Description Samuel Mannehed 2018-08-13 15:19:26 CEST

A bug in version 4.16.0 of iproute causes our code to trigger a syntax error for ss followed by a 'usage'-text to be printed in our logs every time a user creates a new ThinLinc session. Fedora 28 has this version of iproute in it's stable repos.

> $ sudo tail -f vsmagent.log
>
>
> 2018-08-13 15:12:43 WARNING vsmagent: ss wrote to stderr: ss: bison
> bellows (while parsing filter): "syntax error!" Sorry. Usage: ss
> [ OPTIONS ] ss [ OPTIONS ] [ FILTER ]
>    -h, --help          this message
>    -V, --version       output version information
>    -n, --numeric       don't resolve service names
>    -r, --resolve       resolve host names
>    -a, --all           display all sockets
>    -l, --listening     display listening sockets
>    -o, --options       show timer information
>    -e, --extended      show detailed socket information
>    -m, --memory        show socket memory usage
>    -p, --processes     show process using socket
>    -i, --info          show internal TCP information
>    -s, --summary       show socket usage summary
>    -b, --bpf           show bpf filter socket information
>    -E, --events        continually display sockets as they are
> destroyed -Z, --context       display process SELinux security
> contexts -z, --contexts      display process and socket SELinux
> security contexts -N, --net           switch to the specified network
> namespace name
> 
>    -4, --ipv4          display only IP version 4 sockets
>    -6, --ipv6          display only IP version 6 sockets
>    -0, --packet        display PACKET sockets
>    -t, --tcp           display only TCP sockets
>    -S, --sctp          display only SCTP sockets
>    -u, --udp           display only UDP sockets
>    -d, --dccp          display only DCCP sockets
>    -w, --raw           display only RAW sockets
>    -x, --unix          display only Unix domain sockets
>        --vsock         display only vsock sockets
>    -f, --family=FAMILY display sockets of type FAMILY
>        FAMILY := {inet|inet6|link|unix|netlink|vsock|help}
> 
>    -K, --kill          forcibly close sockets, display what was closed
>    -H, --no-header     Suppress header line
> 
>    -A, --query=QUERY, --socket=QUERY
>        QUERY :=
> {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram}[,QUERY]
> 
>    -D, --diag=FILE     Dump raw information about TCP sockets to FILE
>    -F, --filter=FILE   read filter information from FILE
>        FILTER := [ state STATE-FILTER ] [ EXPRESSION ]
>        STATE-FILTER :=
> {all|connected|synchronized|bucket|big|TCP-STATES} TCP-STATES :=
> {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|closed|close-wait|last-ack|listening|closing}
> connected :=
> {established|syn-sent|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}
> synchronized :=
> {established|syn-recv|fin-wait-{1,2}|time-wait|close-wait|last-ack|closing}
> bucket := {syn-recv|time-wait} big :=
> {established|syn-sent|fin-wait-{1,2}|closed|close-wait|last-ack|listening|closing}



This seems to be the offending commit:

https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/misc/ssfilter.y?id=b2038cc0b2403e8c5126cfcf45f6ee48ac549ad0

I have reported the bug to the developers of the commit in iproute and to Fedora:

https://bugzilla.redhat.com/show_bug.cgi?id=1615373