[Group.of.nepali.translators] [Bug 1881588] Re: pre-seeding lxd on Core appliances breaks console-conf user creation
cat /var/lib/snapd/state.json | jq .data.auth.users ^ this would be interesting to see as my understanding is that this being "null" means managed is false whereas if it shows something, then managed is true ** Changed in: snapd Status: New => Invalid -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1881588 Title: pre-seeding lxd on Core appliances breaks console-conf user creation Status in snapd: Invalid Status in subiquity: In Progress Status in subiquity package in Ubuntu: Invalid Status in subiquity source package in Xenial: Confirmed Status in subiquity source package in Bionic: Confirmed Bug description: when seeding appliance images with lxd, user creation gets impossible. console-conf skips the user creation, system-user assertions do not work either because there is already a user exisiting in the image. the tty screen shows instructions to log in with "lxd@" ... since the lxd user is a special case hack in Ubuntu Core images, "snap create-user ..." should probably learn to ignore its existence ... To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/1881588/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1881588] Re: pre-seeding lxd on Core appliances breaks console-conf user creation
Let's re-open the snapd side of this then. ** Changed in: snapd Status: Invalid => New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1881588 Title: pre-seeding lxd on Core appliances breaks console-conf user creation Status in snapd: New Status in subiquity: In Progress Status in subiquity package in Ubuntu: Invalid Status in subiquity source package in Xenial: Confirmed Status in subiquity source package in Bionic: Confirmed Bug description: when seeding appliance images with lxd, user creation gets impossible. console-conf skips the user creation, system-user assertions do not work either because there is already a user exisiting in the image. the tty screen shows instructions to log in with "lxd@" ... since the lxd user is a special case hack in Ubuntu Core images, "snap create-user ..." should probably learn to ignore its existence ... To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/1881588/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1734410] Re: systemd: handle undelegated cgroup2 hierarchy
There is no /sys/fs/cgroup/unified on xenial, closing. ** Changed in: systemd (Ubuntu Xenial) Status: Incomplete => Invalid -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1734410 Title: systemd: handle undelegated cgroup2 hierarchy Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Xenial: Invalid Status in systemd source package in Zesty: Won't Fix Status in systemd source package in Artful: Fix Released Status in systemd source package in Bionic: Fix Released Bug description: [Impact] * When a container is presented with a unified cgroup hierarchy, which is not properly delegated, systemd should not attempt (and fail) to use. This improves compatibility of xenial containers running on unified cgroup hierarchy hosts. [Test Case] * Xenial containers should boot, with non-writable unified cgroup hierarchy hosts. [Regression Potential] * unified cgroup hierarchy is not in use by default on xenial hosts, thus this is forward compatibility improvment with e.g. bionic hosts running xenial containers. [Other Info] * Original bug report Hey everyone, Current systemd versions all fail when the unified cgroup hierarchy is not-writable. This is especially problematic in containers where the systemd administrator might decide to not delegate the unified hierarchy or when running with a liblxc driver that doesn't yet know how to handle the unified cgroup hierarchy. I've pushed patches to systemd upstream that let systemd ingnore the non-delegated unified hierarchy. The relevant commits are: e07aefbd675b651f8d45b5fb458f2747b04d6e04 2d56b80a1855836abf1d7458394c345ad9d55382 1ff654e28b7b8e7d0a0be33522a84069ac6b07c0 These patches will be in 236 but should be backported from xenial upwards. Christian To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1734410/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1645037] Re: apparmor_parser hangs indefinitely when called by multiple threads
** No longer affects: apparmor (Ubuntu) ** No longer affects: linux (Ubuntu Xenial) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1645037 Title: apparmor_parser hangs indefinitely when called by multiple threads Status in linux package in Ubuntu: Fix Released Status in linux source package in Yakkety: Won't Fix Status in linux source package in Zesty: Fix Released Bug description: This bug surfaced when starting ~50 LXC container with LXD in parallel multiple times: # Create the containers for c in c foo{1..50}; do lxc launch images:ubuntu/xenial $c; done # Exectute this loop multiple times until you observe errors. for c in c foo{1..50}; do lxc restart $c & done After this you can ps aux | grep apparmor and you should see output similar to: root 19774 0.0 0.0 12524 1116 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19775 0.0 0.0 12524 1208 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19776 0.0 0.0 13592 3224 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19778 0.0 0.0 13592 3384 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19780 0.0 0.0 12524 1208 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19782 0.0 0.0 12524 1208 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19783 0.0 0.0 13592 3388 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19784 0.0 0.0 13592 3252 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19794 0.0 0.0 12524 1208 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 root 19795 0.0 0.0 13592 3256 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 apparmor_parser remains stuck even after all LXC/LXD commands have exited. dmesg output yields lines like: [41902.815174] audit: type=1400 audit(1480191089.678:43): apparmor="STATUS" operation="profile_load" profile="unconfined" name ="lxd-foo30_" pid=12545 comm="apparmor_parser" and cat /proc/12545/stack shows: [] aa_remove_profiles+0x88/0x270 21:19 brauner [] profile_remove+0x144/0x2e0 21:19 brauner [] __vfs_write+0x18/0x40 21:19 brauner [] vfs_write+0xb8/0x1b0 21:19 brauner [] SyS_write+0x55/0xc0 21:19 brauner [] entry_SYSCALL_64_fastpath+0x1e/0xa8 21:19 brauner [] 0x This looks like a potential kernel bug. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1645037/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1607796] Re: snap-confine regression when running commands as root
** Changed in: snap-confine (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1607796 Title: snap-confine regression when running commands as root Status in snap-confine: Fix Released Status in snap-confine package in Ubuntu: Fix Released Status in snap-confine source package in Xenial: Fix Released Bug description: [Impact] Snaps (even in running in devmode) cannot put any files in the /root directory. This bug is fixed by adding /root to a list of directories that are bind mounted and thus visible to snaps in their execution environment. For more information about the execution environment, please see this article http://www.zygoon.pl/2016/08/snap-execution-environment.html [Test Case] The test case can be found here: https://github.com/snapcore/snap-confine/blob/master/spread- tests/regression/lp-1607796/task.yaml The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually. The commands there assume that snapd and snap-confine are installed. No other additional setup is necessary. [Regression Potential] * Regression potential is minimal as the fix simply adds another directory to a list of directories that needs to be bind mounted. * The fix was tested on Ubuntu via spread and on several other distributions successfully. [Other Info] * This bug is a part of a major SRU that brings snap-confine in Ubuntu 16.04 in line with the current upstream release 1.0.41. * This bug was included in an earlier SRU and is now fixed in Ubuntu. I am updating the template here to ensure that the process is fully documented from 1.0.38 all the way up to the current upstream release 1.0.41. * snap-confine is technically an integral part of snapd which has an SRU exception and is allowed to introduce new features and take advantage of accelerated procedure. For more information see https://wiki.ubuntu.com/SnapdUpdates == # Pre-SRU bug description follows # == root@edfu:~# lxd.lxc list +--+-+--+--++---+ | NAME | STATE | IPV4 | IPV6 |TYPE| SNAPSHOTS | +--+-+--+--++---+ | blah | STOPPED | | | PERSISTENT | 0 | +--+-+--+--++---+ root@edfu:~# dpkg -l | grep core-launcher ii ubuntu-core-launcher 1.0.27.1amd64 Launcher for ubuntu-core (snappy) apps root@edfu:~# sudo apt install ubuntu-core-launcher Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: snap-confine The following NEW packages will be installed: snap-confine The following packages will be upgraded: ubuntu-core-launcher 1 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 23.1 kB of archives. After this operation, 51.2 kB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 http://us.archive.ubuntu.com//ubuntu xenial-proposed/main amd64 ubuntu-core-launcher amd64 1.0.38-0ubuntu0.16.04.3 [2,696 B] Get:2 http://us.archive.ubuntu.com//ubuntu xenial-proposed/main amd64 snap-confine amd64 1.0.38-0ubuntu0.16.04.3 [20.4 kB] Fetched 23.1 kB in 0s (0 B/s) (Reading database ... 101267 files and directories currently installed.) Preparing to unpack .../ubuntu-core-launcher_1.0.38-0ubuntu0.16.04.3_amd64.deb ... Unpacking ubuntu-core-launcher (1.0.38-0ubuntu0.16.04.3) over (1.0.27.1) ... Selecting previously unselected package snap-confine. Preparing to unpack .../snap-confine_1.0.38-0ubuntu0.16.04.3_amd64.deb ... Unpacking snap-confine (1.0.38-0ubuntu0.16.04.3) ... Processing triggers for man-db (2.7.5-1) ... Setting up snap-confine (1.0.38-0ubuntu0.16.04.3) ... Setting up ubuntu-core-launcher (1.0.38-0ubuntu0.16.04.3) ... Removing obsolete conffile /etc/apparmor.d/usr.bin.ubuntu-core-launcher ... root@edfu:~# lxd.lxc list error: mkdir /root/snap: read-only file system So looks like /root/snap isn't bind-mounted anymore. I also had to set HOME for my daemon to point to /tmp as apparently that's not set anymore either, causing HOME in my daemon to resolve to / which obviously is read-only. To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1607796/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.t
[Group.of.nepali.translators] [Bug 1618683] Re: pivot_root or mounts setup breaks unshare of userns
** Changed in: snap-confine (Ubuntu Xenial) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1618683 Title: pivot_root or mounts setup breaks unshare of userns Status in snap-confine: Fix Released Status in snap-confine package in Ubuntu: Fix Released Status in snap-confine source package in Xenial: Fix Released Bug description: [Impact] Snap-Confine uses pivot_root internally. The particular way in which this is done is somewhat tricky and in effect we used to "leak" the old root filesystem. This caused the kernel to assume our process is unsafe and cannot use user namespaces. The fix includes using unmount2(2) with MNT_DETACH to detach/unmount the old root filesystem. For more information about the execution environment, please see this article http://www.zygoon.pl/2016/08/snap-execution-environment.html [Test Case] The test case can be found here: https://github.com/snapcore/snap-confine/blob/master/spread- tests/regression/lp-1618683/task.yaml The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually. The commands there assume that snapd and snap-confine are installed. No other additional setup is necessary. [Regression Potential] * Regression potential is minimal. Experienced member of the LXD development team (Stephane Graber) has reported this issue and recommended the fix that we've applied. The same approach is used by LXD. * The fix was tested on Ubuntu with spread, successfully. [Other Info] * This bug is a part of a major SRU that brings snap-confine in Ubuntu 16.04 in line with the current upstream release 1.0.41. * snap-confine is technically an integral part of snapd which has an SRU exception and is allowed to introduce new features and take advantage of accelerated procedure. For more information see https://wiki.ubuntu.com/SnapdUpdates == # Pre-SRU bug description follows # == Starting around the time ubuntu-core-launcher was transitioned to snap-confine, unsharing a user namespace became impossible. This is obviously a pretty big deal for LXD. I've confirmed that this isn't apparmor, seccomp or capabilities getting in the way and I think I tracked it down to a poor implementation of the chroot/pivot_root feature in snap-confine. There is no code in snap-confine to umount the paths outside of the pivot target. This means the snap mount table then contains a whole lot of unreachable mounts which will be stuck there forever. This causes us to trip the chroot detection code in the kernel as there are more than one root mount point and a ton of completely unreachable mount entries which makes the kernel think we're in an unsafe environment for a user namespace to be created. Strace of the current launcher to a basic binary (lxd --help): http://paste.ubuntu.com/23114432/ The mount table for a running LXD process is now: http://paste.ubuntu.com/23114471/ This is also very wasteful, especially considering that snap-confine creates a new namespace for every single command but more importantly, it's going to create a bunch of weird issues on systems using snapd, including potential data loss. That's because not unmounting unused mount entries (anything outside of your pivot dir), keeps an active reference to them in the kernel. This effectively means that none of those mounts can really be unmounted on the host. The host mount entry will disappear on umount, but attempting to mount again will fail with "already mounted". It also means that any non-persistent device (USB stick) will never get properly unmounted which may cause data loss. To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1618683/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1648143] Re: tor in lxd: apparmor="DENIED" operation="change_onexec" namespace="root//CONTAINERNAME_" profile="unconfined" name="system_tor"
** Changed in: apparmor (Ubuntu) Status: Confirmed => Invalid ** No longer affects: apparmor (Ubuntu Xenial) ** No longer affects: apparmor (Ubuntu Yakkety) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1648143 Title: tor in lxd: apparmor="DENIED" operation="change_onexec" namespace="root//CONTAINERNAME_" profile="unconfined" name="system_tor" Status in apparmor package in Ubuntu: Invalid Status in linux package in Ubuntu: Fix Released Status in tor package in Ubuntu: Invalid Status in linux source package in Xenial: Fix Released Status in tor source package in Xenial: Invalid Status in linux source package in Yakkety: Fix Released Status in tor source package in Yakkety: Invalid Bug description: Environment: Distribution: ubuntu Distribution version: 16.10 lxc info: apiextensions: storage_zfs_remove_snapshots container_host_shutdown_timeout container_syscall_filtering auth_pki container_last_used_at etag patch usb_devices https_allowed_credentials image_compression_algorithm directory_manipulation container_cpu_time storage_zfs_use_refquota storage_lvm_mount_options network profile_usedby container_push apistatus: stable apiversion: "1.0" auth: trusted environment: addresses: 163.172.48.149:8443 172.20.10.1:8443 172.20.11.1:8443 172.20.12.1:8443 172.20.22.1:8443 172.20.21.1:8443 10.8.0.1:8443 architectures: x86_64 i686 certificate: | -BEGIN CERTIFICATE- -END CERTIFICATE- certificatefingerprint: 3048baa9f20d316f60a6c602452b58409a6d9e2c3218897e8de7c7c72af0179b driver: lxc driverversion: 2.0.5 kernel: Linux kernelarchitecture: x86_64 kernelversion: 4.8.0-27-generic server: lxd serverpid: 32694 serverversion: 2.4.1 storage: btrfs storageversion: 4.7.3 config: core.https_address: '[::]:8443' core.trust_password: true Container: ubuntu 16.10 Issue description -- tor can't start in a non privileged container Logs from the container: - Dec 7 15:03:00 anonymous tor[302]: Configuration was valid Dec 7 15:03:00 anonymous systemd[303]: tor@default.service: Failed at step APPARMOR spawning /usr/bin/tor: No such file or directory Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Main process exited, code=exited, status=231/APPARMOR Dec 7 15:03:00 anonymous systemd[1]: Failed to start Anonymizing overlay network for TCP. Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Unit entered failed state. Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Failed with result 'exit-code'. Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Service hold-off time over, scheduling restart. Dec 7 15:03:00 anonymous systemd[1]: Stopped Anonymizing overlay network for TCP. Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Failed to reset devices.list: Operation not permitted Dec 7 15:03:00 anonymous systemd[1]: Failed to set devices.allow on /system.slice/system-tor.slice/tor@default.service: Operation not permitted Dec 7 15:03:00 anonymous systemd[1]: message repeated 6 times: [ Failed to set devices.allow on /system.slice/system-tor.slice/tor@default.service: Operation not permitted] Dec 7 15:03:00 anonymous systemd[1]: Couldn't stat device /run/systemd/inaccessible/chr Dec 7 15:03:00 anonymous systemd[1]: Couldn't stat device /run/systemd/inaccessible/blk Dec 7 15:03:00 anonymous systemd[1]: Failed to set devices.allow on /system.slice/system-tor.slice/tor@default.service: Operation not permitted Logs from the host audit: type=1400 audit(1481119378.856:6950): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 namespace="root//lxd-anonymous_" profile="unconfined" name="system_tor" pid=12164 comm="(tor)" Steps to reproduce - install ubuntu container 16.10 on a ubuntu 16.10 host install tor in the container Launch tor To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1648143/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1709536] Re: snapd 2.26.14 on ubuntu-core won't start in containers anymore
** Changed in: layer-snap Status: New => Invalid -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1709536 Title: snapd 2.26.14 on ubuntu-core won't start in containers anymore Status in Snap Layer: Invalid Status in snapd: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Xenial: Fix Released Status in systemd source package in Artful: Fix Released Bug description: [Impact] Systemd treats a failure to apply the requested Nice value as critical to unit startup. Unprivileged LXD containers do not allow the use of negative nice values. snapd will fail to start inside containers now that snapd uses a negative Nice value. Aug 09 05:54:37 core systemd[1]: snapd.service: Main process exited, code=exited, status=201/NICE Aug 09 05:54:37 core systemd[1]: snapd.service: Unit entered failed state. Aug 09 05:54:37 core systemd[1]: snapd.service: Failed with result 'exit-code'. The fix is for systemd to ignore permission errors when attempting to setup such custom nice values in containers. I have confirmed that setting up a unit override by hand which sets Nice = 0 does resolve the problem. [Test Case] Boot a Xenial image in lxd: $ lxc launch xenial x1 $ lxc exec x1 -- systemctl --state=failed Observe failures for snapd : ● snapd.service loaded failed failed Snappy daemon ● snapd.socket loaded failed failed Socket activation for snapp Install updated systemd from -proposed and get status: (lxc exec reboot; lxc exec systemctl status) State: running Jobs: 0 queued Failed: 0 units [Regression Potential] Services will now run with a Nice value other than what was specified in the unit if it cannot be changed for some reason. To manage notifications about this bug go to: https://bugs.launchpad.net/layer-snap/+bug/1709536/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1527374] Re: CVE-2015-8709
** No longer affects: lxc (Ubuntu) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1527374 Title: CVE-2015-8709 Status in linux package in Ubuntu: Fix Released Status in linux-armadaxp package in Ubuntu: Confirmed Status in linux-flo package in Ubuntu: Confirmed Status in linux-goldfish package in Ubuntu: Confirmed Status in linux-lts-quantal package in Ubuntu: Won't Fix Status in linux-lts-raring package in Ubuntu: Won't Fix Status in linux-lts-saucy package in Ubuntu: Won't Fix Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux-lts-wily package in Ubuntu: Fix Released Status in linux-lts-xenial package in Ubuntu: New Status in linux-mako package in Ubuntu: Confirmed Status in linux-manta package in Ubuntu: Confirmed Status in linux-raspi2 package in Ubuntu: Fix Released Status in linux-snapdragon package in Ubuntu: New Status in linux-ti-omap4 package in Ubuntu: Confirmed Status in linux source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: ** DISPUTED ** kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here." Break-Fix: - local-2015-8709 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1527374/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1510108] Re: pre-installed lxc in cloud-image means loss of access to 10.0.X.0/24
** No longer affects: lxc (Ubuntu Wily) ** No longer affects: lxc (Ubuntu Xenial) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1510108 Title: pre-installed lxc in cloud-image means loss of access to 10.0.X.0/24 Status in lxc package in Ubuntu: Triaged Bug description: Bug 1509414 describes fallout of inclusion of lxc in cloud images. The initial inclusion caused 2 issues: a.) containers created by 'lxc -t ubuntu-cloud' and 'lxd import-images ubuntu wily' had completely broken networking b.) all cloud images would have lost access to 10.0.3.0/24 networks. The fix that went in fixes 'a' above. By default, containers created for lxd and lxc will now work as expected. This bug is opened to address the much less severe 'b'. Now, on first boot lxc-net selects a network in the 10.0.X.0/24 to give to the lxcbr0 bridge. It selects the network by simply looking for the first available N where there . That code can be seen prior to fix in debian/lxc.preinst [1] and after fix in config/init/common /lxc-net.in [2]. Generally speaking it looks for local ip addresses on the targeted network. That code is fairly simplistic. There are definitely cases where it can pick a network that would be used by this system. The result is that traffic destined for that network will be sent to the lxcbr0 rather than out of the system to wherever it should go. The suggested fix would be to make that code run on 'lxc' or 'lxd' usage rather than on instance boot. By doing so, we reduce the set of users possibly affected from all cloud-image users to all users of lxc or lxd. Note, all users of lxd and lxc have been affected by this bug since at least 14.04. -- [1] https://github.com/lxc/lxc-pkg-ubuntu/blob/dpm-wily/debian/lxc.preinst#L55 [2] https://github.com/lxc/lxc-pkg-ubuntu/blob/dpm-wily/config/init/common/lxc-net.in Related bugs: * bug 1509414: pre-installed lxc in cloud image produces broken lxc (and later lxd) containers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1510108/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1816642] Re: SRU of LXC 2.0.11
Adding go-lxc to this as the fixes in 2.0.11 ended up showing bugs in go-lxc's test logic, so we'll have to cherry-pick a couple of fixes from upstream to have it be happy and give us a meaningful test result. ** Also affects: golang-gopkg-lxc-go-lxc.v2 (Ubuntu) Importance: Undecided Status: New ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu) Status: New => Fix Released ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Trusty) Status: New => Triaged ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Status: New => In Progress ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1816642 Title: SRU of LXC 2.0.11 Status in golang-gopkg-lxc-go-lxc.v2 package in Ubuntu: Fix Released Status in lxc package in Ubuntu: Fix Released Status in golang-gopkg-lxc-go-lxc.v2 source package in Trusty: Triaged Status in lxc source package in Trusty: Triaged Status in golang-gopkg-lxc-go-lxc.v2 source package in Xenial: In Progress Status in lxc source package in Xenial: Fix Committed Bug description: LXC upstream has released a new bugfix release for the LXC 2.0 LTS branch. This is version 2.0.10. Ubuntu never received 2.0.9 as an SRU, so the changelog for both of them can be found below: LXC 2.0.11: - autotools: handle getgrgid_r on bionic - autotools: add memory_utils.h to Makefile.am - change version to 2.0.11 in configure.ac LXC 2.0.10: - tools: allow lxc-attach to undefined containers - utils: move memfd_create() definition - utils: add lxc_cloexec() - utils: add lxc_make_tmpfile() - utils: add lxc_getpagesize() - utils: add lxc_safe_long_long() - utils: parse_byte_size_string() - utils: add lxc_find_next_power2() - namespace: use lxc_getpagesize() - lxc-debian: allow creating `testing` and `unstable` - Call lxc_config_define_load from lxc_execute again - Fix typo in lxc-net script - Add missing lxc_container_put - lxc-debian: don't write C.* locales to /etc/locale.gen - attach: correctly handle namespace inheritance - cgfsng: fix cgroup2 detection - cgroups: enable container without CAP_SYS_ADMIN - lxc-start: remove unnecessary checks - start: close non-needed file descriptors - handler: make name argument const - start: close data socket in parent - monitor: do not log useless warnings - network: reap child in all cases - conf: reap child in all cases - storage: switch to ext4 as default filesystem - tools: fix help output of lxc-create - attach: handle namespace inheritance - cgroups/cgfsng: keep mountpoint intact - cgroups/cgfsng: cgfsns_chown() -> cgfsng_chown() - cgroups/cgfsng: support MS_READONLY with cgroup ns - log: check for i/o error with vsnprintf() - cgroupfs/cgfsng: tweak logging - cgroups/cgfsng: remove is_lxcfs() - cgroups/cgfsng: fix get_controllers() for cgroup2 - cgroupfs/cgfsng: improve cgroup2 handling - config: remove SIGRTMIN+14 as lxc.signal.stop - commands: non-functional changes - console: non-functional changes - console: non-functional changes - lxc-test-unpriv: fix the overlayfs mount error - attach: allow attach with empty conf - tools/lxc_attach: removed api logging - console: fix console info message - Add missing dependency libunistring - cgroups/cgfsng: adapt to new cgroup2 delegation - console: report detach message on demand - lxccontainer: enable daemonized app containers - console: use correct escape sequence check - console: prepare for generic signal handler - console: exit mainloop on SIGTERM - commands: non-functional changes - lxccontainer: non-functional changes - commands: fix state socket implementation - lxc_init: set the control terminal in the child session - lxc-test-unpriv: check user existence before removing it - Fixed typo on lxc.spec.in - conf: move CAP_SYS_* definitions to utils.h - start.c: always switch uid and gid - Use AX_PTHREAD config script to detect pthread api - utils.h: Avoid duplicated sethostname implementation - tools/lxc_cgroup: remove internal logging - tools/lxc_autostart: remove internal logging - tools/lxc_clone: remove internal logging - tools/lxc_console: remove internal logging - tools/lxc_create: remove internal logging - tools/lxc_destroy: remove internal logging - tools/lxc_device: remove internal logging - tools/lxc_execute: removed internal logging - tools/lxc_freeze: remove internal logging - tools/lxc_info: removed internal lo
[Group.of.nepali.translators] [Bug 1816642] [NEW] SRU of LXC 2.0.10
Public bug reported: LXC upstream has released a new bugfix release for the LXC 2.0 LTS branch. This is version 2.0.10. Ubuntu never received 2.0.9 as an SRU, so the changelog for both of them can be found below: LXC 2.0.10: - tools: allow lxc-attach to undefined containers - utils: move memfd_create() definition - utils: add lxc_cloexec() - utils: add lxc_make_tmpfile() - utils: add lxc_getpagesize() - utils: add lxc_safe_long_long() - utils: parse_byte_size_string() - utils: add lxc_find_next_power2() - namespace: use lxc_getpagesize() - lxc-debian: allow creating `testing` and `unstable` - Call lxc_config_define_load from lxc_execute again - Fix typo in lxc-net script - Add missing lxc_container_put - lxc-debian: don't write C.* locales to /etc/locale.gen - attach: correctly handle namespace inheritance - cgfsng: fix cgroup2 detection - cgroups: enable container without CAP_SYS_ADMIN - lxc-start: remove unnecessary checks - start: close non-needed file descriptors - handler: make name argument const - start: close data socket in parent - monitor: do not log useless warnings - network: reap child in all cases - conf: reap child in all cases - storage: switch to ext4 as default filesystem - tools: fix help output of lxc-create - attach: handle namespace inheritance - cgroups/cgfsng: keep mountpoint intact - cgroups/cgfsng: cgfsns_chown() -> cgfsng_chown() - cgroups/cgfsng: support MS_READONLY with cgroup ns - log: check for i/o error with vsnprintf() - cgroupfs/cgfsng: tweak logging - cgroups/cgfsng: remove is_lxcfs() - cgroups/cgfsng: fix get_controllers() for cgroup2 - cgroupfs/cgfsng: improve cgroup2 handling - config: remove SIGRTMIN+14 as lxc.signal.stop - commands: non-functional changes - console: non-functional changes - console: non-functional changes - lxc-test-unpriv: fix the overlayfs mount error - attach: allow attach with empty conf - tools/lxc_attach: removed api logging - console: fix console info message - Add missing dependency libunistring - cgroups/cgfsng: adapt to new cgroup2 delegation - console: report detach message on demand - lxccontainer: enable daemonized app containers - console: use correct escape sequence check - console: prepare for generic signal handler - console: exit mainloop on SIGTERM - commands: non-functional changes - lxccontainer: non-functional changes - commands: fix state socket implementation - lxc_init: set the control terminal in the child session - lxc-test-unpriv: check user existence before removing it - Fixed typo on lxc.spec.in - conf: move CAP_SYS_* definitions to utils.h - start.c: always switch uid and gid - Use AX_PTHREAD config script to detect pthread api - utils.h: Avoid duplicated sethostname implementation - tools/lxc_cgroup: remove internal logging - tools/lxc_autostart: remove internal logging - tools/lxc_clone: remove internal logging - tools/lxc_console: remove internal logging - tools/lxc_create: remove internal logging - tools/lxc_destroy: remove internal logging - tools/lxc_device: remove internal logging - tools/lxc_execute: removed internal logging - tools/lxc_freeze: remove internal logging - tools/lxc_info: removed internal logging - criu: detect veth name - lxccontainer: various container creation fixes - storage: remove unused declaration - tools/lxc_ls: remove internal logging - tools/lxc_copy: remove internal logging - tools/lxc_monitor: removed internal logging - tools/lxc_snapshot: removed internal logging - tools/lxc_start: removed internal logging - tools/lxc_stop: removed internal logging - tools/lxc_top: removed internal logging - tools/lxc_unfreeze: removed internal logging - tools/lxc_unshare: removed internal logging - tools/lxc_usernsexec: removed internal logging - tools/lxc_wait: removed internal logging - confile: fix memory leak - utils: declare sethostname() static inline - lxc_unshare: Add uid_mapping when creating userns - Update gentoo.moresecure.conf. - Add new dependency to Slackware template - Add bash completion to list backing store types for lxc-create -B - Backing Store types are hard-coded (Not sure how to get programmatically) - Closes #1236 - Fix SETCOLOR_FAILURE evaluation - Insert missing "echo" after "is_enabled" - conf: prevent null pointer dereference - criu: initialize status - confile: remove dead assignment - criu: silence static analysis - attach: do not fail on non-existing namespaces - test: reenable Coverity integration - lxc_execute: properly figure out number of needed arguments - arguments: move to tools/ subdirectory - start: set loglevel correctly - commands: don't traverse whole list - commands: don't lock atomic operations - commands: don't lock the whole command - start: don't lock setting the state - commands: allow waiting for all states - test: add state server tests - commands: tweak locking - lxccontainer: restore non-blocking shutdown - commands: tell mainloop to r
[Group.of.nepali.translators] [Bug 1804753] Re: SRU of LXCFS 3.0.3 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1804753 Title: SRU of LXCFS 3.0.3 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Xenial: Fix Released Status in lxcfs source package in Bionic: Fix Released Status in lxcfs source package in Cosmic: Fix Released Status in lxcfs source package in Disco: Fix Released Bug description: LXCFS upstream released LXCFS 3.0.3 as a bugfix release with following changelog: - bindings: prevent double free - tests: include missing sys/sysmacros.h header Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1804753/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1804755] Re: SRU of LXC 3.0.3 (upstream bugfix release)
** Changed in: lxc (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1804755 Title: SRU of LXC 3.0.3 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Xenial: Fix Released Status in lxc source package in Bionic: Fix Released Status in lxc source package in Cosmic: Fix Released Status in lxc source package in Disco: Fix Released Bug description: LXC upstream released LXC 3.0.3 as a bugfix release with following changelog: - CONTRIBUTING: Update reference to kernel coding style - CONTRIBUTING: Link to latest online kernel docs - CONTRIBUTING: Direct readers to CODING_STYLE.md - CODING_STYLE: Mention kernel style in introduction - CONTRIBUTING: Add 'be' to fix grammar - CODING_STLYE: Simplify explanation for use of 'extern' - CODING_STLYE: Remove sections implied by 'kernel style' - CODING_STYLE: Fix non-uniform heading level - CODING_STYLE: Update section header format - cmd: Use parenthesis around complex macro - cmd: Use 'void' instead of empty parameter list - cmd: Do not use braces for single statement block - cmd: Fix whitespace issues - cmd: Use 'const' for static string constant. - cmd: Remove unnecessary whitespace in string - cmd: Put trailing */ on a separate line - cmd: Remove typo'd semicolon - cmd: Do not use comparison to NULL - lxc_init: s/SYSDEBUG()/SYSERROR()/g in remove_self - tools: lxc-attach: add default log priority & cleanups - tools: lxc-cgroup: add default log priority & cleanups - tools: lxc-checkpoint: add default log priority & cleanups - tools: lxc-console: add default log priority & cleanups - tools: lxc-create: add default log priority & cleanups - tools: lxc-destroy: add default log priority & cleanups - tools: lxc-device: add default log priority & cleanups - tools: lxc-execute: add default log priority & cleanups - tools: lxc-start: add default log priority & cleanups - tools: lxc-stop: add default log priority & cleanups - tools: lxc-freeze: add default log priority & cleanups - tools: lxc-unfreeze: add default log priority & cleanups - storage_utils: move duplicated function from tools - tools: fix lxc-execute command parsing - lseek - integer overflow - cmd: lxc-user-nic: change log macro & cleanups - cmd: lxc-usernsexec reorder includes - cmd: move declarations to macro.h - cmd: use utils.{c,h} helpers in lxc-usernsexec - cmd: simplify lxc-usernsexec - cmd: use safe number parsers in lxc-usernsexec - macro: add missing headers - macro: add macvlan properties - tools: Indicate container startup failure - storage: exit() => _exit(). when exec is failed, child process needs to use _exit() - tools: lxc-wait: add default log priority & cleanups - conf: fix path/lxcpath mixups in tty setup - cmd: use goto for cleanup in lxc-usernsexec - cmd: Do not reassign variable before it is used - cmd: Reduce scope of 'count' variable - cmd: Fix format issues found by clang-format - list: fix indent - utils: split into {file,string}_utils.{c,h} - pam_cgfs: build from the same sources as liblxc - conf: fix devpts mounting when fully unprivileged - macro: s/rexit()/_exit()/g - attach: move struct declaration to top - macro: move macros from attach.c - Makefile: don't allow undefined symbols - autotools: check if compiler is new enough - log: handle strerror_r() versions - autotools: add --{disable,enable}-thread-safety - log: fail build on ENFORCE_THREAD_SAFETY error - {file,string}_utils: remove NO_LOG - initutils: remove useless comment - string_utils: remove unnecessary include - string_utils: remove unused headers - string_utils: add remove_trailing_slashes() - Makefile: remove last pam_cgfs special-casing - conf: add missing headers - Fix typo - ifaddrs: add safe implementation of getifaddrs() - Makefile: conditionalize ifaddrs.h inclusion - execute: skip lxc-init logging when unprivileged - execute: pass /proc/self/fd/ - tests: cleanup get_item.c - build: fix musl - configure: reorder header checks - compiler: add compiler.h header - commands: return -1 on lxc_cmd_get_init_pid() err - tests: add basic.c - tests: cleanup Makefile - commands: ensure -1 is sent on EPIPE for init pid - macro: add LXC_AUDS_ADDR_LEN - macro: move LXC_CMD_DATA_MAX from commands.h - macro: add PTR_TO_INT() and INT_TO_PTR() - macro: add INTTYPE_TO_STRLEN() - caps: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - cgfsng: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - confile: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - log: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - lsm: s/LXC_NUMSTR
[Group.of.nepali.translators] [Bug 1804876] Re: SRU of LXD 3.0.3
