing the connection including copying the password out of /var/lib/boinc/gui_rpc_auth.cfg.  I was still unable to connect with the BOINC manager.
Damien Lallement 2014-03-12 16:55:29 CET

Assignee: qa-bugs => mageia

Comment 14 Morgan Leijström 2014-03-12 18:56:10 CET
A test: also the former version of boincmgr fail to connect to the new client:

Keeping the boinc-client 7.2.39-1 running, I urpme boinc-manager, then install the formerly working manager from https://bugs.mageia.org/show_bug.cgi?id=9108#c9

# urpmi --allow-nodeps ./boinc-manager-7.0.65-2.mga3.x86_64.rpm
(--allow-nodeps because else it wants same version of the client)


When i now start boincmgr 7.0.65 in terminal it reports:
grep: /etc/init.d/boinc-client: Filen eller katalogen finns inte

(Filen eller katalogen finns inte = File or folder do not exist)

However i *guess* that as we now have another booting system i think that error is not a problem.

boincmgr 7.0.65 like the newer version can not connect.
I see no other error.
Comment 15 Morgan Leijström 2014-03-12 18:59:50 CET
Oh, BTW, about packaging: i think boinc-client and boinc-manager packages should *not* depend on each other as they may be installed on separate computers.
Comment 16 Morgan Leijström 2014-03-12 20:01:50 CET
I intended also to swap versions to see if newer manager can connect to elder client but i failed to convince urpmi about it...

BTW, now i see latest stable is 7.2.42 
https://boinc.berkeley.edu/download_all.php
Comment 17 Morgan Leijström 2014-05-08 11:12:55 CEST
ping...
Comment 18 Peter D 2014-05-18 08:17:50 CEST
Failed to connect with stuff from yesterday's testing.  

Could I suggest a meta-package for cuda aware graphics cards?  Or maybe test for graphics card type when installing boinc and suggest extra packages as appropriate.

CC: (none) => 0123peter

Comment 19 Morgan Leijström 2014-07-02 00:45:04 CEST
Fresh install of mga4.
Installed packages boinc-client and boinc-manager
Using MCC i set client to start at boot, and i can see it is a running process.
However boinc manager can not connect.
Also tested adding myself to boinc group.
Uninstalled them and installed 7.2.42-1.1.mga4.x86_64 versions and still the same.

Maybe i am missing some step.   How is it supposed to work?
Comment 20 Morgan Leijström 2014-07-02 03:20:42 CEST
I also installed boinc-client-static, but still manager can not connect to client.

( Please include some descriptive text on the boinc-client-static package to tell if/when it is needed ! )


Starting boinc manager in terminal i see this:
$ boincmgr
execvp(/home/morgan/boinc, --redirectio, --launched_by_manager) failed with error 2!
execvp(/home/morgan/boinc, --redirectio, --launched_by_manager) failed with error 2!

Missing folder or configurations?
I do not have a /home/morgan/boinc
When I run boincmgr it creates /home/morgan/client_state.xml containing info on my CPU
Comment 21 Doug Laidlaw 2014-08-14 02:41:20 CEST
Mine runs OK on Mga4 with the released packages.  With the one in Testing (rel 42)
boinc-client runs OK, but boinc-manager can't connect.  It reports 

"boinc-client has failed to start 3 times; do you want to keep trying" or words to that effect.  But I can see boinc-client in gkrellm, processing my current work unit.

Same result with earlier rel 39 from Cauldron.

Running in a terminal like Morgan, I see

execvp(/home/doug/storage/bashpodder/boinc, --redirectio, --launched_by_manager) failed with error 2!
execvp(/home/doug/storage/bashpodder/boinc, --redirectio, --launched_by_manager) failed with error 2!

I do have a directory /home/doug/storage/bashpodder, but no subdirectory boinc.  It seems as though the redirection is wrong.  Shouldn't it go to /usr/bin/boinc?

CC: (none) => laidlaws

Comment 22 Doug Laidlaw 2014-08-14 03:06:22 CEST
BTW, on my present system, boinc is a system user only.

I tried creating symlinks to /home/doug/storage/bashpodder.  These did away with the redirection errors, but didn't allow a connection to the client.
Comment 23 Doug Laidlaw 2014-08-17 11:19:07 CEST
Just tried again:

execvp(/var/spool/news/out.going/boinc, --redirectio, --launched_by_manager) failed with error 2!
execvp(/var/spool/news/out.going/boinc, --redirectio, --launched_by_manager) failed with error 2!

