Hi! Am 27.10.18 um 10:20 schrieb intrigeri: > So on the LXC + AppArmor vs. systemd v240+ front, I think the next > steps are: > > 1. Try running current systemd master branch and its autopkgtests > inside a container managed by LXC 2.x on current testing/sid. > Goal: confirm the issues Michael discovered and have a baseline > to evaluate LXC 3.x against. > > 2. Try running current systemd master branch and its autopkgtests > inside a container managed by LXC 3.x on current testing/sid. > Report any issue so they're fixed before 3.x becomes stable > and is hopefully included in Buster.
In case you want to reproduce the failures, these are the rough steps I used on Debian sid 1/ Install lxc # apt install lxc 2/ Setup /etc/default/lxc-net: # cat /etc/default/lxc-net USE_LXC_BRIDGE="true" LXC_BRIDGE="lxcbr0" LXC_ADDR="10.0.3.1" LXC_NETMASK="255.255.255.0" LXC_NETWORK="10.0.3.0/24" LXC_DHCP_RANGE="10.0.3.2,10.0.3.254" LXC_DHCP_MAX="253" # cat /etc/lxc/default.conf lxc.network.type = veth lxc.network.link = lxcbr0 lxc.network.flags = up # systemctl restart lxc-net 3/ Install autopkgtest and create an LXC container for autopkgtest: # apt install autopkgtest # autopkgtest-build-lxc debian sid 4/ Clone the systemd trunk-ci scripts: $ git clone https://salsa.debian.org/systemd-team/trunk-ci.git 5/ Create a dsc $ ./make-dsc <this will create a systemd_$version+upstream$date-0.master.dsc> 6/ Build the package using dpkg-buildpackage, pbuilder, sbuild, your favourite tool. You want to specify the "noudeb" profile, to speed up the build and avoid building udebs. 7/ Run autopkgtest via LXC # autopkgtest -o logs *.dsc *.deb -- lxc -s autopkgtest-sid In case you want to run the LXC container with AA turned off, add the following to /var/lib/lxc/autopkgtest-sid/config lxc.aa_profile = unconfined There are currently two, known failures with AA turned off: - dnsmasq 2.80 introduced a regression in networkd-test.py - test-bpf failing With AA turned on, the list of failing tests is too long to list here. I've made two runs of current systemd git master with AA turned on and off. See https://people.debian.org/~biebl/lxc/log-confined.txt https://people.debian.org/~biebl/lxc/log-unconfined.txt Hope this helpful. Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