** Changed in: lxd (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1804876 Title: SRU of LXD 3.0.3 Status in lxd package in Ubuntu: Invalid Status in lxd source package in Xenial: Fix Released Status in lxd source package in Bionic: Fix Released Bug description: LXD upstream released LXD 3.0.3 as a bugfix release with following changelog: - doc: add note about ignoring mount options - shared/idmap: test fcaps support - Add a few missing rows.Close() calls - lxd/patches: Profiles are in the cluster db - lxd/storage/ceph: Only freeze container if running - lxc: Only target if --target is passed - shared: Return decompressor in DetectCompression - lxd/containers: Don't return nil on Storage calls - tests: Fix mode of proxy.sh - shared/api: Don't re-define fields - lxd/storage/btrfs: Fix clearing quotas - lxd/containers: Also use apply_quota for CEPH - lxd/containers: Simplify and fix pool update logic - Add NodeIsOutdated() db API to check is a node is outdated - Trigger whatever is in the LXD_CLUSTER_UPDATE var is node is outdated - lxd/images: Add missing cleanup code - lxd/containers: Fix bad function name - tests: Avoid err == nil pattern - lxd: Don't mask database errors - Honor the CC environment variable when invoking go install - client: Avoid err == nil pattern - lxd/profiles: Don't list snapshots in UsedBy - Make database queries timeout after 10s if cluster db is unavail - tests: Fix pki with newer easyrsa - lxd/db: Fix internal DB test - doc: Fix and improve the description - operations: return true if operation is done before timeout - lxd/containers: Avoid root device name conflict - lxd/import: Add root disk if needed - global: Advertise rsync features - lxd/db: Use NoSuchObject consistently - proxy: Only log errors - lxd/import: Don't delete container on import failure - i18n: Update translation templates - Support --domain flag for lxc remote - Add configurable macaroon expiry - Support Candid domain validation - Update Candid docs - Update i18n - lxd: Rename API endpoints - network_linux: add netns_getifaddrs() - main_checkfeature: check kernel for netnsid support - network: add NetworkGetCounters() - container_lxc: switch to NetnsGetifaddrs() - shared: Add network state API - api: Add extended cluster join API - lxd/init: Fix struct conflict - lxc: Identify snapshots when listed - shared/version: Support detecting ChromeOS versions - lxd/containers: Force bring up of SRIOV parent - netns_getifaddrs: fix argument passing - netnsid_getifaddrs: fix check for netnsid support - doc: Fix storage API endpoints - container_lxc: handle network retrieval smarter - shared: Add storage volume snapshot support - client: Add storage volume snapshot support - netns_getifaddrs: don't print useless info - shared/api: Fix StorageVolumeSource struct - Makefile: Set LDFLAGS for dqlite - lxd: Fix handling of CGroup-V2 systems - tree-wide: pass -std=gnu11 -Wvla - lxd/containers: Rework exec FD handling - Added optional ?target= to /containers POST documentation - lxd/storage/lvm: Don't un-necessarily start/stop storage - lxd/storage/ceph: Don't un-necessarily mount snapshots - lxd/containers: Fix cleanup on create failure - shared/network: Don't crash on VPN devices - lxd/containers: Fix bad nvidia information parsing - netns_getifaddrs: fix network stats retrieval - network: Fix counters on non-ethernet interfaces - doc: Add configuration for readthedocs - storage: Fix error strings - lxd/storage/btrfs: Don't fail deleting pools on misisng disk - Split code in 2 seperate files - network: provide #ifdefs for RTM_* requests - Document LVM support for storage quotas - candid: Cleanup code a bit - network: fix netns_get_nsid() signature - apparmor: Allow cgroupv2 in cgns - candid: Fix client when using https candid server - lxd-p2c: Fix static build - config: Add support for PEM encrypted keys - lxc: Setup password helper - lxc/config: Only setup needed connection args - lxc/config: More TLS optimizations - i18n: Update translation templates - macro: add SOL_NETLINK - macro: add NETLINK_DUMP_STRICT_CHK - netns_ifaddrs: check for NETLINK_DUMP_STRICT_CHK - Fix Potential Event Race - devices: Fix bad disk limits - Fix root disk limits on container startup - checkfeature: Rework structure - checkfeature: simplify is_netnsid_aware() check - checkfeature: Avoid double line break - checkfeature: dial logging down from to debug - lxc/progress: Add terminal detection - doc: Rework backup documentation - client
[Group.of.nepali.translators] [Bug 1804876] [NEW] SRU of LXD 3.0.3
Improve error reporting when creating a container - Change ContainerStorageRead() to take a container object instead of its name - Improve error messages around LVM volume creation - Change Storage.ContainerUmount to accept a container vs a container name - lxd/init: Update for current client package - lxc/progress: Don't print empty lines - candid: Improve domain validation and pubkey - lxd/images: Fix parsing of public property - client: Always use the "do()" wrapper - client: Fix URLs with missing project/target - Improve error messages - lxd/containers: Fix cluster shutdown - i18n: Update Japanese translation - idmap: use global variable for vfs3 fcaps support - checkfeature: check for vfs3 fscaps support - lxd/db: Fix bad limits.cpu - shared: Add limits.cpu validator - doc: add the appropriate titles to some documents - shared/network: Allow TLS1.3 - global: Implement LXD_INSECURE_TLS env variable - netns_getifaddrs: simplify - Fix bad check for recursive mounts - Prevent event listeners from lying around even after Disconnect() - client: Support creating project-bound container using an image on another node - client: Filter lifecycle and operations events by project - client: Make container backups code honor projects - client: Make GET /profiles return only profiles for the project - Bump Go versions and use '.x' to always get latest patch versions - Update build instruction - doc: Bump to 1.10 or higher everywhere - Don't expire lxd.log by accident - lxd/storage: Fix importing preseed dump - lxd/migration: Use current idmap instead of next - lxd/db: Send raft/dqlite logging to debug - lxd/daemon: Clarify early loggging - checkfeature: Don't log error on missing feature - lxd/daemon: Improve logging of inherited fds - shared/logging: Improve logfile output - lxd/daemon: Don't mention MAAS unless configured - exec: Expose command, env and mode in metadata - client: Fix cancelation of image download - Detect and shrink large boltdb files - lxd/daemon: Fix build - loop: retry on EBUSY - lxd/storage: Improve loop device errors - lxd/containers: Detect root disk pool changes - doc: Update cloud-init network documentation - client: Fix error handling in operations - lxd/containers: Prevent duplicate profiles - lxc/copy: --container-only is meaningless for snapshots - shared/api: Add support for incremental container copy - client: Add support for incremental container copy - doc: Add kernel.keys.maxkeys to production-setup - lxd/storage/dir: Don't fail when quota are set - lxd: Handle AppArmor policy cache directory - test: Support AppArmor policy cache directory - lxd/containers: Respect optional=true for disks - use empty usb vendorid to pass through all usb devices - doc: Add usb_optional_vendorid API extension - lxc/image: Fix rootfs file handling on snap - lxd/containers: Properly clear static leases - shared/api: Support copy between projects - client: Support copy between projects - lxc/config: Allow overriding the current project - rsync: Tweak transfer options (delete & compress) - lxd/daemon: Improve logging of kernel features - lxd: Register background tasks as operations - lxc: Switch all progress op handling to cancelable - Increase go-dqlite client timeout when not-clustered - lxd: Rework task handling - lxd/migration: Fix CRIU rsync option negotiation - lxd/storage/btrfs: Tweak errors - lxd/init: Better handle disk sizes - lxd/db: Avoid un-needed query on container move - i18n: Update translation templates - Add StorageVolumeIsAvailable to check if a Ceph volume can be attached - Wire StorageVolumeIsAvailable to containerValidDevices - Add integration test Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. ** Affects: lxd (Ubuntu) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Invalid ** Affects: lxd (Ubuntu Xenial) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxd (Ubuntu Bionic) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxd (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Disco) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided
[Group.of.nepali.translators] [Bug 1788280] Re: SRU of LXD 3.0.2
** Changed in: lxd (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1788280 Title: SRU of LXD 3.0.2 Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: Fix Released Status in lxd source package in Bionic: Fix Released Status in lxd source package in Cosmic: Fix Released Bug description: LXD upstream released LXD 3.0.2 as a bugfix release with following changelog: - container: containerCreateAsCopy() update pool - forkmount: ignore ENOENT and EINVAL on umount2() - nsexec: simplify attach_userns() - Fall back to alternate way of detecting minor version of Nvidia driver if needed - lxd/maas: Make error more readable - lxd-p2c: Send rsync output to stderr - lxd/migration: Don't pass -vP to a hidden rsync - lxc: Properly handle --target in copy and move - memory: fix format string - lxc/move: Support config and profile overrides - i18n: Update translation templates - exec: fix format string - images: fix format string - migrate: remove debug residuals - lvm: fix format string - db: fix format string - nsexec: prevent fd leak - Fix the storage_pool_id filter from the WHERE clause of StoragePoolsConfig - Fix lints - Extract cmdInit.ApplyConfig into a separete initApplyConfig function - Split initApplyConfig into initDataNodeApply and initDataClusterApply - Fix broken alternate TLS server cert in integration tests - lxd/containers: Don't update MAAS for snapshots - lxd/maas: Allow starting with MAAS offline - Enable tcp KeepAlive - lxd/cluster: Improve error on bad target - reader: Handle EINTR - allow uidmaps to be parsed from alternate roots - lxd/storage/zfs: Improve defaults - test: Fix static analysis - Allow identity mappings for unprivileged containers - container: adapt allowedUnprivilegedOnlyMap() - shared: Dereference directory symlinks - lxd,shared: Move parseNumberFromFile to shared - lxc/network: Add --format option to list - lxd/db: Don't hang after bad request - lxd/apparmor: Allow ro bind-mounts and remounts - idmap: support skipping directories - lxd: Properly set containerArgs in all cases - lxd/storage: Fix PATCH on storage pools - container: use lxcSetConfigItem() for lxc.log.file - lxc/cluster: Remove bad alias - lxd/storage: Fix volume creation API - tests: Add alternative TCP port finder - doc: Document hostname requirements - networks: Support stateful DHCPv6 with prefixes longer than /64 - lxd/networks: Skip DHCP mangle if firewall off - network: do not print writer struct on error - lxd/patches: Force a one-time config re-gen - storage pools: move structs - storage volumes: move structs - images: move structs - client: Export OperationWait - lxd/cluster: Only restart local containers - images: consistenly name command structs - cluster: move structs - api 1.0: move struct - api internal: move structs - certificates: move structs - events: move structs - operations: move structs - profiles: move structs - resources: move structs - container logs: move structs - container post: move structs - lxd/storage/btrfs: Fix recursive snapshots - lxd/cluster: Fix attaching CEPH custom volumes - lxd/storage: Fix double quoting - Reduce the frequency of raft snapshots - lxd/storage/ceph: Don't keep snapshots mounted - util linux: add abstract unix socket helpers - proxy: Rework to match master - lxd: Cleanup logging - lxd: Improve error messages - proxy: Properly handle relay errors - lxd/certificates: Log password failures - proxy: handle full socket buffer - gpu: special case passing all GPUs - gpu: don't fail during parse - gpu: handle cards among Nvidia devices - gpu: fix Nvidia minor index parsing - lxd/containers: Fix removing NVIDIA containers - doc: Add links to REST API - doc: Fix storage volume examples - lxd/operations: Forward to right cluster node - lxc/{copy,move}: Allow overriding device config - i18n: Update translations - tests: Perform a lazy umount in case of errors - lxd/networks: Improve dnsmasq leases cleanup - migration: fix cross version migrations - doc: Note that default profile cannot be deleted/renamed - lxc/profile: Fix "get" command - lxd: Prevent renaming/deletion of the default profile - test: Test default profile renaming/deletion - Fix "neighbour: ndisc_cache: neighbor table overflow" - lxd: Fix StoragePoolVolumesGetNames - lxd/apparmor: Fix typo in nesting profile - lxd/patches: Make config re-gen fault tollerant - fix links in api-extension - lxd/db: Fix handling of NetworkConfigClear - lxd/networks: Fix PATCH o
[Group.of.nepali.translators] [Bug 1788457] Re: SRU of LXC 3.0.2 (upstream bugfix release)
** Changed in: lxc (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1788457 Title: SRU of LXC 3.0.2 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Xenial: Fix Released Status in lxc source package in Bionic: Fix Released Status in lxc source package in Cosmic: Fix Released Bug description: LXC upstream released LXC 3.0.2 as a bugfix release with following changelog: - CVE 2018-6556: verify netns fd in lxc-user-nic - fixed a range of bugs found by Coverity - lxc-usernsexec: cleanup and bugfixes - log: add CMD_SYSINFO() - log: add CMD_SYSERROR() - state: s/sleep()/nanosleep()/ - lxclock: improve file locking - lxccontainer: improve file locking - lxccontainer: fix F_OFD_GETLK checks - netlink: add __netlink_{send,recv,transaction} - netns: allocate network namespace id - MAINTAINERS: add Wolfgang Bumiller - pam_cgfs: cleanups - log: add default log priority - tree-wide: pass unsigned long to prctl() - macro: add new macro header - conf: mount devpts without “max” on EINVAL - tree-wide: handle EINTR in read() and write() - tree-wide: replace pipe() with pipe2() - confile: split mount options into flags and data - conf: improve rootfs setup - autotools: default to -Wvla -std=gnu11 - tree-wide: remove VLAs - tree-wide: replace strtok_r() with lxc_iterate_parts() - utils: add lxc_iterate_parts() - apparmor: allow start-container to change to lxc-** - apparmor: update current profiles - apparmor: Allow /usr/lib* paths for mount and pivot_root - conf: the atime flags are locked in userns - conf: handle partially functional device nodes - conf: create /dev directory - autotools: build both a shared and static liblxc - namespace: add api to convert namespaces to standard identifiers - tree-wide: set MSG_NOSIGNAL - tree-wide: use mknod() to create dummy files - cgfsng: respect lxc.cgroup.use - cgroups: remove is_crucial_cgroup_subsystem() - tree-wide: remove unneeded log prefixes - tests: cleanup all tests - terminal: set FD_CLOEXEC on pty file descriptors - conf: simplify lxc_setup_dev_console() - tools: rework tools - autodev: adapt to changes in Linux 4.18 - log: change DEBUG, INFO, TRACE, NOTICE macro using strerror to SYS* macro - log: add lxc_log_strerror_r macro - network: unpriv lxc will run lxc.net.[i].script.up now - conf: only use newuidmap and newgidmap when necessary - autotools: support tls in cross-compile Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. [Test case] lxc has autopkgtests which will assert that the binaries built in -proposed are functional. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1788457/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1788232] Re: SRU of LXCFS 3.0.2 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1788232 Title: SRU of LXCFS 3.0.2 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Xenial: Fix Released Status in lxcfs source package in Bionic: Fix Released Status in lxcfs source package in Cosmic: Fix Released Bug description: LXCFS upstream released LXCFS 3.0.2 as a bugfix release with following changelog: - travis: add coverity support - travis: fix .travis.yml - meminfo: read shmem from cgroup parameter memory.stat - meminfo: set ShmemHugePages and ShmemPmdMapped to zero - bindings: better logging for write_string() Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1788232/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1789746] Re: getxattr: always handle namespaced attributes
** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1789746 Title: getxattr: always handle namespaced attributes Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Status in linux source package in Bionic: Fix Released Status in linux source package in Cosmic: Fix Released Bug description: == SRU Justification == When running in a container with a user namespace, if you call getxattr with name = "system.posix_acl_access" and size % 8 != 4, then getxattr silently skips the user namespace fixup that it normally does resulting in un-fixed-up data being returned. This is caused by posix_acl_fix_xattr_to_user() being passed the total buffer size and not the actual size of the xattr as returned by vfs_getxattr(). I have pushed a commit upstream that fixes this bug: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=82c9a927bc5df6e06b72d206d24a9d10cced4eb5 This commit passes the actual length of the xattr as returned by vfs_getxattr() down. A reproducer for the issue is: touch acl_posix setfacl -m user:0:rwx acl_posix and the compile: #define _GNU_SOURCE #include #include #include #include #include #include #include /* Run in user namespace with nsuid 0 mapped to uid != 0 on the host. */ int main(int argc, void **argv) { ssize_t ret1, ret2; char buf1[128], buf2[132]; int fret = EXIT_SUCCESS; char *file; if (argc < 2) { fprintf(stderr, "Please specify a file with " "\"system.posix_acl_access\" permissions set\n"); _exit(EXIT_FAILURE); } file = argv[1]; ret1 = getxattr(file, "system.posix_acl_access", buf1, sizeof(buf1)); if (ret1 < 0) { fprintf(stderr, "%s - Failed to retrieve " "\"system.posix_acl_access\" " "from \"%s\"\n", strerror(errno), file); _exit(EXIT_FAILURE); } ret2 = getxattr(file, "system.posix_acl_access", buf2, sizeof(buf2)); if (ret2 < 0) { fprintf(stderr, "%s - Failed to retrieve " "\"system.posix_acl_access\" " "from \"%s\"\n", strerror(errno), file); _exit(EXIT_FAILURE); } if (ret1 != ret2) { fprintf(stderr, "The value of \"system.posix_acl_" "access\" for file \"%s\" changed " "between two successive calls\n", file); _exit(EXIT_FAILURE); } for (ssize_t i = 0; i < ret2; i++) { if (buf1[i] == buf2[i]) continue; fprintf(stderr, "Unexpected different in byte %zd: " "%02x != %02x\n", i, buf1[i], buf2[i]); fret = EXIT_FAILURE; } if (fret == EXIT_SUCCESS) fprintf(stderr, "Test passed\n"); else fprintf(stderr, "Test failed\n"); _exit(fret); } and run: ./tester acl_posix On a non-fixed up kernel this should return something like: root@c1:/# ./t Unexpected different in byte 16: ffa0 != 00 Unexpected different in byte 17: ff86 != 00 Unexpected different in byte 18: 01 != 00 and on a fixed kernel: root@c1:~# ./t Test passed == Fix == 