Bug#921815: debootstrap umount "host" /proc when running in a Docker container

2020-06-06 Thread Kristian Klausen

control: tags -1 -moreinfo

Hi
Sorry for the late response. I wasn't subscribed to the bug (I assume?).

On 23.02.2020 14.01, Hideki Yamane wrote:

When running debootstrap inside a Docker container, debootstrap umount both 
/proc and $TARGET/proc.

  How do I check it?

  - run docker
  - get debootstrap 1.0.110 and install it
  - debootstrap sid sid
  - /proc is there inside docker as below


Did you use a privileged container? /proc can't be unmounted in a 
regular non-privileged container.


I just tried and "/proc" is unmounted:
$ docker run --privileged --rm -t -i debian:stretch-backports bash
$ apt-get update && apt-get install -y -t stretch-backports debootstrap
$ debootstrap stretch chroot
$ ls /proc # it is empty

I also tried the debootstrap version in sid:
$ docker run --privileged --rm -t -i debian:sid bash
$ apt-get update && apt-get install -y debootstrap
$ debootstrap sid chroot
$ ls /proc # it is empty

Also please see the MRs:
https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/26
https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/27
https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/30

I'm not sure which approach is the best, but Eicke did a short analysis:
https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/26#note_171042


root@b49ab8b7f3eb:~# ls /proc/
1  crypto   iomemkpageflagspartitions   sysrq-trigger
19486  devices  ioports  loadavg   pressure sysvipc
acpi   diskstatsirq  locks sched_debug  thread-self
asound dma  kallsyms meminfo   schedstattimer_list
buddyinfo  driver   kcoremisc  self tty
busexecdomains  key-usersmodules   slabinfo uptime
cgroupsfb   keys mountssoftirqs version
cmdlinefilesystems  kmsg mtrr  stat vmallocinfo
consoles   fs   kpagecgroup  net   swapsvmstat
cpuinfointerrupts   kpagecount   pagetypeinfo  sys  zoneinfo


---

- Kristian Klausen



Bug#921815: debootstrap umount "host" /proc when running in a Docker container

2020-02-23 Thread Hideki Yamane
control: tags -1 +moreinfo

Hi,

On Sat, 09 Feb 2019 05:01:32 +0100 "Kristian Klausen"  
wrote:
> Package: debootstrap
> Version: 1.0.110~bpo9+1

> When running debootstrap inside a Docker container, debootstrap umount both 
> /proc and $TARGET/proc.

 How do I check it?

 - run docker
 - get debootstrap 1.0.110 and install it
 - debootstrap sid sid
 - /proc is there inside docker as below

> root@b49ab8b7f3eb:~# ls /proc/
> 1  crypto   iomemkpageflagspartitions   sysrq-trigger
> 19486  devices  ioports  loadavg   pressure sysvipc
> acpi   diskstatsirq  locks sched_debug  thread-self
> asound dma  kallsyms meminfo   schedstattimer_list
> buddyinfo  driver   kcoremisc  self tty
> busexecdomains  key-usersmodules   slabinfo uptime
> cgroupsfb   keys mountssoftirqs version
> cmdlinefilesystems  kmsg mtrr  stat vmallocinfo
> consoles   fs   kpagecgroup  net   swapsvmstat
> cpuinfointerrupts   kpagecount   pagetypeinfo  sys  zoneinfo



-- 
Regards,

 Hideki Yamane henrich @ debian.org/iijmio-mail.jp



Bug#921815: debootstrap umount "host" /proc when running in a Docker container

2019-02-09 Thread Kristian Klausen

I have opened a MR: 
https://salsa.debian.org/installer-team/debootstrap/merge_requests/26


Bug#921815: debootstrap umount "host" /proc when running in a Docker container

2019-02-08 Thread Kristian Klausen

Package: debootstrap
Version: 1.0.110~bpo9+1

Hi

When running debootstrap inside a Docker container, debootstrap umount both 
/proc and $TARGET/proc.
This is due to a missing check at:
https://salsa.debian.org/installer-team/debootstrap/blob/67a3c1c5f7ef44a6596f75b787289b3392c50759/scripts/debian-common#L104
Due to the missing check debootstrap umount "$TARGET/proc", which is a symlink 
to /proc [1].

I will open a MR shortly.

[1] 
https://salsa.debian.org/installer-team/debootstrap/blob/67a3c1c5f7ef44a6596f75b787289b3392c50759/scripts/debian-common#L68

- Kristian Klausen