That wasn't where it looked last time, but it was the directory I started it from.

I then went to /var/lib/boinc and tried again.  It started OK, but still gave an error message:


execvp(/var/lib/boinc/boinc, --redirectio, --launched_by_manager) failed with error 2!
execvp(/var/lib/boinc/boinc, --redirectio, --launched_by_manager) failed with error 2!
Comment 24 Doug Laidlaw 2014-08-17 11:23:28 CEST
Just for completeness, I cd'd to /usr/bin and tried to start boincmgr from there.  The messages didn't come up (as I half expected,) but the manager couldn't connect to the client.
Comment 25 Doug Laidlaw 2014-10-30 15:28:50 CET
(In reply to Morgan Leijström from comment #20)
> I also installed boinc-client-static, but still manager can not connect to
> client.
> 
> ( Please include some descriptive text on the boinc-client-static package to
> tell if/when it is needed ! )
> 
> 
> Starting boinc manager in terminal i see this:
> $ boincmgr
> execvp(/home/morgan/boinc, --redirectio, --launched_by_manager) failed with
> error 2!
> execvp(/home/morgan/boinc, --redirectio, --launched_by_manager) failed with
> error 2!
> 
> Missing folder or configurations?
> I do not have a /home/morgan/boinc
> When I run boincmgr it creates /home/morgan/client_state.xml containing info
> on my CPU

I think that the redirection is where it fails.  It should redirect to /var/lib/boinc, but it doesn't. It stays in the directory it is launched from, and it dumps its client_state.xml there.  If I start it from /var/lib/boinc, I have no problem.
Comment 26 Chris Denice 2014-11-04 01:59:24 CET
Hi guys,
I am trying to make it works... Check out the version landing soon on cauldron.

The client should be started with:
systemctl start boinc-client

systemctl status boinc-client
should show that it runs.



As a user, please confirm that:
boincmgr -n localhost -d /var/lib/boinc

works fine! It does on my machine.

thanks,
cheers.

CC: (none) => dirteat

Comment 27 Doug Laidlaw 2014-11-04 02:11:41 CET
(In reply to Chris Denice from comment #26)
> 
> 
> As a user, please confirm that:
> boincmgr -n localhost -d /var/lib/boinc
> 
> works fine! It does on my machine.
> 
It does on mine too.  Running version 7.2.39 on Mageia 4.
Comment 28 Sander Lepik 2014-11-04 10:02:34 CET
(In reply to Chris Denice from comment #26)
> Hi guys,
> I am trying to make it works... Check out the version landing soon on
> cauldron.

I hope you are going to fix the security issues too. Else the policy will be the same, I will drop it from cauldron if it's not maintained on older releases.

CC: (none) => mageia

Comment 29 Chris Denice 2014-11-04 10:52:46 CET
Hi there,
As far as I see, this was fixed already for version 7.9.39 (see advisory) and the rest of this bug was just service and command line issues for actually starting/testing the client.

1) Can someone confirm the security issue is indeed solved with these new versions

2) Does the service boinc works fine on mga3/mga4? (if it does, the current core/update_testing version is enough. It it does not, I may need to update also these versions).

thanks!
Comment 30 Doug Laidlaw 2014-11-04 11:29:45 CET
I am not qualified to comment on the security issues.  I came here from Bug 9109 on the startup question.  The service has no problems otherwise, and seems to be well integrated with systemd.
Comment 31 Chris Denice 2014-11-04 11:42:46 CET
Ok, thanks. I think it is fixed since a (long) while:

version 7.2.39: Mon, 27 Jan 2014 19:23:48 +0000 (14:23 -0500)
http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commit;h=dc95e3f991f741025a712f116991beac1a50608d

patch committed there: Thu, 7 Mar 2013 10:28:42 +0000 (11:28 +0100)
http://boinc.berkeley.edu/gitweb/?p=boinc-v2.git;a=commit;h=2fea03824925cbcb976f4191f4d8321e41a4d95b

So now, since the service is working too, I am closing this bug. Feel free to reopen if I am wrong!

cheers,
chris.

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Comment 32 Sander Lepik 2014-11-04 11:58:55 CET
I'm reopening this as the bug is not validated and packages in updates_testing are not pushed into updates as they didn't pass testing, see comment #8

Status: RESOLVED => REOPENED
Resolution: FIXED => (none)

Comment 33 Chris Denice 2014-11-04 13:21:51 CET
oops, yes sorry!
Comment 34 Morgan Leijström 2014-11-04 22:40:48 CET
I am crunching again!  (on cauldron, and Intel i7 workstation)  THANK YOU !   :)

A couple notes:

1) When starting boinc-manager using the launch menu icon
( which equals $ boincmgr )
it shows up but fail to connect to localhost if i tell it to.
However i have forgotten how i did that before... ?

