Bug#858149: systemd-nspawn: ephemeral flag ignored with raw images
Am 02.05.2017 um 14:29 schrieb Antoine Musso: > On 28/04/17 22:18, Michael Biebl wrote: >> Well, not release critical, but something we might fix indeed. >> >> Antoine, have to tested the commit >> 0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 applied on top of v232 to fix >> the issue you have? > > Hello, > > No I haven't tested it and I have not tried to cherry pick patches on > v232. Looks like there are more commits related, the pull request on > github having all of: > > $ git log --oneline 1a1b13c95..c5c755e1b > c5c755e1b Merge pull request #4693 from poettering/nspawn-ephemeral > acbbf69b7 nspawn: don't require chown() if userns is not on > 17cbb288f nspawn: add fallback top normal copy/reflink when we cannot > btrfs snapshot > c67b00827 nspawn: remove temporary root directory on exit > 6a0f896b9 nspawn: try to wait for the container PID 1 to exit, before we > exit > b6e953f24 nspawn: add ability to run nspawn without container locks applied > 546dbec53 shared: make sure image_path_lock() return parameters are > always initialized on success > 0f3be6ca4 nspawn: support ephemeral boots from images I've just cherry-picked 0f3be6ca4 for now. We are in deep freeze for stretch, so I want to avoid more invasive changes (this needs to be acked by the release team, still) There will most likely be a backport of newer versions at some point for stretch, though. So you can get it from there if you need any of the changes listed above besides 0f3be6ca4. Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#858149: systemd-nspawn: ephemeral flag ignored with raw images
On 28/04/17 22:18, Michael Biebl wrote: Well, not release critical, but something we might fix indeed. Antoine, have to tested the commit 0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 applied on top of v232 to fix the issue you have? Hello, No I haven't tested it and I have not tried to cherry pick patches on v232. Looks like there are more commits related, the pull request on github having all of: $ git log --oneline 1a1b13c95..c5c755e1b c5c755e1b Merge pull request #4693 from poettering/nspawn-ephemeral acbbf69b7 nspawn: don't require chown() if userns is not on 17cbb288f nspawn: add fallback top normal copy/reflink when we cannot btrfs snapshot c67b00827 nspawn: remove temporary root directory on exit 6a0f896b9 nspawn: try to wait for the container PID 1 to exit, before we exit b6e953f24 nspawn: add ability to run nspawn without container locks applied 546dbec53 shared: make sure image_path_lock() return parameters are always initialized on success 0f3be6ca4 nspawn: support ephemeral boots from images -- Antoine Musso
Bug#858149: systemd-nspawn: ephemeral flag ignored with raw images
On Sat, 18 Mar 2017 23:16:35 +0100 Antoine Mussowrote: > Package: systemd-container > Version: 230-7~bpo8+2 > Severity: important > > Dear Maintainer, > > Short version > = > > Assuming one has an image /var/lib/machines/jessie.raw and spawn it > with: systemd-nspawn --ephemeral -m jessie > The jessie.raw ends up being modified. > > Fix released with systemd 233 that should be backported: > https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 > > Longer version > == > > systemd-nspawn has a [-x|--ephemeral] option which is supposed to > snapshot the image and boot a container out of it. Once the container is > terminated, the snapshot is dismissed entirely. > > The ephemeral option is ignored entirely when using a raw image, for > example via --machine which can load either a fs tree if the name match > a directory or a raw image if the base name match. > > The upstream issue has a detailled reproducible case: > https://github.com/systemd/systemd/issues/4664 > > Original thread: > https://lists.freedesktop.org/archives/systemd-devel/2016-November/037699.html > > The fix is commit 0f3be6ca4 > https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 > > It seems straightforward to backport to jessie-backports and for > stretch. Non ephemeral ephemeral containers sounds like a release > critical bug to me. Well, not release critical, but something we might fix indeed. Antoine, have to tested the commit 0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 applied on top of v232 to fix the issue you have? Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#858149: systemd-nspawn: ephemeral flag ignored with raw images
Package: systemd-container Version: 230-7~bpo8+2 Severity: important Dear Maintainer, Short version = Assuming one has an image /var/lib/machines/jessie.raw and spawn it with: systemd-nspawn --ephemeral -m jessie The jessie.raw ends up being modified. Fix released with systemd 233 that should be backported: https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 Longer version == systemd-nspawn has a [-x|--ephemeral] option which is supposed to snapshot the image and boot a container out of it. Once the container is terminated, the snapshot is dismissed entirely. The ephemeral option is ignored entirely when using a raw image, for example via --machine which can load either a fs tree if the name match a directory or a raw image if the base name match. The upstream issue has a detailled reproducible case: https://github.com/systemd/systemd/issues/4664 Original thread: https://lists.freedesktop.org/archives/systemd-devel/2016-November/037699.html The fix is commit 0f3be6ca4 https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 It seems straightforward to backport to jessie-backports and for stretch. Non ephemeral ephemeral containers sounds like a release critical bug to me. Note: upstream issue also state that junk files are left behind in host /tmp there are a couple more commits to address that: https://github.com/poettering/systemd/commit/64e604111a8466764f36ae8ac83d5d0c0addc024 https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 -- System Information: Debian Release: 8.7 APT prefers stable APT policy: (500, 'stable'), (99, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-0.bpo.2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd-container depends on: ii libacl1 2.2.52-2 ii libblkid12.25.2-6 ii libbz2-1.0 1.0.6-7+b3 ii libc62.19-18+deb8u7 ii libcurl3-gnutls 7.38.0-4+deb8u5 ii libgcrypt20 1.6.3-2+deb8u2 ii liblzma5 5.1.1alpha+20120614-2+b3 ii libseccomp2 2.1.1-1 ii libselinux1 2.3-2 ii systemd 230-7~bpo8+2 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages systemd-container recommends: ii btrfs-tools3.17-1.1 ii libnss-mymachines 230-7~bpo8+2 systemd-container suggests no packages. -- no debconf information