82c9a927bc5d ("getxattr: use correct xattr length") == Regression Potential == Low. One liner that passes the actual length of the xattr as returned by vfs_getxattr() down. == Test Case == A test kernel was built with this patch and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1789746/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1789746] Re: getxattr: always handle namespaced attributes
** Changed in: linux (Ubuntu Cosmic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1789746 Title: getxattr: always handle namespaced attributes Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Bionic: Fix Committed Status in linux source package in Cosmic: Fix Released Bug description: == SRU Justification == When running in a container with a user namespace, if you call getxattr with name = "system.posix_acl_access" and size % 8 != 4, then getxattr silently skips the user namespace fixup that it normally does resulting in un-fixed-up data being returned. This is caused by posix_acl_fix_xattr_to_user() being passed the total buffer size and not the actual size of the xattr as returned by vfs_getxattr(). I have pushed a commit upstream that fixes this bug: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=82c9a927bc5df6e06b72d206d24a9d10cced4eb5 This commit passes the actual length of the xattr as returned by vfs_getxattr() down. A reproducer for the issue is: touch acl_posix setfacl -m user:0:rwx acl_posix and the compile: #define _GNU_SOURCE #include #include #include #include #include #include #include /* Run in user namespace with nsuid 0 mapped to uid != 0 on the host. */ int main(int argc, void **argv) { ssize_t ret1, ret2; char buf1[128], buf2[132]; int fret = EXIT_SUCCESS; char *file; if (argc < 2) { fprintf(stderr, "Please specify a file with " "\"system.posix_acl_access\" permissions set\n"); _exit(EXIT_FAILURE); } file = argv[1]; ret1 = getxattr(file, "system.posix_acl_access", buf1, sizeof(buf1)); if (ret1 < 0) { fprintf(stderr, "%s - Failed to retrieve " "\"system.posix_acl_access\" " "from \"%s\"\n", strerror(errno), file); _exit(EXIT_FAILURE); } ret2 = getxattr(file, "system.posix_acl_access", buf2, sizeof(buf2)); if (ret2 < 0) { fprintf(stderr, "%s - Failed to retrieve " "\"system.posix_acl_access\" " "from \"%s\"\n", strerror(errno), file); _exit(EXIT_FAILURE); } if (ret1 != ret2) { fprintf(stderr, "The value of \"system.posix_acl_" "access\" for file \"%s\" changed " "between two successive calls\n", file); _exit(EXIT_FAILURE); } for (ssize_t i = 0; i < ret2; i++) { if (buf1[i] == buf2[i]) continue; fprintf(stderr, "Unexpected different in byte %zd: " "%02x != %02x\n", i, buf1[i], buf2[i]); fret = EXIT_FAILURE; } if (fret == EXIT_SUCCESS) fprintf(stderr, "Test passed\n"); else fprintf(stderr, "Test failed\n"); _exit(fret); } and run: ./tester acl_posix On a non-fixed up kernel this should return something like: root@c1:/# ./t Unexpected different in byte 16: ffa0 != 00 Unexpected different in byte 17: ff86 != 00 Unexpected different in byte 18: 01 != 00 and on a fixed kernel: root@c1:~# ./t Test passed == Fix == 82c9a927bc5d ("getxattr: use correct xattr length") == Regression Potential == Low. One liner that passes the actual length of the xattr as returned by vfs_getxattr() down. == Test Case == A test kernel was built with this patch and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1789746/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1788232] [NEW] SRU of LXCFS 3.0.2 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXCFS 3.0.2 as a bugfix release with following changelog: - travis: add coverity support - travis: fix .travis.yml - meminfo: read shmem from cgroup parameter memory.stat - meminfo: set ShmemHugePages and ShmemPmdMapped to zero - bindings: better logging for write_string() Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxcfs (Ubuntu Xenial) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxcfs (Ubuntu Bionic) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxcfs (Ubuntu Cosmic) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: In Progress ** Changed in: lxcfs (Ubuntu) Status: New => Triaged ** Changed in: lxcfs (Ubuntu) Importance: Undecided => Medium ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Cosmic) Importance: Medium Status: Triaged ** Also affects: lxcfs (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Bionic) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: lxcfs (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: lxcfs (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Bionic) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Cosmic) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Cosmic) Status: Triaged => In Progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1788232 Title: SRU of LXCFS 3.0.2 (upstream bugfix release) Status in lxcfs package in Ubuntu: In Progress Status in lxcfs source package in Xenial: Triaged Status in lxcfs source package in Bionic: Triaged Status in lxcfs source package in Cosmic: In Progress Bug description: LXCFS upstream released LXCFS 3.0.2 as a bugfix release with following changelog: - travis: add coverity support - travis: fix .travis.yml - meminfo: read shmem from cgroup parameter memory.stat - meminfo: set ShmemHugePages and ShmemPmdMapped to zero - bindings: better logging for write_string() Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1788232/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1785499] [NEW] Make squashfs-tools in Xenial in sync with Bionic and Cosmic
Public bug reported: squashfs-tools upstream hasn't changed in a while but a number of bugfixes are applied through packaging in Debian and Ubuntu. The bionic and cosmic versions right now are identical but xenial is missing a few fixes which is a problem for the LXD snap among other things. Looking at debian/series/patches, the fixes currently missing in the xenial version are: - 0007-fix-2GB-limit-in-mksquashfs.patch - 0008-preserve_file_capabilities.patch I'll attach test cases for both of those below and then will prepare an SRU that effectively makes the source package identical to what we have in bionic, minus the different changelog. This should be pretty safe considering both Ubuntu and Debian have been shipping those two patches for a while and the fs caps one is going to be pretty important moving forward as we're discussing having Ubuntu ship with fscaps by default. ** Affects: squashfs-tools (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: squashfs-tools (Ubuntu Xenial) Importance: High Assignee: Stéphane Graber (stgraber) Status: Triaged ** Also affects: squashfs-tools (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: squashfs-tools (Ubuntu Xenial) Status: New => Triaged ** Changed in: squashfs-tools (Ubuntu) Status: New => Fix Released ** Changed in: squashfs-tools (Ubuntu Xenial) Importance: Undecided => High ** Changed in: squashfs-tools (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1785499 Title: Make squashfs-tools in Xenial in sync with Bionic and Cosmic Status in squashfs-tools package in Ubuntu: Fix Released Status in squashfs-tools source package in Xenial: Triaged Bug description: squashfs-tools upstream hasn't changed in a while but a number of bugfixes are applied through packaging in Debian and Ubuntu. The bionic and cosmic versions right now are identical but xenial is missing a few fixes which is a problem for the LXD snap among other things. Looking at debian/series/patches, the fixes currently missing in the xenial version are: - 0007-fix-2GB-limit-in-mksquashfs.patch - 0008-preserve_file_capabilities.patch I'll attach test cases for both of those below and then will prepare an SRU that effectively makes the source package identical to what we have in bionic, minus the different changelog. This should be pretty safe considering both Ubuntu and Debian have been shipping those two patches for a while and the fs caps one is going to be pretty important moving forward as we're discussing having Ubuntu ship with fscaps by default. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squashfs-tools/+bug/1785499/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1780227] Re: locking sockets broken due to missing AppArmor socket mediation patches
Ok, thanks for the update. I've now updated the bug once again to move all the tasks over to the kernel. Can you attach the kernel patch here when you can, I'm sure some of the subscribers may want to test this ahead of the Ubuntu kernel fixes :) ** Changed in: linux (Ubuntu) Importance: Undecided => Critical ** Changed in: linux (Ubuntu Xenial) Importance: Undecided => Critical ** Changed in: linux (Ubuntu Bionic) Importance: Undecided => Critical ** Changed in: linux (Ubuntu) Status: Invalid => Triaged ** Changed in: linux (Ubuntu Xenial) Status: Invalid => Triaged ** Changed in: linux (Ubuntu Bionic) Status: Invalid => Triaged ** Changed in: apparmor (Ubuntu) Status: Triaged => Invalid ** Changed in: apparmor (Ubuntu Xenial) Status: Triaged => Invalid ** Changed in: apparmor (Ubuntu Bionic) Status: Triaged => Invalid ** Changed in: apparmor (Ubuntu) Assignee: John Johansen (jjohansen) => (unassigned) ** Changed in: apparmor (Ubuntu Xenial) Assignee: John Johansen (jjohansen) => (unassigned) ** Changed in: apparmor (Ubuntu Bionic) Assignee: John Johansen (jjohansen) => (unassigned) ** Changed in: linux (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu Xenial) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: linux (Ubuntu Bionic) Assignee: (unassigned) => John Johansen (jjohansen) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1780227 Title: locking sockets broken due to missing AppArmor socket mediation patches Status in apparmor package in Ubuntu: Invalid Status in linux package in Ubuntu: Triaged Status in apparmor source package in Xenial: Invalid Status in linux source package in Xenial: Triaged Status in apparmor source package in Bionic: Invalid Status in linux source package in Bionic: Triaged Bug description: Hey, Newer systemd makes use of locks placed on AF_UNIX sockets created with the socketpair() syscall to synchronize various bits and pieces when isolating services. On kernels prior to 4.18 that do not have backported the AppArmor socket mediation patchset this will cause the locks to be denied with EACCESS. This causes systemd to be broken in LXC and LXD containers that do not run unconfined which is a pretty big deal. We have seen various bug reports related to this. See for example [1] and [2]. If feasible it would be excellent if we could backport the socket mediation patchset to all LTS kernels. Afaict, this should be 4.4 and 4.15. This will unbreak a whole range of use-cases. The socket mediation patchset is available here: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=80a17a5f501ea048d86f81d629c94062b76610d4 [1]: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1575779 [2]: https://github.com/systemd/systemd/issues/9493 Thanks! Christian To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1780227/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1780227] Re: locking sockets broken due to missing AppArmor socket mediation patches
Per discussion above: - Closing the kernel tasks - Raising priority on apparmor tasks to Critical (to match what kernel had) - Assigning to jjohansen as the AppArmor maintainer As we care about xenial, bionic and cosmic, we need point releases (or cherry-pick) for: - AppArmor 2.10 (2.10.95 in xenial) - AppArmor 2.12 (2.12 in bionic and cosmic) John: Any ETA for those two point releases or pointer to a commit which we could SRU on its own? For now our focus is obviously on getting this resolved in Ubuntu as soon as possible, since it's breaking a number of systemd services that are now (18.04) shipping with more confinement than in the past. The same issue is also currently preventing us from starting newer Fedora and Arch containers on Ubuntu. Our standard response so far has been to tell users to turn off AppArmor for those containers, but it's obviously not an answer we like to give (I'm sure you'll agree). ** Changed in: linux (Ubuntu) Status: Triaged => Invalid ** Changed in: linux (Ubuntu Xenial) Status: Triaged => Invalid ** Changed in: linux (Ubuntu Bionic) Status: Triaged => Invalid ** Changed in: apparmor (Ubuntu) Status: New => Triaged ** Changed in: apparmor (Ubuntu Xenial) Status: New => Triaged ** Changed in: apparmor (Ubuntu Bionic) Status: New => Triaged ** Changed in: apparmor (Ubuntu) Importance: Undecided => Critical ** Changed in: apparmor (Ubuntu Xenial) Importance: Undecided => Critical ** Changed in: apparmor (Ubuntu Bionic) Importance: Undecided => Critical ** Changed in: linux (Ubuntu) Importance: Critical => Undecided ** Changed in: linux (Ubuntu Xenial) Importance: High => Undecided ** Changed in: linux (Ubuntu Bionic) Importance: High => Undecided ** Changed in: apparmor (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: apparmor (Ubuntu Xenial) Assignee: (unassigned) => John Johansen (jjohansen) ** Changed in: apparmor (Ubuntu Bionic) Assignee: (unassigned) => John Johansen (jjohansen) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1780227 Title: locking sockets broken due to missing AppArmor socket mediation patches Status in apparmor package in Ubuntu: Triaged Status in linux package in Ubuntu: Invalid Status in apparmor source package in Xenial: Triaged Status in linux source package in Xenial: Invalid Status in apparmor source package in Bionic: Triaged Status in linux source package in Bionic: Invalid Bug description: Hey, Newer systemd makes use of locks placed on AF_UNIX sockets created with the socketpair() syscall to synchronize various bits and pieces when isolating services. On kernels prior to 4.18 that do not have backported the AppArmor socket mediation patchset this will cause the locks to be denied with EACCESS. This causes systemd to be broken in LXC and LXD containers that do not run unconfined which is a pretty big deal. We have seen various bug reports related to this. See for example [1] and [2]. If feasible it would be excellent if we could backport the socket mediation patchset to all LTS kernels. Afaict, this should be 4.4 and 4.15. This will unbreak a whole range of use-cases. The socket mediation patchset is available here: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=80a17a5f501ea048d86f81d629c94062b76610d4 [1]: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1575779 [2]: https://github.com/systemd/systemd/issues/9493 Thanks! Christian To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1780227/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1775271] Re: SRU of LXCFS 3.0.1 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1775271 Title: SRU of LXCFS 3.0.1 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Xenial: Fix Released Status in lxcfs source package in Bionic: Fix Released Status in lxcfs source package in Cosmic: Fix Released Bug description: LXCFS upstream released LXCFS 3.0.1 as a bugfix release with following changelog: - Add support for the nonempty FUSE mount option Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1775271/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1775290] Re: SRU of LXD 3.0.1 (upstream bugfix release)
** Changed in: lxd (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1775290 Title: SRU of LXD 3.0.1 (upstream bugfix release) Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: Fix Released Status in lxd source package in Bionic: Fix Released Status in lxd source package in Cosmic: Fix Released Bug description: LXD upstream released LXD 3.0.1 as a bugfix release with following changelog: - lxc: Fix mistakenly hidden commands - i18n: Update translation templates - lxd/migration: Pre-validate profiles - client: Improve remote operation errors - Fix some typos and wording. - Wording fix. - lxc/image: Fix crash due to bad arg parsing - lxd: add missing limits.h include - lxd/init: Fix --auto with network config - lxc: Consistent naming of clustering terms - i18n: Update translation templates - lxc/file: Fix pushing files to remote - lxd/init: Don’t setup a remote storage pool by default - Fix lxd init failing to join cluster interactively with existing zfs pool - lxc/query: Fix -d and -X - lxc/help: Make help respect --all too - Fix typo in help of “lxc network” - Properly filter node-level storage configs by pool ID - i18n: Update translation templates - lxd/init: Consistency - Make new gofmt happy - lxc/file: Allow using -r to follow symlinks - Replace juju/idmclient with CanonicalLtd/candidclient - lxc/config: Fix adding trust cert on snap - lxc/alias: Fix example in help message - i18n: Update translation templates - client: Introduce LXD_SOCKET - Makefile: Add a manifest - containers: fix snapshot deletion - lxc/init: Add missing --no-profiles - i18n: Update translations - lxc/file: Fix pull target logic - doc: Fix example in userns-idmap - devices: fail if Nvidia device minor is missing - Add db.ContainersNodeList - storage: createContainerMountpoint() fix perms - ceph: s/0755/0711/g - lvm: s/0755/0711/g - storage utils: s/0755/0711/g - zfs: s/0755/0711/g - patches: add “storage_api_path_permissions” - sys/fs: s/MkdirAll/Mkdir/g - btrfs: fix permissions - Pass a logger to raft-http - Add new cluster.Promote function - Add new cluster.Rebalance function - Notify the cluster leader after a node removal, so it can rebalance - Add integration test - doc: Tweak backup.md - lxd/init: Require root for interactive cluster join - Disable flaky unit tests for now - Log the error that made Daemon.Init() fail - client: Expose http URL in ConnectionInfo - lxc/query: Add support for non-JSON endpoints - Handle empty query strings - Support reading queries from standard in - Support passing multiple queries - Rename database files - Support querying both local and global database - Update integration tests - Normalize name of images_aliases table - Add query.Dump helper to dump schema and data - Add support for dump command in lxd sql - lxd/containers: Fix lxc.net 1 check - doc/backup.md: update snap path - Add lxc cluster enable command - Fix command description formatting - Update .pot files - Use an isolated LXD instance in integration tests - Start a container in the integration test - Address style comments - add LXD_UNPRIVILEGED_ONLY to disallow privileged containers. - lxd: tweak LXD_UNPRIVILEGED_ONLY - doc: add LXD_UNPRIVILEGED_ONLY - tests: add tests for LXD_UNPRIVILEGED_ONLY - Reword errors when LXD_UNPRIVILEGED_ONLY is set - lxd/containers: Allow sending progress - lxc/rename: Deal with remote renames - lxd/db: Don’t crash on empty queries - lxd/sql: Drop custom table renderer - lxd/network: Fix fan subnet calculation logic - Update translations from weblate - lxc/main: Fix remote caching - lxc/storage_volumes: Various fixes - tests: Add extra cleanup code - lxd/storage: Also set zfs.pool_name on upgrade - migration: fix btrfs live migration - lxd/containers: Fix broken unix hotplug logic - lxc/list: Reduce number of API calls - Make the interaction betwean lxd daemon and waitready non-blocking - Increase logging during startup - Remove log alias for waitready - Remove log alias for db.OpenCluster - Make Unavailable accept an error parameter - Add a new Schema.File() method to load extra queries from a file - Add support for patch.local.sql and patch.global.sql - Add integration te
[Group.of.nepali.translators] [Bug 1775283] Re: SRU of LXC 3.0.1 (upstream bugfix release)