2) When I start it as you suggest using $ boincmgr -n localhost -d /var/lib/boinc
i get in terminal the two identical rows below, but it works nicely :)
execvp(/home/morgan/boinc, --redirectio, --launched_by_manager) failed with error 2!
execvp(/home/morgan/boinc, --redirectio, --launched_by_manager) failed with error 2!
Comment 35 Chris Denice 2014-11-04 23:23:11 CET
Thanks for the report. I'll fix the .desktop file too such that it starts boincmgr with the correct options from the launch menu.
Comment 36 Morgan Leijström 2014-11-05 01:17:13 CET
I was thinking we should check it also can work with GPU
Have anyone got it working?

I never had it work but maybe did not hit my head at the brick wall hard enough...

for me BOINC say it can not find a useable GPU

drakhardware recognise my card as Nvidia GK104 [GeForce GTX 760],
using module: âCard:NVIDIA GeForce 400 series and later

__Using driver:
nvidia-current-kernel-3.17.2-desktop-3.mga5 340.46-12.mga5.nonfree
 - nvidia-current driver for kernel-desktop-3.17.2-3.mga5â

__Installed packages with "cuda" in its name:
nvidia-cuda-toolkit 6.5.14-3.mga5.nonfree
 - NVIDIA CUDA runtime libraries
nvidia-current-cuda-opencl 340.46-2.mga5.nonfree
 - CUDA and OpenCL libraries for NVIDIA proprietary driverâ
Comment 37 Chris Denice 2014-11-05 01:30:31 CET
Two things seem to be not functional for me:
1) idle detection (boinc never detects no activity)
2) GPU seems to be ignored
But please, open other bug reports for this as this has nothing to do with the security issue addressed here :)
Comment 38 Morgan Leijström 2014-11-05 10:54:02 CET
1) For BOINC to use GPU, I entered bug 14462

2) I have verified that it do not suspend upon other CPU activity.
In my test I told fsarchiver to make a compressed backup of my home to another drive, using all 8 cores, and the result is it use about half total CPU power, and the rest is used by BOINC.  Still the system do not appear sluggish.  I have the default trig level of 25% CPU in BOINC setting.
Open a bug for it and I will chime in.
Comment 39 Chris Denice 2014-11-06 17:06:25 CET
As far as I see, the core update/testing repos for MGA3 and MGA4 is no longer up-to-date with the above advisory.

I have tested for MGA4; and the package available in update testing is 7.2.42-1.1.mga4
In my case the installation fails with scriplet errors. May someone confirm it?

For MGA3, I cannot test. May someone test it as well and report?

thanks.
Comment 40 Doug Laidlaw 2014-11-07 06:32:33 CET
I am running 7.2.39 on Mga4.  I will enable updates_testing and report back.

Mga3 is reaching EOL this month.  Can you leave it?
Comment 41 Doug Laidlaw 2014-11-07 07:48:58 CET
I have just downloaded and installed Release 7.2.42 on Mga4.  No scriptlet problems visible in the rpmdrake GUI.  It runs, but the manager still has the startup issue.  

I have put your command from Comment 26 in a launcher.  It works OK.
Comment 42 Morgan Leijström 2014-11-08 22:31:21 CET
If I have boinc manager open and restart computer, upon login it is restored but not connected, and fail to connect too.  (KDE) 

I have to exit boinc manager, and launch it again.
Comment 43 Doug Laidlaw 2014-11-09 01:36:03 CET
I think that mine has always been like that, or rather:

boinc-client starts running, once I go to System: Services and enable it.

boinc-manager has to be started as user boinc.  I add myself to group boinc.  That is sufficient.

The startup bug means that boinc-manager has to be started from /usr/lib/boinc. Chris's command does that.

I don't have boinc-manager starting on login, but when I did, it could never connect, as you found.  That was before release 39.  Probably, it was started by user doug.doug.
Comment 44 Morgan Leijström 2014-11-09 07:20:25 CET
I am a member of the boinc group.

