I have tried to login in my.pulsesecure.net but i can't do the on boarding. I'm not a customer, i'm only a developer trying to connect to the vpn of a client.
Where could i download the client?, there's another place to find that link?.
In effect the latest version, 9.0R3(923), doesn't solve this bug.
I successfully upgraded to the b923 and can confirm that I am still not able to get in. I ran the install_dependency_packages and everything is up to date. I tried from 18.10 and 18.04.2 both with the same result.
- from console -
20190305100003.774882 pulsesvc[p14273.t14273] pulseui.error Failed to read return cookie from host checker process (pulseUi.cpp:1017)
20190305100003.774915 pulsesvc[p14273.t14273] pulseui.error initiatePreAuthHostCheck() failed, isPostAuth: 0 (pulseUi.cpp:1124)
20190305100003.781326 pulsesvc[p14273.t14273] pulseui.info Successfully Launched host checker process (pulseUi.cpp:995)
Segmentation fault (core dumped)
- lsb-release -
- from syslog -
pulsesvc: segfault at 7f00646b6360 ip 00007f1890839f37 sp 00007ffca01946d8 error 4 in libc-2.28.so[7f18906d8000+171000]
Code: f9 20 77 1f c5 fd 74 0f c5 fd d7 c1 85 c0 0f 85 df 00 00 00 48 83 c7 20 83 e1 1f 48 83 e7 e0 eb 36 66 90 83 e1 1f 48 83 e7 e0 <c5> fd 74 0f c5 fd d7 c1 d3 f8 85 c0 74 1b f3 0f bc c0
...a bit more info. I recently upgraded a server from 16.04 to 18.04... That machine can still connect and it's on 18.04.02 now.
Is it possible Cannoniacal depricated a package that pulse secure needs?
The problem with pulse secure and ubuntu is related with the kernel version, not with ubuntu version itself.
Have you tried to run your ubuntu with the kernel 4.15 instead the latest 4.18 kernel?.
As long as the pulse secure dev team don't solve the problem with the latest kernel the only option that we have is running the ubuntu with an old kernel.
News about when fix this bug?, I could not connect from Ubuntu 18.10. I'm not "happy" after more than four (4) months not exists one fix.
I can confirm that. My upgraded server retained the 4.15 kernel and is running 18.04. It can connect. My desktop (18.10 and 4.18) and my freshly installed laptop (18.04 and 4.18) both cannot connect to pulse.
I would try to downgrade my kernel but I'm not sure how. I did a bit of Googling and a lot of the posts are for much older versions of the OS. I've run into problems before trying things recommended for previous versions.
Ubuntu 18.04.2 desktop edition here, using 4.18 linsux kernel (yes, I've noticed that 18.04.2 server editions seem to run 4.15. No clue why there is a difference) and 9.0R2-819:
[email protected]:~$ uname -a
Linux macbookpro 4.18.0-15-generic #16~18.04.1-Ubuntu SMP Thu Feb 7 14:06:04 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
My Pulse Secure client doesn't work. I noticed that it was crapping out reading the process table at the behest of my VPN concentrator implementing the Host Checks. (In my case looking for the presence of an AV process). Sure enough the process table on my 4.18 box versus a 4.15 box does slightly differ in the names of the early kworker process titles. It was using libc 2.28's fnmatch to match process names, but I'm not quite clear on why it was crashing.
Anyway, I discovered that you can insulate it from whatever the moody input is using the linsux namespace system calls, which were a bit of a dark art to me, but useful all the same.
Here's what works for me:
# Start a shell as running as my username, but isolate the process table
# and mount points. You need to do the latter because /proc gives the
# game away otherwise - you need a fresh one.
[email protected]:~$ sudo unshare -f -m -p --mount-proc sudo -s -u adamc
# Examine process and be surprised at result. Eek, no other pids:
[email protected]:~$ ps auxww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 72720 4164 pts/1 S 20:58 0:00 sudo -s -u adamc
adamc 2 0.1 0.0 29568 4540 pts/1 S 20:58 0:00 /bin/bash
adamc 10 0.0 0.0 44480 3352 pts/1 R+ 20:58 0:00 ps auxww
# Start up any processes that Host Checker looks for (link to /bin/cat - cough!)
[email protected]:~$ /usr/local/bin/cylancesvc &
# Start up the Pulse GUI and login as usual.
[email protected]:~$ /usr/local/pulse/pulseUi &
This pattern seems to work reliably for me. Though it's not perfect. If I disconnect uncleanly (say by just killing the GUI and not disconnecting), the isolated VPN client seems to leave something system-wide that prevents subsequent connections.
Perhaps it helps some struggling with this?
Couple of comments that my previous post wasn't a very clear solution, which I concede. Here's a clarification. If you're struggling to get Pulse Secure 9.0R1/2, working on Ubuntu 18.04.2 or 18.10 and it seems to crash while logging in, one of the known problems seems to involve the host checker reading and interpretting the OS process table.
Confirm if the problem is indeed that by looking at the pulsesvc.log file:
[email protected]:~$ grep -i cookie ~/.pulse_secure/pulse/pulsesvc.log 20190225102052.533212 pulsesvc[p7584.t7584] pulseui.error Failed to read return cookie from host checker process (pulseUi.cpp:1003)
If you get this output, it's likely you have this problem. You can temporarily relieve the situation by starting up Pulse in a slightly more contained environment where it can't see other processes. Doing so, of course, frustrates the host checker, so then you might need to fake things slightly. In my case, I need to run the Cylance AV checker:
You can do it like this:
1/ Make a fake process for the Host Checker to find:
[email protected]:~$ sudo ln -s /bin/cat /usr/local/bin/cylancesvc
2/ Modify your .desktop file so it looks like this (replacing USERNAME with your own):
#!/usr/bin/env xdg-open [Desktop Entry] Version=1.0 Type=Application Exec=sudo unshare -f -m -p --mount-proc sudo -u USERNAME sh -c '/usr/local/pulse/pulseUi | /usr/local/bin/cylancesvc' Terminal=true Name=Pulse Secure Comment=Pulse Secure VPN client Icon=/usr/local/pulse/html/images/Pulse-Secure128x128.png
The desktop file Exec directive uses the Linux unshare command to start up a new process in a contained environment. The options provided isolate the process table (what you see with ps) and the mount points. You need to kill the mount points because /proc will show the original situation, which seems to be the cause of the Pulse secure crash on login. The --mount-proc option creates a fresh /proc environment based on the new restricted process environment.
Then you use sudo to run, as yourself, a pipeline containing the Pulse GUI connected to the fake Host Check process. This is just a simple way to start two processes, where one of them is a dummy to be found by the other. (You should obviously continue to run the main app required by Host Checker as normal and stipulated by your IT folks).
For this to work, sudo to execute things without a password challenge, which you may or may not be happy with. Your /etc/sudoers file would look like this:
%sudo ALL=(ALL:ALL) NOPASSWD: ALL
I haven't really diagnosed nor understood quite why Pulse Secure crashes when reading the process table, and I can't spot many differences between, say, a vanilla 18.04 process table and an 18.04.2 setup. As some have suggested the kernel has changed, as has the runtime C library, so it may be a problem there somewhere. But this workaround might give struggling users somewhere to go, and it might also give the Pulse Secure developers a couple of pointers on where the problem lies so that they can correct this in the long-term.