** Changed in: lxc (Ubuntu Xenial) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1775283 Title: SRU of LXC 3.0.1 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Xenial: Fix Released Status in lxc source package in Bionic: Fix Released Status in lxc source package in Cosmic: Fix Released Bug description: LXC upstream released LXC 3.0.1 as a bugfix release with following changelog: - tools: fix unitialized variable - storage: fix lvm fs uuid generation - lxc-oci: fix Cmd/Entrypoint parsing - lxc-oci: make umoci less verbose - lxclock: use thread-safe OFD fcntl() locks - locktests: fix test suite - conf: ensure umounts don’t propagate to host - doc: Tweak Japanese translation in lxc.container.conf(5) - fix signal sending in lxc.init - rootfs pinning: On NFS, make file hidden but don’t delete it - conf: fix temporary file creation - ringbuf: fix temporary file creation - Fix compilation with static libcap and shared gnutls - attach: always drop supplementary groups - lxc init: remove dead code - storage/rsync: free memory on error - tools/utils: free memory on error - lxc init: coding style - utils: define __NR_setns if missing on old glibcs - attach: try to always drop supplementary groups - conf: ret-try devpts mount without gid=5 on error - execute: fix app containers without root mapping - conf: fix net type checks in run_script_argv() - seccomp: handle arch inversion - seccomp: handle all errors - seccomp: cleanup compat architecture handling - seccomp: improve logging - tools: document -d/–daemonize for lxc-execute - seccomp: non-functional changes - seccomp: handle arch inversion II - lxc-oci: mkdir the download directory - do_lxcapi_create: set umask - lxc/tools/lxc_monitor: include missing - pam-cgfs: ignore the system umask when creating the cgroup hierarchy - Also pass action scripts to CRIU on checkpointing - Fix the memory leak in cgfsng_attach - Fix memory leak in list_active_containers - Fix tool_utils.c build when HAVE_SETNS is unset - coverity: #1435210 - coverity: #1435208 - coverity: #1435207 - coverity: #1435206 - coverity: #1435205 - coverity: #1435203 - coverity: #1435200 - coverity: #1435198 - coverity: #1426734 - lxccontainer: non-functional changes - lxccontainer: use thread-safe OFD locks - lxccontainer: non-functional changes - lxccontainer: do_lxcapi_is_running() - lxccontainer: do_lxcapi_freeze() - lxccontainer: do_lxcapi_unfreeze() - lxccontainer: non-functional changes - lxccontainer: use thread-safe open() + write() - lxccontainer: non-functional changes - lxccontainer: non-functional changes - lxccontainer: non-functional changes - coverity: #1435263 - fix logic for execute log file - utils: add LXC_PROC_PID_FD_LEN - execute: use static buffer - execute: do not check inherited fds again - add some TRACE/ERROR reporting - execute: account for -o path option count - execute: set init_path when existing init is found - genl: remove - coverity: #1248104 - coverity: #1248105 - coverity: #1425744 - utils: account for terminating \0 byte - confile: satisfy gcc-8 - network: silence gcc-8 - network: adhere to IFNAMSIZ limit - support case ignored suffix for sizes - utils: fix parse_byte_size_string() coding style - strlcpy: add strlcpy() implementation - tree-wide: s/strncpy()/strlcpy()/g - CODING_STYLE: add section about using strlcpy() - tools: s/strncpy()/strlcpy()/g - Revert “tools: s/strncpy()/strlcpy()/g” - tools: s/strncpy()/memcpy()/ - doc: Add “-d/–daemon” option to Japanese lxc-execute(1) - doc: Fix size unit style in Japanese lxc.container.conf(5) - coverity: #1435604 - coverity: #1435603 - coverity: #1435602 - coverity: #1425844 - config: allow read-write /sys in user namespace - coverity: #1425836 - coverity: #1248106 - capabilities: raise ambient capabilities - coverity: #1425802 - cgroups: refactor cgroup handling - cgroups: remove freezer_state() - seccomp: #ifdef SCMP_ARCH_AARCH64 - conf: simplify write_id_mapping() - log: enable per-thread container name prefix - lxc-init: skip signals that can’t be caught - execute: use execveat() syscall if supported - tools: only create log file when requested - seccom
[Group.of.nepali.translators] [Bug 1775290] [NEW] SRU of LXD 3.0.1 (upstream bugfix release)
command/info command/ - lxd/init: Explain password less behavior - Make waitready less verbose - devices: clone mode of device - lxd/init: Have --auto setup networkng if missing - container_lxc: fix optional property for disk devs - test: Fix busybox image - lxc/action: Fix pause - lxd/callhook: Respect LXD_SOCKET environment variable - forkfile: only open O_RDWR if necessary - Consider a copy to be local only when not clustered - Add integration tests - api: Add backup structs - client: Implement backup functionality - shared: Implement RunCommandWithFds - btrfs: add doContainerCreate() - btrfs: add doContainerSnapshotCreate() - ceph: ensure fs consistency when snapshotting - ceph: ensure fs consistency when restoring - ceph: add doContainerCreate() - ceph: add doContainerMount() - lvm: add doContainerMount() - zfs: add doContainerMount() - zfs: add do*() helpers - lvm: use internal pool name - lxd-p2c: Handle target URL smarter - lxd-p2c: Ignore missing arg errors - lxd-p2c: Delete containers on failure - lxd-p2c: Better report rsync errors - lxd-p2c: Allow overriding rsync args - Serialize reads to the cluster database - doc: Fix typo in api-extensions - Redirect container/snapshost publish API requests to the relevant node - gpu: fallback to default device mode - Improve error messages and docs about node-specific config keys - Avoid wrapping long lines - lxd-p2c: Add rsync version check - lvm: s/LXDPool/LXDThinPool/g - Extract expandConfigFromProfiles from expandConfig to avoid db calls - Broadcast profile changes to other cluster nodes - lvm: use LXD pool name - tests: Reduce ceph pg_num down to 1 - lxc-to-lxd: Respect LXD_SOCKET environment variable - Manually release the liblxc structs - Drop manual GC calls - lxd/containers: Fix fd leak in metadata Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. ** Affects: lxd (Ubuntu) Importance: High Assignee: Stéphane Graber (stgraber) Status: Fix Released ** Affects: lxd (Ubuntu Xenial) Importance: High Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxd (Ubuntu Bionic) Importance: High Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxd (Ubuntu Cosmic) Importance: High Assignee: Stéphane Graber (stgraber) Status: Fix Released ** Also affects: lxd (Ubuntu Cosmic) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu Cosmic) Status: New => Fix Released ** Changed in: lxd (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxd (Ubuntu Bionic) Status: New => In Progress ** Changed in: lxd (Ubuntu Xenial) Importance: Undecided => High ** Changed in: lxd (Ubuntu Bionic) Importance: Undecided => High ** Changed in: lxd (Ubuntu Cosmic) Importance: Undecided => High ** Changed in: lxd (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxd (Ubuntu Bionic) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxd (Ubuntu Cosmic) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1775290 Title: SRU of LXD 3.0.1 (upstream bugfix release) Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: Triaged Status in lxd source package in Bionic: In Progress Status in lxd source package in Cosmic: Fix Released Bug description: LXD upstream released LXD 3.0.1 as a bugfix release with following changelog: - lxc: Fix mistakenly hidden commands - i18n: Update translation templates - lxd/migration: Pre-validate profiles - client: Improve remote operation errors - Fix some typos and wording. - Wording fix. - lxc/image: Fix crash due to bad arg parsing - lxd: add missing limits.h include - lxd/init: Fix
[Group.of.nepali.translators] [Bug 1775283] [NEW] SRU of LXC 3.0.1
() - tree-wide: s/sigprocmask/pthread_sigmask()/g - utils: fix task_blocking_signal() - lxccontainer: fix fd leaks when sending signals - confile: order architectures - start: log setns() failure - seccomp: leak fixup - seccomp: re-add action parse error handling - seccomp: refactor line handling of parse_config - seccomp: error on unrecognized actions - seccomp: lxc_read_seccomp_config() - seccomp: parse_v2_rules() - seccomp: make do_resolve_add_rule() more strict - tools: fix lxc-create with global config value - tools: fix lxc-create with global config value II - coverity: #1435806 - coverity: #1435805 - coverity: #1435803 - coverity: #1435747 - conf: non-functional changes - conf: make is_execute a boolean - conf: non-functional changes - conf: make close_all_fds a boolean - conf: reshuffle mount members - conf: simplify tty handling - conf: pts -> pty_max - conf: non-functional changes - utils: fix task_blocking_signal() - network: fix socket handle leak - start: do not init ns_clone_flags to -1 - conf: ensure lxc_delete_tty() does not crash - start: add reboot macros - conf: make root idmap structs const - conf: make tmp_umount_proc bool - conf: non-functional changes - conf: va_end was not called. - confile: improve strprint() - change defines for return value of handlers - start: fix waitpid() blocking issue - start: log unknown info.si_code - tree-wide: fix mode of some files - confile_utils: apply strprint() - templates: actually create DOWNLOAD_TEMP directory - templates: fix download template - Patch lxc-update-config Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. ** Affects: lxc (Ubuntu) Importance: High Assignee: Stéphane Graber (stgraber) Status: Fix Released ** Affects: lxc (Ubuntu Xenial) Importance: High Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxc (Ubuntu Bionic) Importance: High Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxc (Ubuntu Cosmic) Importance: High Assignee: Stéphane Graber (stgraber) Status: Fix Released ** Also affects: lxc (Ubuntu Cosmic) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: lxc (Ubuntu Xenial) Importance: Undecided => High ** Changed in: lxc (Ubuntu Bionic) Importance: Undecided => High ** Changed in: lxc (Ubuntu Cosmic) Importance: Undecided => High ** Changed in: lxc (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxc (Ubuntu Bionic) Status: New => In Progress ** Changed in: lxc (Ubuntu Cosmic) Status: New => Fix Released ** Changed in: lxc (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxc (Ubuntu Bionic) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxc (Ubuntu Cosmic) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1775283 Title: SRU of LXC 3.0.1 Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Xenial: Triaged Status in lxc source package in Bionic: In Progress Status in lxc source package in Cosmic: Fix Released Bug description: LXC upstream released LXC 3.0.1 as a bugfix release with following changelog: - tools: fix unitialized variable - storage: fix lvm fs uuid generation - lxc-oci: fix Cmd/Entrypoint parsing - lxc-oci: make umoci less verbose - lxclock: use thread-safe OFD fcntl() locks - locktests: fix test suite - conf: ensure umounts don’t propagate to host - doc: Tweak Japanese translation in lxc.container.conf(5) - fix signal sending in lxc.init - rootfs pinning: On NFS, make file hidden but don’t delete it - conf: fix temporary file creation - ringbuf: fix temporary file creation - Fix compilation with static libcap an
[Group.of.nepali.translators] [Bug 1775271] [NEW] SRU of LXCFS 3.0.1 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXCFS 3.0.1 as a bugfix release with following changelog: - Add support for the nonempty FUSE mount option Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Fix Released ** Affects: lxcfs (Ubuntu Xenial) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxcfs (Ubuntu Bionic) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxcfs (Ubuntu Cosmic) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Fix Released ** Also affects: lxcfs (Ubuntu Cosmic) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu Cosmic) Status: New => Fix Released ** Changed in: lxcfs (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Bionic) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: lxcfs (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: lxcfs (Ubuntu Cosmic) Importance: Undecided => Medium ** Changed in: lxcfs (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Bionic) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Cosmic) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1775271 Title: SRU of LXCFS 3.0.1 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Xenial: Triaged Status in lxcfs source package in Bionic: In Progress Status in lxcfs source package in Cosmic: Fix Released Bug description: LXCFS upstream released LXCFS 3.0.1 as a bugfix release with following changelog: - Add support for the nonempty FUSE mount option Just like Ubuntu itself, upstream releases long term support releases, as is 3.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to xenial- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1775271/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1731698] Re: [SRU] Tor 0.2.9.13 and 0.3.0.12
Sorry about the delay. I've added the tasks for Xenial and Artful. We're going to ignore Zesty due to its EOL. @Simon are you planning on bumping those to the releases that have been released since? If so, I'll wait a bit before uploading those, if not, let me know and I'll upload those. ** Also affects: tor (Ubuntu Artful) Importance: Undecided Status: New ** Also affects: tor (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: tor (Ubuntu) Status: Confirmed => Fix Released ** Changed in: tor (Ubuntu Xenial) Status: New => Triaged ** Changed in: tor (Ubuntu Artful) Status: New => Triaged -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1731698 Title: [SRU] Tor 0.2.9.13 and 0.3.0.12 Status in tor package in Ubuntu: Fix Released Status in tor source package in Xenial: Triaged Status in tor source package in Artful: Triaged Bug description: Micro versions of Tor were recently released to address some security problems (CVE-2017-0380/TROVE-2017-008) and crashes. The new releases also include directory authority changes. [Test Case] 1) Setup Tor: $ sudo apt-get install tor 2) Check if the Tor network is usable: $ torsocks wget -qO - https://ifconfig.co 192.0.2.1 3) Check that the IP returned by https://ifconfig.co is NOT the one assigned by you ISP. 4) If you got a different IP it means wget used the Tor network successfully 5) Repeat with the -proposed package [Regression Potential] Unfortunately, I don't know what regression could be introduced by those micro version upgrades (0.2.9.11->0.2.9.13 and 0.3.0.10->0.3.0.12). Debian shipped 0.2.9.12 some time ago and I didn't find any regression in their bug tracker. Unfortunately, Debian no longer ship the 0.3.0.x branch as they moved to 0.3.1.x so the version in Artful saw less "in the wild" testing. I also looked at the upstream bug tracker and didn't find any relevant regression introduced by those new versions. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tor/+bug/1731698/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1737020] [NEW] Regression in "lxd init" behavior in 2.0.11
Public bug reported: This is an SRU tracking bug for the fixes to two "lxd init" regressions in LXD 2.0.11. 1) Missing question about the ZFS pool name when creating a new pool. 2) Missing question about the LXD bridge configuration. Both of those are part of our interactive workflow so didn't trip our automated testing and unfortunately didn't trip our manual testing either as were mostly focused on upgrades rather than validating that the initial configuration tool was asking all the expected questions. This SRU should be rushed as those two issues make the initial configuration of LXD inconsistent with documentation and quite a bit harder for users to do. # Testcase Install LXD 2.0.11 on a clean system, run "lxd init", select "zfs" as the storage backend and accept to create a new pool. Confirm that you get asked for the pool name. Then later, check that you're asked to configure the LXD bridge and that answering yes causes a set of debconf prompts to show up. # Regression potential This only applies to new installations and has been manually tested already alongside the old LXD 2.0.10 to confirm that the behavior is now identical. There is the possibility that we missed another regression in that code, but this fix would still be a good improvement. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Invalid ** Affects: lxd (Ubuntu Xenial) Importance: Critical Status: Triaged ** Changed in: lxd (Ubuntu) Status: New => Triaged ** Changed in: lxd (Ubuntu) Status: Triaged => Invalid ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxd (Ubuntu Xenial) Importance: Undecided => Critical -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1737020 Title: Regression in "lxd init" behavior in 2.0.11 Status in lxd package in Ubuntu: Invalid Status in lxd source package in Xenial: Triaged Bug description: This is an SRU tracking bug for the fixes to two "lxd init" regressions in LXD 2.0.11. 1) Missing question about the ZFS pool name when creating a new pool. 2) Missing question about the LXD bridge configuration. Both of those are part of our interactive workflow so didn't trip our automated testing and unfortunately didn't trip our manual testing either as were mostly focused on upgrades rather than validating that the initial configuration tool was asking all the expected questions. This SRU should be rushed as those two issues make the initial configuration of LXD inconsistent with documentation and quite a bit harder for users to do. # Testcase Install LXD 2.0.11 on a clean system, run "lxd init", select "zfs" as the storage backend and accept to create a new pool. Confirm that you get asked for the pool name. Then later, check that you're asked to configure the LXD bridge and that answering yes causes a set of debconf prompts to show up. # Regression potential This only applies to new installations and has been manually tested already alongside the old LXD 2.0.10 to confirm that the behavior is now identical. There is the possibility that we missed another regression in that code, but this fix would still be a good improvement. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1737020/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1724861] Re: lxd 2.0.10-0ubuntu1~16.04.2 ADT test failure with linux-hwe-edge 4.13.0-16.19~16.04.3