I remeber that on mga3 it also got restored unconnected, but i could tell it what computer to connect and it did.
Comment 45 Chris Denice 2014-11-09 22:02:09 CET
I have submitted a new version for mga4; please test it:

0) clean (or save) your old config and remove any boinc already installed
a) urpme -a boinc
b) delete the /var/lib/boinc directory (or save it as it will destroy all of your previous configuration)
c) install the new packages

1) check the service starts properly with
systemctl start boinc-client
systemctl status boinc-client

2) check the boincmgr can connect:
Either on a terminal with: boincmgr -n localhost -d /var/lib/boinc
or using the icon launched (I fixed the .desktop file)

3) check that if you restart your computer the service runs fine:
systemctl status boinc-client

let me know,
cheers,
chris.

-------

Advisory:
========================

Updated boinc-client packages fix security vulnerability:

Multiple stack overflow flaws were found in the way the XML parser of
boinc-client, a Berkeley Open Infrastructure for Network Computing (BOINC)
client for distributed computing, performed processing of certain XML files.
A rogue BOINC server could provide a specially-crafted XML file that, when
processed would lead to boinc-client executable crash (CVE-2013-2298).

Issues preventing the boinc-client service from working immediately after
installation have been fixed as well.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2298
https://lists.fedoraproject.org/pipermail/package-announce/2013-December/125125.html
https://bugs.mageia.org/show_bug.cgi?id=9108
https://bugs.mageia.org/show_bug.cgi?id=9109
https://bugs.mageia.org/show_bug.cgi?id=12129
========================

Updated packages in core/updates_testing:
========================
boinc-client-7.2.42-1.2.mga4
boinc-client-debuginfo-7.2.42-1.2.mga4
boinc-client-devel-7.2.42-1.2.mga4
boinc-client-static-7.2.42-1.2.mga4
boinc-manager-7.2.42-1.2.mga4
boinc-client-doc-7.2.42-1.2.mga4


from SRPMS:
boinc-client-7.2.42-1.2.mga4.src.rpm
Comment 46 David Walser 2014-11-09 22:18:09 CET
Chris, please package this for Mageia 3 too.
Comment 47 Doug Laidlaw 2014-11-10 00:25:55 CET
(In reply to Chris Denice from comment #45)
> I have submitted a new version for mga4; please test it:GOOD AS GOLD
> 
> 0) clean (or save) your old config and remove any boinc already installed
> a) urpme -a boinc
> b) delete the /var/lib/boinc directory (or save it as it will destroy all of
> your previous configuration)
> c) install the new packages
>
Stopped boinc-client with service manager
Moved /var/lib/boinc to boincold
urpme -a boinc
> 
Installed the new release
Moved the new /var/lib/boinc aside
Put the old /var/lib/boinc back
>
> 1) check the service starts properly with
> systemctl start boinc-client                     YES
> systemctl status boinc-client                    YES
> 
> 2) check the boincmgr can connect:
> Either on a terminal with: boincmgr -n localhost -d /var/lib/boinc
  Started from a terminal O.K.
> or using the icon launched (I fixed the .desktop file)
> 
Could use the launcher from before.
The old KDE menu item still doesn't work.
> 3) check that if you restart your computer the service runs fine:
> systemctl status boinc-client     YES!
> 
> let me know,
> cheers,
> chris.
> 
> -------
> 
> Advisory:
> ========================
> 
> Updated boinc-client packages fix security vulnerability:
> 
> Multiple stack overflow flaws were found in the way the XML parser of
> boinc-client, a Berkeley Open Infrastructure for Network Computing (BOINC)
> client for distributed computing, performed processing of certain XML files.
> A rogue BOINC server could provide a specially-crafted XML file that, when
> processed would lead to boinc-client executable crash (CVE-2013-2298).
> 
> Issues preventing the boinc-client service from working immediately after
> installation have been fixed as well.
> 
> References:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2298
> https://lists.fedoraproject.org/pipermail/package-announce/2013-December/
> 125125.html
> https://bugs.mageia.org/show_bug.cgi?id=9108
> https://bugs.mageia.org/show_bug.cgi?id=9109
> https://bugs.mageia.org/show_bug.cgi?id=12129
> ========================
> 
> Updated packages in core/updates_testing:
> ========================
> boinc-client-7.2.42-1.2.mga4
> boinc-client-debuginfo-7.2.42-1.2.mga4
> boinc-client-devel-7.2.42-1.2.mga4
> boinc-client-static-7.2.42-1.2.mga4
> boinc-manager-7.2.42-1.2.mga4
> boinc-client-doc-7.2.42-1.2.mga4
> 
> 
> from SRPMS:
> boinc-client-7.2.42-1.2.mga4.src.rpm
Comment 48 Doug Laidlaw 2014-11-10 02:39:42 CET
Just tried the menu item again.  It works now, given time to update.
Comment 49 David Walser 2014-11-10 12:35:47 CET
I see the Mageia 3 build failed because it didn't build the man pages.  It was looking for the command docbook2x-man, which is in the docbook2x package and for some reason it's called db2x_docbook2man in the Mageia 3 version.  I guess you'll have to patch it to use that (or maybe there's a variable you can set for the name).
Comment 50 Chris Denice 2014-11-10 13:35:54 CET
thanks David, I'll try to fix that asap!
Comment 51 Chris Denice 2014-11-10 14:15:58 CET
Done; please check out the above advisory (comment 45) which also applies for mga3 with the following packages:

