os-release!

Asked Sep 21 '23 at 11:19

Active Sep 21 '23 at 11:29

Viewed 83 times

Server: Ubuntu 20.04.5 LTS

I was going to generate an SSL certificate as usual with certbot but suddenly it started to give a weird error:

An unexpected error occurred: UnicodeDecodeError: 'utf-8' codec can't decode byte 0x99 in position 0: invalid start byte Please see the logfile '/tmp/tmpmd32ty55/log' for more details.

I debugged the sources of certbot but couldn't find what was going wrong. Clearly there was a file read by certbot that had some garbage in it preventing being parsed.

Then I found the problem was with this file:

/usr/lib/os-release

I opened it with vi and got a binary file. The output of

sourcecode@sourcecode:~$ file /usr/lib/os-release

is:

/usr/lib/os-release: PGP/GPG key public ring (v4) created Mon Jan 19 15:40:57 2015 RSA (Encrypt or Sign) 8192 bits MPI=0xbfd289769695aada...

I don't know this file but I guess it should be a text file, so I checked another server of mine and its /usr/lib/os-release is a text file as I thought.

Do you think my server has been hacked?

edited Sep 21 '23 at 11:29

asked Sep 21 '23 at 11:19

Darko Romanov

1

Well, if you had provided information about what distribution and version you are using someone could check if that file is valid or not ... – Gerald Schneider Sep 21 '23 at 11:28
added to post, thanks (Ubuntu 20.04.5 LTS) – Darko Romanov Sep 21 '23 at 11:29
1

See if it matches ~/.gnupg/pubring.gpg Most likely it was overwritten by some accident or bad script. – stark Sep 21 '23 at 14:28

Server hacked? Binary /usr/lib/os-release!

0 Answers0