** Changed in: lxd (Ubuntu Xenial) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1724861 Title: lxd 2.0.10-0ubuntu1~16.04.2 ADT test failure with linux-hwe-edge 4.13.0-16.19~16.04.3 Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: Fix Released Bug description: [Impact] Currently the DKMS package fails to install in supported custom kernels that are based on 4.11 or 4.13. That includes the current 4.11 hwe-edge and the upcoming 4.13 hwe-edge kernels and some of the custom and cloud kernels as well. [Test Case] Install the DKMS package with the 4.13 hwe-edge kernel from -proposed. The package installation should proceed without any errors. [Regression Potential] Although new patches were added, the regression risk is very low since the new changes are conditionally compiled based on the kernel version. Besides that the new package was tested with the following kernels in an amd64 environment: - linux-generic 4.4 - linux-hwe 4.10 - linux-hwe-edge 4.11 - linux-hwe-edge 4.13 (from xenial-proposed) - linux-azure 4.11 - linux-azure-edge 4.13 (which is in process of getting promoted to xenial-proposed) [Original description] Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/amd64/l/lxd/20171018_120755_dbca9@/log.gz i386: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/i386/l/lxd/20171018_121800_dbca9@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/ppc64el/l/lxd/20171018_121146_dbca9@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1724861/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1727373] Re: SRU of LXCFS 2.0.8 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Trusty) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1727373 Title: SRU of LXCFS 2.0.8 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Fix Released Status in lxcfs source package in Xenial: Fix Released Status in lxcfs source package in Zesty: Fix Released Status in lxcfs source package in Artful: Fix Released Bug description: LXCFS upstream released LXCFS 2.0.8 as a bugfix release with following changelog: - bindings: Add mountpoint for unified hierarchy - bindings: Calculate uptime via proc//stat - bindings: Revert virtualization of 'btime' field due to regressions in ps - doc: Update README - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - lib: Add common fallback dlopen for liblxcfs.so - lib: Fix the installation directory for liblxcfs to ${libdir}/lxcfs - pam: Add a 'all' option for -c - pam: Chown cgroup.procs file on unified hierarchy - pam: Report back when we find a unified hierarchy - tests: Fix invalid comparison - uptime: Fix a problem with subsequent reads Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1727373/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1731146] [NEW] SRU of LXD 2.0.11 (upstream bugfix release)
n subuid - tests: Also measure batch startup time in perf.sh - tests: bump image auto update limit to 20min - tests: Clear database state in the mock daemon after each lxdSuiteTest - tests: Don't attempt to finger public remotes - tests: Don't attempt to finger public remotes - tests: Don't copy running lvm/ceph containers - tests: Fix bad raw.lxc test - tests: Fix dependency check - tests: Fix image_auto_update test - tests: Fix image expiry test - tests: Fix shell return value masking - tests: Function to include storage backends helpers - tests: include lvm in image auto update - tests: More apparmor presence checking - tests: Refactor cleanup functions - tests: Setup basic channel handler for triggers - tests: Skip apparmor tests when no kernel support - tests: Split out lxc and lxd related helper functions - tests: Split out network-related helper functions - tests: Split out storage-related helper functions - tests: Split out test setup related helper functions - tests: Support running individual testify test suites - tests: Switch to new storage helpers - tests: Update perf.sh to "lxd-benchmark launch" - tests: use "--force" everywhere on stop - tests: Use in-memory db for tests (makes them faster) - tests: Use testimage for perf testing - tests: Validate that the right busybox is present - tests: Wait up to 2 minutes for image updates Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Invalid ** Affects: lxd (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxd (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Changed in: lxd (Ubuntu) Status: New => Invalid ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu Trusty) Status: New => In Progress ** Changed in: lxd (Ubuntu Trusty) Status: In Progress => Triaged ** Changed in: lxd (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxd (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxd (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1731146 Title: SRU of LXD 2.0.11 (upstream bugfix release) Status in lxd package in Ubuntu: Invalid Status in lxd source package in Trusty: Triaged Status in lxd source package in Xenial: In Progress Bug description: LXD upstream released LXD 2.0.11 as a bugfix release with following changelog: - It's now possible to interrupt image downloads - Added a new security.idmap.base config key (overrides the base uid/gid of the container) - Added support for delta image downloads - Implemented instance types as a proxy for resource limits - The user-agent string was expanded to include OS and kernel information - The client library and related code is now kept in sync with master - The command line client has been ported to the new client library - client: Add CancelTarget to RemoteOperation - client: Add CreateContainerFromImage function - client: Added insecureSkipVerify flag the ConnectionArgs struct - client: Add extra exec option to block on I/O - client: Add GetServerResources() - client: Add GetStoragePoolResources() - client: Add image_create_aliases backward compat - client: Add RenameStoragePoolVolume() - client: Allow canceling image download from LXDs - client: Allow specifying base http client - client: Cleanup code duplication in image download code - client: Commonize error handling - client: Don't live migrate stopped containers - client: Drop experimental tag from new client - client: Fail if source isn't listening on network - client: Fix crash i
[Group.of.nepali.translators] [Bug 1693340] Re: SRU of LXD 2.0.10 (upstream bugfix release)
** Changed in: lxd (Ubuntu Trusty) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1693340 Title: SRU of LXD 2.0.10 (upstream bugfix release) Status in lxd package in Ubuntu: Invalid Status in lxd source package in Trusty: Fix Released Status in lxd source package in Xenial: Fix Released Bug description: LXD upstream released LXD 2.0.10 as a bugfix release with following changelog: - client: Backported the new client library and ported some of the internal commands over to it - lxc: Add a manpage command - lxc: Allow --version to be passed with any command - lxc: Reworked all help messages in the client to work with help2man - lxd: AppArmor namespacing is now also enabled for privileged containers - build: Add debug logging - client: Fix profile list - client: Remove unneeded condition - doc: Add instructions to grow ZFS loop - doc: Add note about escaping btrfs qgroups - doc: Add note about restricting access to kernel ring buffer - doc: Extract containers documentation to containers.md - doc: Extract profiles documentation to profiles.md - doc: Extract server documentation to server.md - doc: Fix badly named example device - doc: Fix broken table - doc: Note that LXD assumes full control over the pool - doc: Update configuration.md with links to other documents - doc: Update README.md for new API client - extra/lxc-to-lxd: Don't crash on missing mount file - extra/lxc-to-lxd: Typo in description of --move-rootfs - extra/vagrant: Trailing whitespace - global: Fix error handling in all filepath.Walk calls - global: Fix a number of typos - global: Forward user-agent and other headers on redirect - global: Replace file Chmod() with os.Chmod() - global: Use containerGetParentAndSnapshotName() - global: Use RunCommand everywhere - lxc: Don't include spaces in translated strings - lxc: Improve batch mode - lxc: Make help/usage a bit more consistent - lxc: Move common functions/types to utils.go - lxc: Properly clear transfer stats on error - lxc: Rework for better manpages - lxc/config: Add new config handling code - lxc/config: Always use "simplestreams" for images: - lxc/config: Fix path handling - lxc/config: Fix SaveConfig's DeepCopy call - lxc/copy: Improve error handling - lxc/copy: Return the source error too - lxc/copy: Simplify - lxc/copy: Wait asynchronously - lxc/image: Show the alias description - lxc/image: Trailing whitespace - lxc/init: Drop unnecessary else statement - lxc/list: Document list format options - lxc/list: Fix regression in json output - lxc/list: Move common data extraction to a helper function - lxc/profile: Properly implement "profile unset" - lxc/publish: Wait for the conainer to be running - lxc/remote: Show the fingerprint as string not hex - lxc/utils: Implement progress tracking for operations - lxd: Drop use of logger.Log when not needed - lxd/apparmor: Fix AppArmor stack handling with nesting - lxd/containers: Add containerGetParentAndSnapshotName() - lxd/containers: Added soft limit in initLXD() - lxd/containers: Added soft memory limit even when hard is selected - lxd/containers: Add extra validation for unix-block/unix-char - lxd/containers: Add function to detect root disk device - lxd/containers: Allow for stable host interface names - lxd/containers: Clarify uid/gid error - lxd/containers: Cleanup root device validation - lxd/containers: Disable IPv6 on host side veth when bridged - lxd/containers: Don't ignore snapshot deletion failures - lxd/containers: Don't parse id ranges as int32 - lxd/containers: Don't report migration success on failure - lxd/containers: Don't use FindProcess, just pass exec.Cmd - lxd/containers: Find current max snapshot value - lxd/containers: Fix bad root device detection code - lxd/containers: Fix base image tracking - lxd/containers: Fix concurent read/write to s.conns in exec - lxd/containers: Fix error handling on FileRemove - lxd/containers: Fix handling of devices with minor>255 - lxd/containers: Fix override of Devices during copy - lxd/containers: Fix soft limit logic to use float64 - lxd/containers: Initialize idmap on demand - lxd/containers: Kill forkexec on abnormal websocket closure - lxd/containers: Path may only be used by one disk - lxd/containers: Properly invalidate the idmap cache - lxd/containers: Properly revert memory limits on failure
[Group.of.nepali.translators] [Bug 1727373] Re: SRU of LXCFS 2.0.8 (upstream bugfix release)
And uploaded bionic, zesty and xenial now. ** Changed in: lxcfs (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1727373 Title: SRU of LXCFS 2.0.8 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: New Status in lxcfs source package in Xenial: In Progress Status in lxcfs source package in Zesty: In Progress Status in lxcfs source package in Artful: In Progress Bug description: LXCFS upstream released LXCFS 2.0.8 as a bugfix release with following changelog: - bindings: Add mountpoint for unified hierarchy - bindings: Calculate uptime via proc//stat - bindings: Revert virtualization of 'btime' field due to regressions in ps - doc: Update README - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - lib: Add common fallback dlopen for liblxcfs.so - lib: Fix the installation directory for liblxcfs to ${libdir}/lxcfs - pam: Add a 'all' option for -c - pam: Chown cgroup.procs file on unified hierarchy - pam: Report back when we find a unified hierarchy - tests: Fix invalid comparison - uptime: Fix a problem with subsequent reads Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1727373/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1727373] [NEW] SRU of LXCFS 2.0.8 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXCFS 2.0.8 as a bugfix release with following changelog: - bindings: Add mountpoint for unified hierarchy - bindings: Calculate uptime via proc//stat - bindings: Revert virtualization of 'btime' field due to regressions in ps - doc: Update README - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - lib: Add common fallback dlopen for liblxcfs.so - lib: Fix the installation directory for liblxcfs to ${libdir}/lxcfs - pam: Add a 'all' option for -c - pam: Chown cgroup.procs file on unified hierarchy - pam: Report back when we find a unified hierarchy - tests: Fix invalid comparison - uptime: Fix a problem with subsequent reads Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Undecided Status: New ** Affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: In Progress ** Affects: lxcfs (Ubuntu Zesty) Importance: Undecided Status: In Progress ** Affects: lxcfs (Ubuntu Artful) Importance: Undecided Status: In Progress ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Artful) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Zesty) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu Zesty) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Artful) Status: New => In Progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1727373 Title: SRU of LXCFS 2.0.8 (upstream bugfix release) Status in lxcfs package in Ubuntu: New Status in lxcfs source package in Trusty: New Status in lxcfs source package in Xenial: In Progress Status in lxcfs source package in Zesty: In Progress Status in lxcfs source package in Artful: In Progress Bug description: LXCFS upstream released LXCFS 2.0.8 as a bugfix release with following changelog: - bindings: Add mountpoint for unified hierarchy - bindings: Calculate uptime via proc//stat - bindings: Revert virtualization of 'btime' field due to regressions in ps - doc: Update README - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - lib: Add common fallback dlopen for liblxcfs.so - lib: Fix the installation directory for liblxcfs to ${libdir}/lxcfs - pam: Add a 'all' option for -c - pam: Chown cgroup.procs file on unified hierarchy - pam: Report back when we find a unified hierarchy - tests: Fix invalid comparison - uptime: Fix a problem with subsequent reads Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1727373/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1724861] Re: lxd 2.0.10-0ubuntu1~16.04.2 ADT test failure with linux-hwe-edge 4.13.0-16.19~16.04.3
We're releasing LXD 2.0.11 today which will include this particular fix, so that should fix this. ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu) Status: New => Fix Released ** Changed in: lxd (Ubuntu Xenial) Status: New => In Progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1724861 Title: lxd 2.0.10-0ubuntu1~16.04.2 ADT test failure with linux-hwe-edge 4.13.0-16.19~16.04.3 Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: In Progress Bug description: Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/amd64/l/lxd/20171018_120755_dbca9@/log.gz i386: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/i386/l/lxd/20171018_121800_dbca9@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/ppc64el/l/lxd/20171018_121146_dbca9@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1724861/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1709920] Re: criu is not built for arm64
Is that patchset something that can actually be applied on the much much older CRIU we have in those releases? It doesn't really feel that way to me. Also, please note that CRIU is in universe so that'd be a best effort/community work. ** Changed in: criu (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1709920 Title: criu is not built for arm64 Status in criu package in Ubuntu: Fix Released Status in criu source package in Xenial: New Status in criu source package in Zesty: New Status in criu package in Debian: Fix Released Bug description: The criu package has source code for arch/aarch64, but arm64 is not listed in the control file so LP does not attempt to build it. At least for artful, adding arm64 to the supported list in debian/control is sufficient for the build to succeed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/criu/+bug/1709920/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1686036] Re: mountpoint remains in use after restore snapshot
** Changed in: lxd (Ubuntu Xenial) Status: Triaged => Fix Released ** No longer affects: lxd (Ubuntu Yakkety) ** Changed in: lxd (Ubuntu Zesty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1686036 Title: mountpoint remains in use after restore snapshot Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: Fix Released Status in lxd source package in Zesty: Fix Released Status in lxd source package in Artful: Fix Released Bug description: uname -a Linux lxd2-chel1 4.4.0-72-generic #93-Ubuntu SMP Fri Mar 31 14:07:41 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux lxd: 2.12-0ubuntu3~ubuntu16.04.1~ppa1 zfsutils-linux: 0.6.5.6-0ubuntu16 # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 16.04.2 LTS Release:16.04 Codename: xenial after restore container from shapshot cannot add new snapshot or restore again until restart container example: # lxc image list +---+--++--++-+--+ | ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCH | SIZE | UPLOAD DATE | +---+--++--++-+--+ | debian/jessie | ba43812c4cb9 | no | Debian jessie amd64 (20170423_22:42) | x86_64 | 94.14MB | Apr 24, 2017 at 9:07am (UTC) | +---+--++--++-+--+ # lxc launch debian/jessie Creating popular-kitten The container you are starting doesn't have any network attached to it. To create a new network, use: lxc network create To attach a network to a container, use: lxc network attach Starting popular-kitten # lxc info popular-kitten Name: popular-kitten Remote: unix:/var/lib/lxd/unix.socket Architecture: x86_64 Created: 2017/04/25 07:17 UTC Status: Running Type: persistent Profiles: default Pid: 6965 Ips: lo: inet127.0.0.1 lo: inet6 ::1 Resources: Processes: 7 Disk usage: root: 1.48MB CPU usage: CPU usage (in seconds): 25 Memory usage: Memory (current): 16.22MB Memory (peak): 23.01MB Network usage: lo: Bytes received: 0B Bytes sent: 0B Packets received: 0 Packets sent: 0 # lxc profile show default config: {} description: Default LXD profile devices: root: path: / pool: main-pool type: disk name: default used_by: - /1.0/containers/popular-kitten # lxc snapshot popular-kitten # zfs get mounted main-pool/containers/popular-kitten NAME PROPERTY VALUESOURCE main-pool/containers/popular-kitten mounted yes - # zfs get mounted main-pool/snapshots/popular-kitten NAMEPROPERTY VALUESOURCE main-pool/snapshots/popular-kitten mounted yes - # lxc restore popular-kitten snap0 # zfs get mounted main-pool/snapshots/popular-kitten NAMEPROPERTY VALUESOURCE main-pool/snapshots/popular-kitten mounted yes - # zfs get mounted main-pool/containers/popular-kitten NAME PROPERTY VALUESOURCE main-pool/containers/popular-kitten mounted no - # lxc snapshot popular-kitten error: Failed to mount ZFS filesystem: filesystem 'main-pool/containers/popular-kitten' is already mounted cannot mount 'main-pool/containers/popular-kitten': mountpoint or dataset is busy # lxc restore popular-kitten snap0 error: Failed to mount ZFS filesystem: filesystem 'main-pool/containers/popular-kitten' is already mounted cannot mount 'main-pool/containers/popular-kitten': mountpoint or dataset is busy but container still work: # lxc info popular-kitten Name: popular-kitten Remote: unix:/var/lib/lxd/unix.socket Architecture: x86_64 Created: 2017/04/25 07:17 UTC Status: Running ... # lxc exec popular-kitten bash root@popular-kitten:~# uptime 07:34:06 up 8 min, 0 users, load average: 0.00, 0.02, 0.03 after restart container: # lxc restart popular-kitten # zfs get mounted main-pool/containers/popular-kitten NAME PROPERTY VALUESOURCE main-pool/containers/popular-kitten mounted yes - on another server this problem missmatch: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 16.10 Release:16.10 Codename: yakkety # lx
[Group.of.nepali.translators] [Bug 1635079] Re: Properly rotate /var/log/lxd/lxd.log every 24 hours