Updated packages in core/updates_testing:
========================
boinc-client-7.2.42-1.2.mga3
boinc-client-debuginfo-7.2.42-1.2.mga3
boinc-client-devel-7.2.42-1.2.mga3
boinc-client-static-7.2.42-1.2.mga3
boinc-manager-7.2.42-1.2.mga3
boinc-client-doc-7.2.42-1.2.mga3


from SRPMS:
boinc-client-7.2.42-1.2.mga3.src.rpm
Comment 52 David Walser 2014-11-10 14:27:24 CET
Back to QA.  See Comment 45 and Comment 51.  Thanks Chris!

Assignee: mageia => qa-bugs
Whiteboard: MGA3TOO feedback => MGA3TOO

Comment 53 Herman Viaene 2014-11-17 11:07:30 CET
No joy.
Installed on a separate test partition (never head boinc before)
As root at CLI:
systemctl status boinc-client
boinc-client.service - Berkeley Open Infrastructure Network Computing Client
   Loaded: loaded (/usr/lib/systemd/system/boinc-client.service; enabled)
   Active: active (running) since Mon 2014-11-17 10:32:48 CET; 9min ago
  Process: 15322 ExecStopPost=/bin/rm -f /var/lib/boinc/lockfile (code=exited, status=0/SUCCESS)
 Main PID: 15507 (boinc)
   CGroup: /system.slice/boinc-client.service
           ââ15507 /bin/bash /usr/bin/boinc --dir /var/lib/boinc
           ââ15508 /usr/bin/boinc_client --allow_multiple_clients --dir /var/lib/boinc

Nov 17 10:32:48 mach5.hviaene.thuis systemd[1]: Started Berkeley Open Infrastructure Network Computin...nt.
Nov 17 10:34:25 mach5.hviaene.thuis systemd[1]: Started Berkeley Open Infrastructure Network Computin...nt.
Hint: Some lines were ellipsized, use -l to show in full.

As normal user (member of boinc group):
boincmgr -n localhost -d /var/lib/boinc/
Gtk-Message: Failed to load module "canberra-gtk-module"
execvp(/home/tester/boinc, --redirectio, --launched_by_manager) failed with error 2!
execvp(/home/tester/boinc, --redirectio, --launched_by_manager) failed with error 2!
execvp(/home/tester/boinc, --redirectio, --launched_by_manager) failed with error 2!
The first two execvp lines appear at the start, the third one wehn trying to add a project.
All menus open, but very little else happens .

CC: (none) => herman.viaene

Comment 54 Chris Denice 2014-11-17 11:20:10 CET
Have you actually logged out / logged in after having added yourself to the boinc group?

(just tested again on mga5 beta1, and it works fine for me).

cheers,
chris.
Comment 55 Herman Viaene 2014-11-17 11:38:26 CET
(In reply to Chris Denice from comment #54)
> Have you actually logged out / logged in after having added yourself to the
> boinc group?
> 
> (just tested again on mga5 beta1, and it works fine for me).
> 
> cheers,
> chris.

I thought I did, but made sure this time (rebooted) and now boincmgr tries to open up a project. I have an account on SETI, but that one is down right now (checked it site), so I'll try again later.
Comment 56 Doug Laidlaw 2014-11-17 12:03:25 CET
(In reply to Chris Denice from comment #54)
> Have you actually logged out / logged in after having added yourself to the
> boinc group?
> 
> (just tested again on mga5 beta1, and it works fine for me).
> 
> cheers,
> chris.

That is needed to mame the system see your addition to the group.  SETI reported they are running out of work units.  I have several projects, all running OK.

