Odd Linux errors and their causes

1. Can't write to /etc/shadow


  $ sudo passwd -e example_user  passwd: failure while writing changes to /etc/shadow      $ sudo fuser -v /etc/shadow  [ no output ]      $ sudo ls -l /etc/shadow+  -rw-r-----+ 1 root shadow 1556 Mar 29 17:45 /etc/shadow+    

Given that /etc/shadow+ has been successfully created with the diffs of the change, it's evident that /etc is mounted read-write so it's not a filesystem problem.

Nothing appears to be locking the /etc/shadow file.


The root cause in my case were long-running jobs started using su. By some mechanism I haven't yet determined, su causes a stealthy lock on /etc/shadow that defeats all password operations whilst it is active.


Close active su sessions and retry.

2.apt-cacher-ng strange name resolution failure


After adding Ubuntu PPA specifications to client machines, apt-cacher-ng fails with a name resolution error:

  Error resolving ppa.launchpad.net: 503 DNS error for hostname ppa.launchpad.net: Name or service not known. If debrep refers to a configured cache repository, please check the corresponding configuration file.  

However visiting the PPA URL in a browser works successfully.


ppa.launchpad.net is not IPv6-enabled and there does not have an AAAA RR in DNS. apt-cacher-ng was choking on this.


Bypass apt-cacher-ng for PPA URLs by adding this line to the 02Proxy file in /etc/apt/apt.conf.d/ on the client machines, after the proxy specification:

  Acquire::HTTP::Proxy::ppa.launchpad.net "DIRECT";  

3. Audio IO fails in KDE applications


Audio playback and capture fails with a variety of ambiguous error messages:

- vlc reports 'Unable to connect to Pulse Audio, permission denied' - Phonon reports 'Too many open files' - All audio devices disappear in KDE System Settings


An IPC conflict between firejail and the behemoth Pulse Audio:



Edit /etc/pulse/default.pa appending:

  load-module module-native-protocol-unix  


  load-module module-native-protocol-unix srbchannel=no  

4. Periodic stuttering in NFS-streamed video playack with 4.4 kernels


Periodic stutter in video playback when streaming from a LAN NFS share, usually occuring every 20 seconds or thereabouts. Evident with iwl4965 driver.


RTS hand-shaking disabled by the default wireless configuration.


Re-enable with:

  iw phy0 set rts 500  

and check enabled with:

  iw phy phy0 info | grep -i rts  

5. Silent davical failures after upgrading to Ubuntu 16.04


davical ceases to provide calendar data in response to PROPFIND requests from clients, returning only a 500 status. Debugging by instrumenting /etc/davical/{conf}.php provides no further elucidation, but instrumenting /usr/share/davical/CalDAVRequest.php shows execution aborting at this line:

  $xml_parser = xml_parser_create_ns('UTF-8');  


Running php -a at the command line and executing the above line results in:

  PHP Warning:  Uncaught Error: Call to undefined function  xml_parser_create_ns  


Ubuntu 16.04 does not have a dependency link between the davical package and the provider of the required function, php7.0-xml. Resolve with:

  sudo apt-get install php7.0-xml  

This also repairs the dotclear blogging package.

6. Firefox 60 fails to render when run under Firejail


Firefox 60 shows only a blank page when attempting to load any web page, even about:config


Firefox 60 on Linux uses some syscalls to create a container in which the rendering executes. Firejail prevents these privileged calls from being executed.


Change the seccomp denial entry in /etc/firejail/firefox.profile from:


to the list of denied capabilities:

  seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice  

7. /tmp/ cleared upon boot


/tmp/ is cleared of personal files on boot, without prompting


systemd thinks that it is being helpful and nukes the /tmp/ directory on startup


As root edit /usr/lib/tmpfiles.d/tmp.conf and comment-out the line:

  D /tmp/ 1777 root root -  

However this file will be reverted to defaults each time that systemd is updated. To prevent that make it immutable with chattr -i