** Changed in: lxd (Ubuntu Xenial) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1635079 Title: Properly rotate /var/log/lxd/lxd.log every 24 hours Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: Fix Released Bug description: /var/log/lxd/lxd.log currently isn't rotated, which means that on very busy systems, it can eat up a lot of disk space, even with the pretty limited logging that we do by default. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1635079/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1611078] Re: Support snaps inside of lxd containers
** Changed in: lxd (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1611078 Title: Support snaps inside of lxd containers Status in Snappy: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in linux package in Ubuntu: Fix Released Status in lxd package in Ubuntu: Fix Released Status in apparmor source package in Xenial: Fix Released Status in linux source package in Xenial: Fix Released Status in lxd source package in Xenial: Fix Released Status in apparmor source package in Yakkety: Fix Released Status in linux source package in Yakkety: Fix Released Status in lxd source package in Yakkety: Fix Released Bug description: I tried following the instructions on snapcraft.io and got a failure. See the output below. I've also attached the relevant output from running "journalctl -xe". uname: Linux 3.19.0-65-generic x86_64 release: Ubuntu 16.04 package: snapd 2.11+0.16.04 Notably, I'm running this in an LXD container (version: 2.0.0.rc9). - $ sudo snap install hello-world 64.75 MB / 64.75 MB [==] 100.00 % 2.85 MB/s error: cannot perform the following tasks: - Mount snap "ubuntu-core" (122) ([start snap-ubuntu\x2dcore-122.mount] failed with exit status 1: Job for snap-ubuntu\x2dcore-122.mount failed. See "systemctl status "snap-ubuntu\\x2dcore-122.mount"" and "journalctl -xe" for details. ) $ ls -la /snap total 4K drwxr-xr-x 3 root root 4096 Aug 8 17:49 ubuntu-core $ ls -la /snap/ubuntu-core/ total 4K drwxr-xr-x 2 root root 4096 Aug 8 17:49 122 $ ls -la /snap/ubuntu-core/122/ total 0K $ systemctl status "snap-ubuntu\\x2dcore-122.mount" ● snap-ubuntu\x2dcore-122.mount - Mount unit for ubuntu-core Loaded: loaded (/etc/systemd/system/snap-ubuntu\x2dcore-122.mount; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Mon 2016-08-08 17:49:36 UTC; 6min ago Where: /snap/ubuntu-core/122 What: /var/lib/snapd/snaps/ubuntu-core_122.snap Process: 31781 ExecMount=/bin/mount /var/lib/snapd/snaps/ubuntu-core_122.snap /snap/ubuntu-core/122 -t squashfs (code=exited, status=32) Aug 08 17:49:35 my-host systemd[1]: Mounting Mount unit for ubuntu-core... Aug 08 17:49:35 my-host mount[31781]: mount: /snap/ubuntu-core/122: mount failed: Unknown error -1 Aug 08 17:49:36 my-host systemd[1]: snap-ubuntu\x2dcore-122.mount: Mount process exited, code=exited status=32 Aug 08 17:49:36 my-host systemd[1]: Failed to mount Mount unit for ubuntu-core. Aug 08 17:49:36 my-host systemd[1]: snap-ubuntu\x2dcore-122.mount: Unit entered failed state. To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1611078/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1710753] Re: Please upgrade Xenial/Zesty to use the latest LTS point release of Tor (0.2.9)
** Also affects: tor (Ubuntu Zesty) Importance: Undecided Status: New ** Also affects: tor (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: tor (Ubuntu) Status: Confirmed => Fix Released ** Changed in: tor (Ubuntu Xenial) Status: New => Triaged ** Changed in: tor (Ubuntu Zesty) Status: New => Triaged ** Changed in: tor (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: tor (Ubuntu Zesty) Importance: Undecided => Medium ** Changed in: tor (Ubuntu Xenial) Assignee: (unassigned) => Simon Déziel (sdeziel) ** Changed in: tor (Ubuntu Zesty) Assignee: (unassigned) => Simon Déziel (sdeziel) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1710753 Title: Please upgrade Xenial/Zesty to use the latest LTS point release of Tor (0.2.9) Status in tor package in Ubuntu: Fix Released Status in tor source package in Xenial: Triaged Status in tor source package in Zesty: Triaged Bug description: Currently, Zesty ships with Tor 0.2.9.10 but the latest point release is 0.2.9.11 [1]. Xenial is shipping 0.2.7.6 while the 0.2.7 branch reached its end of life on August 1st 2017 [2]. Since Tor is a security sensitive package, tracking upstream point releases for that LTS branch would keep Ubuntu users safe. 1: https://gitweb.torproject.org/tor.git/plain/ReleaseNotes?id=tor-0.2.9.11 2: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tor/+bug/1710753/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1602192] Re: when starting many LXD containers, they start failing to boot with "Too many open files"
** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Description changed: - Reported by Uros Jovanovic here: https://bugs.launchpad.net/juju- - core/+bug/1593828/comments/18 + == SRU + === Rationale + LXD containers using systemd will use a very large amount of inotify watches. This means that a system will typically run out of global watches with as little as 15 Ubuntu 16.04 containers. + + An easy fix for the issue is to bump the number of user watches up to + 1024, making it possible to run around 100 containers before hitting the + limit again. + + To do so, LXD is now shipping a sysctl.d file which bumps that + particular limit on systems that have LXD installed. + + === Testcase + 1) Upgrade LXD + 2) Spawn about 50 Ubuntu 16.04 containers ("lxc launch ubuntu:16.04") + 3) Check that they all get an IP address ("lxc list"), that's a pretty good sign that they booted properly + + === Regression potential + Not expecting anything here. Juju has shipped a similar configuration for a while now and so have the LXD feature releases. + + We pretty much just forgot to include this particular change in our LTS + packaging branch + + + == Original bug report + Reported by Uros Jovanovic here: https://bugs.launchpad.net/juju-core/+bug/1593828/comments/18 "... However, if you bootstrap LXD and do: juju bootstrap localxd lxd --upload-tools for i in {1..30}; do juju deploy ubuntu ubuntu$i; sleep 90; done Somewhere between 10-20-th deploy fails with machine in pending state (nothin useful in logs) and none of the new deploys after that first pending succeeds. Might be a different bug, but it's easy to verify with running that for loop. So, this particular error was not in my logs, but the controller still ends up unable to provision at least 30 machines ..." I can reproduce this. Looking on the failed machine I can see that jujud isn't running, which is why juju considers the machine not up, and in fact nothing of juju seems to be installed. There's nothing about juju in /var/log. Comparing cloud-init-output.log between a stuck-pending machine and one which has started up fine, they both start with some key-generation messages, but the successful machine then has the line: Cloud-init v. 0.7.7 running 'init' at Tue, 12 Jul 2016 08:32:00 +. Up 4.0 seconds. ...and then a whole lot of juju-installation gubbins, while the failed machine log just stops. ** Changed in: lxd (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxd (Ubuntu Xenial) Status: Triaged => In Progress ** Changed in: lxd (Ubuntu Xenial) Importance: Undecided => Medium -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1602192 Title: when starting many LXD containers, they start failing to boot with "Too many open files" Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: In Progress Bug description: == SRU === Rationale LXD containers using systemd will use a very large amount of inotify watches. This means that a system will typically run out of global watches with as little as 15 Ubuntu 16.04 containers. An easy fix for the issue is to bump the number of user watches up to 1024, making it possible to run around 100 containers before hitting the limit again. To do so, LXD is now shipping a sysctl.d file which bumps that particular limit on systems that have LXD installed. === Testcase 1) Upgrade LXD 2) Spawn about 50 Ubuntu 16.04 containers ("lxc launch ubuntu:16.04") 3) Check that they all get an IP address ("lxc list"), that's a pretty good sign that they booted properly === Regression potential Not expecting anything here. Juju has shipped a similar configuration for a while now and so have the LXD feature releases. We pretty much just forgot to include this particular change in our LTS packaging branch == Original bug report Reported by Uros Jovanovic here: https://bugs.launchpad.net/juju-core/+bug/1593828/comments/18 "... However, if you bootstrap LXD and do: juju bootstrap localxd lxd --upload-tools for i in {1..30}; do juju deploy ubuntu ubuntu$i; sleep 90; done Somewhere between 10-20-th deploy fails with machine in pending state (nothin useful in logs) and none of the new deploys after that first pending succeeds. Might be a different bug, but it's easy to verify with running that for loop. So, this particular error was not in my logs, but the controller still ends up unable to provision at least 30 machines ..." I can reproduce this. Looking on the failed machine I can see that jujud isn't running, which is why juju considers the machine not up, and in fact nothing of juju seems to be installed. There's nothing about juju in /var/l
[Group.of.nepali.translators] [Bug 1712455] [NEW] LXD 2.0.10 doesn't properly auto-update images
Public bug reported: A number of issues interfere with LXD 2.0.10's ability to update images: - The auto_update flag doesn't properly get set on newly downloaded images - The cached flag doesn't get properly copied when an image gets refreshed The combination of those means that LXD effectively only updates images when a user requests a new container. This at least means that there is no security impact from this, but this also slows things down quite a bit and is certainly not the expected behavior. This fix cherry-picks two upstream fixes that resolve the two highlighted issues and applies an extra change which will automatically restore the auto_update flag for any image that is marked as "cached" in the store. == Rationale LXD regressed in its background update code, leading to most LXD hosts storing stale images and only refreshing them when a user asks for a new container to be created. This is pretty different from the expected behavior of LXD refreshing all its images every 6 hours. The fix restores the old behavior and attempts to reset the update flag on images which are supposed to auto-update. == Test case 1) Setup two LXD hosts on LXD 2.0.10 2) On the first LXD host, copy an image ("lxc image copy ubuntu:16.04 local: --alias blah") 3) Add teh first LXD host as a remote to the second LXD host 4) Create a container on the second LXD host using ("lxc init :blah c1") 5) On the first host, change the target of the alias ("lxc image copy ubuntu:14.04 local: --alias blah") 6) On the second host, look at the content of the image store ("lxc image list") 7) On the second host, restart LXD ("systemctl restart lxd") 8) On the second host, confirm that LXD is done starting ("tail -f /var/log/lxd/lxd.log") 9) On the second host, look at the content of the image store again ("lxc image list") On a properly functionaling LXD, at step 9) you'll see the new image in the image store with the old one gone. On a broken LXD, the initial image is there and there's no sign of the new one. == Regression potential The changes being pushed here are coming from existing LXD releases (2.16) so have seen significant use already. The main risk I can think of is in the DB patch that's included in this change. That code is very restrictive and will only set the auto-update flag on an image which is marked as cached (was automatically downloaded) and has a known source (as required for auto-update). This will not fix images which have been already updated by LXD through container launch as those will have lost their cached flag due to the other bug we're fixing here, but attempting to fix those would just be guesswork as any information on how the image ended up in the store is lost at that point. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: lxd (Ubuntu Xenial) Importance: High Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu) Status: New => Fix Released ** Changed in: lxd (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxd (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxd (Ubuntu Xenial) Importance: Undecided => High -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1712455 Title: LXD 2.0.10 doesn't properly auto-update images Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Trusty: New Status in lxd source package in Xenial: In Progress Bug description: A number of issues interfere with LXD 2.0.10's ability to update images: - The auto_update flag doesn't properly get set on newly downloaded images - The cached flag doesn't get properly copied when an image gets refreshed The combination of those means that LXD effectively only updates images when a user requests a new container. This at least means that there is no security impact from this, but this also slows things down quite a bit and is certainly not the expected behavior. This fix cherry-picks two upstream fixes that resolve the two highlighted issues and applies an extra change which will automatically restore the auto_update flag for any image that is marked as "cached" in the store. == Rationale LXD regressed in its background update code, leading to most LXD hosts storing stale images and only refreshing them when a user asks for a new container to
[Group.of.nepali.translators] [Bug 1567557] Re: Performance degradation of "zfs clone"
** No longer affects: lxd (Ubuntu Xenial) ** No longer affects: lxd (Ubuntu Zesty) ** No longer affects: lxd (Ubuntu Artful) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1567557 Title: Performance degradation of "zfs clone" Status in Native ZFS for Linux: New Status in zfs-linux package in Ubuntu: Fix Released Status in zfs-linux source package in Xenial: Fix Committed Status in zfs-linux source package in Zesty: Fix Committed Status in zfs-linux source package in Artful: Fix Released Bug description: [SRU Justification] Creating tens of hundreds of clones can be prohibitively slow. The underlying mechanism to gather clone information is using a 16K buffer which limits performance. Also, the initial assumption is to pass in zero sized buffer to the underlying ioctl() to get an idea of the size of the buffer required to fetch information back to userspace. If we bump the initial buffer to a larger size then we reduce the need for two ioctl calls which improves performance. [Fix] Bump initial buffer size from 16K to 256K [Regression Potential] This is minimal as this is just a tweak in the initial buffer size and larger sizes are handled correctly by ZFS since they are normally used on the second ioctl() call once we have established the size of the buffer required from the first ioctl() call. Larger initial buffers just remove the need for the initial size estimation for most cases where the number of clones is less than ~5000. There is a risk that a larger buffer size could lead to a ENOMEM issue when allocating the buffer, but the size of buffer used is still trivial for modern large 64 bit servers running ZFS. [Test case] Create 4000 clones. With the fix this takes 35-40% less time than without the fix. See the example test.sh script as an example of how to create this many clones. -- I've been running some scale tests for LXD and what I've noticed is that "zfs clone" gets slower and slower as the zfs filesystem is getting busier. It feels like "zfs clone" requires some kind of pool-wide lock or something and so needs for all operations to complete before it can clone a new filesystem. A basic LXD scale test with btrfs vs zfs shows what I mean, see below for the reports. The test is run on a completely dedicated physical server with the pool on a dedicated SSD, the exact same machine and SSD was used for the btrfs test. The zfs filesystem is configured with those settings: - relatime=on - sync=disabled - xattr=sa So it shouldn't be related to pending sync() calls... The workload in this case is ultimately 1024 containers running busybox as their init system and udhcpc grabbing an IP. The problem gets significantly worse if spawning busier containers, say a full Ubuntu system. === zfs === root@edfu:~# /home/ubuntu/lxd-benchmark spawn --count=1024 --image=images:alpine/edge/amd64 --privileged=true Test environment: Server backend: lxd Server version: 2.0.0.rc8 Kernel: Linux Kernel architecture: x86_64 Kernel version: 4.4.0-16-generic Storage backend: zfs Storage version: 5 Container backend: lxc Container version: 2.0.0.rc15 Test variables: Container count: 1024 Container mode: privileged Image: images:alpine/edge/amd64 Batches: 128 Batch size: 8 Remainder: 0 [Apr 3 06:42:51.170] Importing image into local store: 64192037277800298d8c19473c055868e0288b039349b1c6579971fe99fdbac7 [Apr 3 06:42:52.657] Starting the test [Apr 3 06:42:53.994] Started 8 containers in 1.336s [Apr 3 06:42:55.521] Started 16 containers in 2.864s [Apr 3 06:42:58.632] Started 32 containers in 5.975s [Apr 3 06:43:05.399] Started 64 containers in 12.742s [Apr 3 06:43:20.343] Started 128 containers in 27.686s [Apr 3 06:43:57.269] Started 256 containers in 64.612s [Apr 3 06:46:09.112] Started 512 containers in 196.455s [Apr 3 06:58:19.309] Started 1024 containers in 926.652s [Apr 3 06:58:19.309] Test completed in 926.652s === btrfs === Test environment: Server backend: lxd Server version: 2.0.0.rc8 Kernel: Linux Kernel architecture: x86_64 Kernel version: 4.4.0-16-generic Storage backend: btrfs Storage version: 4.4 Container backend: lxc Container version: 2.0.0.rc15 Test variables: Container count: 1024 Container mode: privileged Image: images:alpine/edge/amd64 Batches: 128 Batch size: 8 Remainder: 0 [Apr 3 07:42:12.053] Importing image into local store: 64192037277800298d8c19473c055868e0288b039349b1c6579971fe99fdbac7 [Apr 3 07:42:13.351] Starting the test [Apr 3 07:42:14.793] Started 8 containers in 1.442s [Apr 3 07:42:16.495] Started 16 conta
[Group.of.nepali.translators] [Bug 1567557] Re: Performance degradation of "zfs clone"