I have it on Mga 4.1.  went to MCC -> Services, and started the client there, the first time.  "On Boot" was already checked.

I was still seeing two lines of:

execvp(/home/tester/boinc, --redirectio, --launched_by_manager) failed with error 2!

but they didn't stop the client from starting.  BOINC now starts on bootup, and I can start the manager from the main menu.
Comment 57 David Walser 2014-11-18 03:00:46 CET
What is the status of this update?  Is it OK now?  It's not clear to me.  Mageia 3 EOL is Wednesday, so if we can get this tested and OK'd in time we can release it.  Otherwise the Mageia 3 update will be cancelled and we'll have to continue to work on it for Mageia 4.
Comment 58 Doug Laidlaw 2014-11-18 03:40:25 CET
IMO, it is OK.  Everything works as it should.  The two lines about unable to change are invisible in GUI use, and don't affect.

Chris has altered the .desktop file so that the manager is started from /var/lib/boinc, to get around the startup error.  It could be called a workaround, but it is effective.

The security issue seems to have been fixed: Comment 45.
Comment 59 David Walser 2014-11-18 04:02:31 CET
Thanks Doug.  Which Mageia versions and architectures have you and Herman tested?
Comment 60 Doug Laidlaw 2014-11-18 04:14:52 CET
I have tested 32-bit Official only.  I can test Beta1 64-bit

Herman is a regular on the newsgroup, but doesn't give his system.
Comment 61 David Walser 2014-11-18 04:18:04 CET
For QA testing, we just need Mageia 3 and Mageia 4.  I'll add the OK marker for your Mageia 4 i586 test.

Whiteboard: MGA3TOO => MGA3TOO MGA4-32-OK

Comment 62 Herman Viaene 2014-11-18 11:42:55 CET
Sorry, it's Mageia 4 64-bit.
And Seti is still down. But AFAICS this is not a reason to keep the bug open.
Comment 63 David Walser 2014-11-18 13:49:15 CET
If someone could test Mageia 3, that would be great.  Thanks.

Whiteboard: MGA3TOO MGA4-32-OK => MGA3TOO MGA4-32-OK MGA4-64-OK

Comment 64 olivier charles 2014-11-18 14:01:02 CET
I can test it later on today on Mageia3-64 if nobody has done it before.

CC: (none) => olchal

Comment 65 olivier charles 2014-11-18 18:41:16 CET
Testing on Mageia3-64 real HW following comment 45 and 51 :

- boinc-client-7.2.42-1.2.mga3.i586
- boinc-client-debuginfo-7.2.42-1.2.mga3.x86_64
- boinc-client-devel-7.2.42-1.2.mga3.x86_64
- boinc-client-doc-7.2.42-1.2.mga3.noarch
- boinc-manager-7.2.42-1.2.mga3.x86_64

# systemctl enable boinc-client
# systemctl start boinc-client
# systemctl status boinc-client
boinc-client.service - Berkeley Open Infrastructure Network Computing Client
          Loaded: loaded (/usr/lib/systemd/system/boinc-client.service; enabled)
          Active: active (running) since Tue, 2014-11-18 18:21:54 CET; 4s ago
        Main PID: 12625 (boinc)
          CGroup: name=systemd:/system/boinc-client.service
                  â 12625 /bin/bash /usr/bin/boinc --dir /var/lib/boinc
                  â 12628 /usr/bin/boinc_client --allow_multiple_clients --dir /var/lib/boinc_client

Added myuser to boinc group
Rebooted

Could start boinc manager from command line or from the menu icon.
Could select and subscribe to project LHC@home.
Could stop and restart boinc-client service.

Everything ok

Whiteboard: MGA3TOO MGA4-32-OK MGA4-64-OK => MGA3TOO MGA4-32-OK MGA4-64-OK MGA3-64-OK

Comment 66 David Walser 2014-11-19 13:52:08 CET
Sufficiently tested to validate.

Could someone please upload the advisory?

Sysadmins, once the advisory is uploaded, please push to core/updates_testing.  Thanks.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 67 Rémi Verschelde 2014-11-19 14:02:42 CET
Advisory uploaded.

CC: (none) => remi
Whiteboard: MGA3TOO MGA4-32-OK MGA4-64-OK MGA3-64-OK => MGA3TOO MGA4-32-OK MGA4-64-OK MGA3-64-OK advisory

Comment 68 Mageia Robot 2014-11-21 13:45:18 CET
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2014-0460.html

Status: REOPENED => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.