runsisi's

technical notes

abrt-server Package 'ceph-common' isn't signed with proper key

2019-01-12 runsisi#debug

abrtd: automated bug reporting tool daemon on Linux.

故障现象

/var/log/messages 日志中可能存在如下的错误打印:

Nov 5 19:25:41 a22770808_00 devmgrd: terminate called after throwing an instance of 'ceph::buffer::end_of_buffer'
Nov 5 19:25:41 a22770808_00 devmgrd: what(): buffer::end_of_buffer
Nov 5 19:25:41 a22770808_00 abrt-server: Package 'ceph-common' isn't signed with proper key
Nov 5 19:25:41 a22770808_00 abrt-server: 'post-create' on '/var/spool/abrt/ccpp-2018-11-05-19:25:41-11737' exited with 1
Nov 5 19:25:41 a22770808_00 abrt-server: Deleting problem directory '/var/spool/abrt/ccpp-2018-11-05-19:25:41-11737'

故障分析

在 RHEL/CentOS 上 abrtd 是默认的 coredump 处理程序:

~# cat /proc/sys/kernel/core_pattern
|/usr/libexec/abrt-hook-ccpp %s %c %p %u %g %t e %P %I

如果一个程序是通过一个未签名的 rpm 包安装的,默认情况下它生成的 core dump 文件会被 abrtd 删除,可以通过修改如下的配置文件 改变这种默认行为:

~# vi /etc/abrt/abrt-action-save-package-data.conf
OpenGPGCheck = no

解决方案

既然已经搞清楚 abrtd 的行为,接下来就是解决 gpg key 的问题,即只需要导入该 rpm 包签名的 gpg 公钥即可,可以参考 rpm gpg 签名。 当然根本的还是要解决程序 coredump 问题。

参考资料

abrtd: Package isn’t signed with proper key

https://support.asperasoft.com/hc/en-us/articles/216127128-abrtd-Package-isn-t-signed-with-proper-key