** No longer affects: lxd (Ubuntu) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1567557 Title: Performance degradation of "zfs clone" Status in Native ZFS for Linux: New Status in zfs-linux package in Ubuntu: Fix Released Status in lxd source package in Xenial: New Status in zfs-linux source package in Xenial: Fix Committed Status in lxd source package in Zesty: New Status in zfs-linux source package in Zesty: Fix Committed Status in lxd source package in Artful: Confirmed Status in zfs-linux source package in Artful: Fix Released Bug description: [SRU Justification] Creating tens of hundreds of clones can be prohibitively slow. The underlying mechanism to gather clone information is using a 16K buffer which limits performance. Also, the initial assumption is to pass in zero sized buffer to the underlying ioctl() to get an idea of the size of the buffer required to fetch information back to userspace. If we bump the initial buffer to a larger size then we reduce the need for two ioctl calls which improves performance. [Fix] Bump initial buffer size from 16K to 256K [Regression Potential] This is minimal as this is just a tweak in the initial buffer size and larger sizes are handled correctly by ZFS since they are normally used on the second ioctl() call once we have established the size of the buffer required from the first ioctl() call. Larger initial buffers just remove the need for the initial size estimation for most cases where the number of clones is less than ~5000. There is a risk that a larger buffer size could lead to a ENOMEM issue when allocating the buffer, but the size of buffer used is still trivial for modern large 64 bit servers running ZFS. [Test case] Create 4000 clones. With the fix this takes 35-40% less time than without the fix. See the example test.sh script as an example of how to create this many clones. -- I've been running some scale tests for LXD and what I've noticed is that "zfs clone" gets slower and slower as the zfs filesystem is getting busier. It feels like "zfs clone" requires some kind of pool-wide lock or something and so needs for all operations to complete before it can clone a new filesystem. A basic LXD scale test with btrfs vs zfs shows what I mean, see below for the reports. The test is run on a completely dedicated physical server with the pool on a dedicated SSD, the exact same machine and SSD was used for the btrfs test. The zfs filesystem is configured with those settings: - relatime=on - sync=disabled - xattr=sa So it shouldn't be related to pending sync() calls... The workload in this case is ultimately 1024 containers running busybox as their init system and udhcpc grabbing an IP. The problem gets significantly worse if spawning busier containers, say a full Ubuntu system. === zfs === root@edfu:~# /home/ubuntu/lxd-benchmark spawn --count=1024 --image=images:alpine/edge/amd64 --privileged=true Test environment: Server backend: lxd Server version: 2.0.0.rc8 Kernel: Linux Kernel architecture: x86_64 Kernel version: 4.4.0-16-generic Storage backend: zfs Storage version: 5 Container backend: lxc Container version: 2.0.0.rc15 Test variables: Container count: 1024 Container mode: privileged Image: images:alpine/edge/amd64 Batches: 128 Batch size: 8 Remainder: 0 [Apr 3 06:42:51.170] Importing image into local store: 64192037277800298d8c19473c055868e0288b039349b1c6579971fe99fdbac7 [Apr 3 06:42:52.657] Starting the test [Apr 3 06:42:53.994] Started 8 containers in 1.336s [Apr 3 06:42:55.521] Started 16 containers in 2.864s [Apr 3 06:42:58.632] Started 32 containers in 5.975s [Apr 3 06:43:05.399] Started 64 containers in 12.742s [Apr 3 06:43:20.343] Started 128 containers in 27.686s [Apr 3 06:43:57.269] Started 256 containers in 64.612s [Apr 3 06:46:09.112] Started 512 containers in 196.455s [Apr 3 06:58:19.309] Started 1024 containers in 926.652s [Apr 3 06:58:19.309] Test completed in 926.652s === btrfs === Test environment: Server backend: lxd Server version: 2.0.0.rc8 Kernel: Linux Kernel architecture: x86_64 Kernel version: 4.4.0-16-generic Storage backend: btrfs Storage version: 4.4 Container backend: lxc Container version: 2.0.0.rc15 Test variables: Container count: 1024 Container mode: privileged Image: images:alpine/edge/amd64 Batches: 128 Batch size: 8 Remainder: 0 [Apr 3 07:42:12.053] Importing image into local store: 64192037277800298d8c19473c055868e0288b039349b1c6579971fe99fdbac7 [Apr 3 07:42:13.351] Starting the test [Apr 3 07:42:14.793] Started 8 containers
[Group.of.nepali.translators] [Bug 1691911] Re: SRU of LXC 2.0.8
** Changed in: lxc (Ubuntu Zesty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1691911 Title: SRU of LXC 2.0.8 Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: New Status in lxc source package in Xenial: Fix Released Status in lxc source package in Yakkety: Fix Released Status in lxc source package in Zesty: Fix Released Status in lxc source package in Artful: Fix Released Bug description: LXC upstream released LXC 2.0.8 as a bugfix release with following changelog: - Security fix for CVE-2017-5985 (previously fixed in Ubuntu) - All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. This may affect some automated environments that were relying on our default (very much insecure) users. - Make lxc-start-ephemeral Python 3.2-compatible - Fix typo - Allow build without sys/capability.h - lxc-opensuse: fix default value for release code - util: always malloc for setproctitle - util: update setproctitle comments - confile: clear lxc.network..ipv{4,6} when empty - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Make lxc-net return non-zero on failure - seccomp: allow x32 guests on amd64 hosts. - Add HAVE_LIBCAP - c/r: only supply --ext-mount-map for bind mounts - Added 'mkdir -p' functionality in create_or_remove_cgroup - Use LXC_ROOTFS_MOUNT in clonehostname hook - squeeze is not a supported release anymore, drop the key - start: dumb down SIGCHLD from WARN() to NOTICE() - log: fix lxc_unix_epoch_to_utc() - cgfsng: make trim() safer - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-user-nic: re-order #includes - lxc-user-nic: improve + bugfix - lxc-user-nic: delete link on failure - conf: only try to delete veth when privileged - Fix lxc-containers to support multiple bridges - Fix mixed tab/spaces in previous patch - lxc-alpine: use dl-cdn.a.o as default mirror instead of random one - lxc-checkconfig: verify new[ug]idmap are setuid-root - [templates] archlinux: resolve conflicting files - [templates] archlinux: noneed default_timezone variable - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tree-wide: include directly - conf/ile: make sure buffer is large enough - tree-wide: include directly - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - do not set the root password in the debian template - do not set insecure passwords - don't set a default password for altlinux, gentoo, openmandriva and pld - tools: exit with return code of lxc_execute() - Keep veth.pair.name on network shutdown - Makefile: fix static clang init.lxc build - Avoid waiting for bridge interface if disabled in sysconfig/lxc - Increased buffer length in print_stats() - avoid assigning to a variable which is not POSIX shell proof (bug #1498) - remove obsolete note about api stability - conf: less error prone pointer access - conf: lxc_map_ids() non-functional changes - caps: add lxc_{proc,file}_cap_is_set() - conf: check for {filecaps,setuid} on new{g,u}idmap - conf: improve log when mounting rootfs - ls: simplify the judgment condition when list active containers - fix typo introduced in #1509 - attach|unshare: fix the wrong comment - caps: skip file capability checks on android - autotools: check for cap_get_file - caps: return false if caps are not supported - conf: non-functional changes to setup_pts() - conf: use bind-mount for /dev/ptmx - conf: non-functional changes - utils: use loop device helpers from LXD - create ISSUE_TEMPLATE.md - cgroups: improve cgfsng debugging - issue template: fix typo - conf: close fd in lxc_setup_devpts() - conf: non-functional changes - utils: tweak lxc_mount_proc_if_needed() - Change sshd template to work with Ubuntu 17.04 - conf: order mount options - conf: add MS_LAZYTIME to mount options - monitor: report errno on exec() error - af unix: allow for maximum socket name - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference - monitor: simplify abstract soc
[Group.of.nepali.translators] [Bug 1686036] Re: mountpoint remains in use after restore snapshot
xenial, yakkety and zesty will get the fix when we backport LXD 2.14. Is LXD 2.0.x also affected? If so, I'm not sure we have a fix for it in 2.0.10, so we'd need a fix in stable-2.0 upstream so that 2.0.11 can have it. ** Changed in: lxd (Ubuntu Artful) Status: Fix Committed => Fix Released ** Changed in: lxd (Ubuntu Zesty) Status: New => Triaged ** Changed in: lxd (Ubuntu Yakkety) Status: New => Triaged ** Changed in: lxd (Ubuntu Xenial) Status: New => Triaged -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1686036 Title: mountpoint remains in use after restore snapshot Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Xenial: Triaged Status in lxd source package in Yakkety: Triaged Status in lxd source package in Zesty: Triaged Status in lxd source package in Artful: Fix Released Bug description: uname -a Linux lxd2-chel1 4.4.0-72-generic #93-Ubuntu SMP Fri Mar 31 14:07:41 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux lxd: 2.12-0ubuntu3~ubuntu16.04.1~ppa1 zfsutils-linux: 0.6.5.6-0ubuntu16 # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 16.04.2 LTS Release:16.04 Codename: xenial after restore container from shapshot cannot add new snapshot or restore again until restart container example: # lxc image list +---+--++--++-+--+ | ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCH | SIZE | UPLOAD DATE | +---+--++--++-+--+ | debian/jessie | ba43812c4cb9 | no | Debian jessie amd64 (20170423_22:42) | x86_64 | 94.14MB | Apr 24, 2017 at 9:07am (UTC) | +---+--++--++-+--+ # lxc launch debian/jessie Creating popular-kitten The container you are starting doesn't have any network attached to it. To create a new network, use: lxc network create To attach a network to a container, use: lxc network attach Starting popular-kitten # lxc info popular-kitten Name: popular-kitten Remote: unix:/var/lib/lxd/unix.socket Architecture: x86_64 Created: 2017/04/25 07:17 UTC Status: Running Type: persistent Profiles: default Pid: 6965 Ips: lo: inet127.0.0.1 lo: inet6 ::1 Resources: Processes: 7 Disk usage: root: 1.48MB CPU usage: CPU usage (in seconds): 25 Memory usage: Memory (current): 16.22MB Memory (peak): 23.01MB Network usage: lo: Bytes received: 0B Bytes sent: 0B Packets received: 0 Packets sent: 0 # lxc profile show default config: {} description: Default LXD profile devices: root: path: / pool: main-pool type: disk name: default used_by: - /1.0/containers/popular-kitten # lxc snapshot popular-kitten # zfs get mounted main-pool/containers/popular-kitten NAME PROPERTY VALUESOURCE main-pool/containers/popular-kitten mounted yes - # zfs get mounted main-pool/snapshots/popular-kitten NAMEPROPERTY VALUESOURCE main-pool/snapshots/popular-kitten mounted yes - # lxc restore popular-kitten snap0 # zfs get mounted main-pool/snapshots/popular-kitten NAMEPROPERTY VALUESOURCE main-pool/snapshots/popular-kitten mounted yes - # zfs get mounted main-pool/containers/popular-kitten NAME PROPERTY VALUESOURCE main-pool/containers/popular-kitten mounted no - # lxc snapshot popular-kitten error: Failed to mount ZFS filesystem: filesystem 'main-pool/containers/popular-kitten' is already mounted cannot mount 'main-pool/containers/popular-kitten': mountpoint or dataset is busy # lxc restore popular-kitten snap0 error: Failed to mount ZFS filesystem: filesystem 'main-pool/containers/popular-kitten' is already mounted cannot mount 'main-pool/containers/popular-kitten': mountpoint or dataset is busy but container still work: # lxc info popular-kitten Name: popular-kitten Remote: unix:/var/lib/lxd/unix.socket Architecture: x86_64 Created: 2017/04/25 07:17 UTC Status: Running ... # lxc exec popular-kitten bash root@popular-kitten:~# uptime 07:34:06 up 8 min, 0 users, load average: 0.00, 0.02, 0.03 after restart container: # lxc restart popular-kitten # zfs get mounted main-pool/containers/popu
[Group.of.nepali.translators] [Bug 1693340] [NEW] SRU of LXD 2.0.10 (upstream bugfix release)
Public bug reported: LXD upstream released LXD 2.0.10 as a bugfix release with following changelog: - client: Backported the new client library and ported some of the internal commands over to it - lxc: Add a manpage command - lxc: Allow --version to be passed with any command - lxc: Reworked all help messages in the client to work with help2man - lxd: AppArmor namespacing is now also enabled for privileged containers - build: Add debug logging - client: Fix profile list - client: Remove unneeded condition - doc: Add instructions to grow ZFS loop - doc: Add note about escaping btrfs qgroups - doc: Add note about restricting access to kernel ring buffer - doc: Extract containers documentation to containers.md - doc: Extract profiles documentation to profiles.md - doc: Extract server documentation to server.md - doc: Fix badly named example device - doc: Fix broken table - doc: Note that LXD assumes full control over the pool - doc: Update configuration.md with links to other documents - doc: Update README.md for new API client - extra/lxc-to-lxd: Don't crash on missing mount file - extra/lxc-to-lxd: Typo in description of --move-rootfs - extra/vagrant: Trailing whitespace - global: Fix error handling in all filepath.Walk calls - global: Fix a number of typos - global: Forward user-agent and other headers on redirect - global: Replace file Chmod() with os.Chmod() - global: Use containerGetParentAndSnapshotName() - global: Use RunCommand everywhere - lxc: Don't include spaces in translated strings - lxc: Improve batch mode - lxc: Make help/usage a bit more consistent - lxc: Move common functions/types to utils.go - lxc: Properly clear transfer stats on error - lxc: Rework for better manpages - lxc/config: Add new config handling code - lxc/config: Always use "simplestreams" for images: - lxc/config: Fix path handling - lxc/config: Fix SaveConfig's DeepCopy call - lxc/copy: Improve error handling - lxc/copy: Return the source error too - lxc/copy: Simplify - lxc/copy: Wait asynchronously - lxc/image: Show the alias description - lxc/image: Trailing whitespace - lxc/init: Drop unnecessary else statement - lxc/list: Document list format options - lxc/list: Fix regression in json output - lxc/list: Move common data extraction to a helper function - lxc/profile: Properly implement "profile unset" - lxc/publish: Wait for the conainer to be running - lxc/remote: Show the fingerprint as string not hex - lxc/utils: Implement progress tracking for operations - lxd: Drop use of logger.Log when not needed - lxd/apparmor: Fix AppArmor stack handling with nesting - lxd/containers: Add containerGetParentAndSnapshotName() - lxd/containers: Added soft limit in initLXD() - lxd/containers: Added soft memory limit even when hard is selected - lxd/containers: Add extra validation for unix-block/unix-char - lxd/containers: Add function to detect root disk device - lxd/containers: Allow for stable host interface names - lxd/containers: Clarify uid/gid error - lxd/containers: Cleanup root device validation - lxd/containers: Disable IPv6 on host side veth when bridged - lxd/containers: Don't ignore snapshot deletion failures - lxd/containers: Don't parse id ranges as int32 - lxd/containers: Don't report migration success on failure - lxd/containers: Don't use FindProcess, just pass exec.Cmd - lxd/containers: Find current max snapshot value - lxd/containers: Fix bad root device detection code - lxd/containers: Fix base image tracking - lxd/containers: Fix concurent read/write to s.conns in exec - lxd/containers: Fix error handling on FileRemove - lxd/containers: Fix handling of devices with minor>255 - lxd/containers: Fix override of Devices during copy - lxd/containers: Fix soft limit logic to use float64 - lxd/containers: Initialize idmap on demand - lxd/containers: Kill forkexec on abnormal websocket closure - lxd/containers: Path may only be used by one disk - lxd/containers: Properly invalidate the idmap cache - lxd/containers: Properly revert memory limits on failure - lxd/containers: Properly validate architectures - lxd/containers: Set default values for USER, HOME and LANG - lxd/containers: This condition has already been deal - lxd/containers: Use int64 for uid and gid everywhere - lxd/containers: Validate container idmap as early as possible - lxd/containers: Validate expanded configuration after root setup - lxd/containers: Validate the expanded config at container create - lxd/daemon: Check for the validity of the id maps at startup - lxd/daemon: Fix some race conditions - lxd/daemon: Mount a tmpfs under devlxd - lxd/daemon: s/Default map/Available map/
[Group.of.nepali.translators] [Bug 1691911] [NEW] SRU of LXC 2.0.8
Public bug reported: LXC upstream released LXC 2.0.8 as a bugfix release with following changelog: - Security fix for CVE-2017-5985 (previously fixed in Ubuntu) - All templates have been updated to not set default passwords anymore, instead requiring lxc-attach be used to configure users. This may affect some automated environments that were relying on our default (very much insecure) users. - Make lxc-start-ephemeral Python 3.2-compatible - Fix typo - Allow build without sys/capability.h - lxc-opensuse: fix default value for release code - util: always malloc for setproctitle - util: update setproctitle comments - confile: clear lxc.network..ipv{4,6} when empty - lxc_setup_tios(): Ignore SIGTTOU and SIGTTIN signals - Make lxc-net return non-zero on failure - seccomp: allow x32 guests on amd64 hosts. - Add HAVE_LIBCAP - c/r: only supply --ext-mount-map for bind mounts - Added 'mkdir -p' functionality in create_or_remove_cgroup - Use LXC_ROOTFS_MOUNT in clonehostname hook - squeeze is not a supported release anymore, drop the key - start: dumb down SIGCHLD from WARN() to NOTICE() - log: fix lxc_unix_epoch_to_utc() - cgfsng: make trim() safer - seccomp: set SCMP_FLTATR_ATL_TSKIP if available - lxc-user-nic: re-order #includes - lxc-user-nic: improve + bugfix - lxc-user-nic: delete link on failure - conf: only try to delete veth when privileged - Fix lxc-containers to support multiple bridges - Fix mixed tab/spaces in previous patch - lxc-alpine: use dl-cdn.a.o as default mirror instead of random one - lxc-checkconfig: verify new[ug]idmap are setuid-root - [templates] archlinux: resolve conflicting files - [templates] archlinux: noneed default_timezone variable - python3: Deal with potential NULL char* - lxc-download.in / allow setting keyserver from env - lxc-download.in / Document keyserver change in help - Change variable check to match existing style - tree-wide: include directly - conf/ile: make sure buffer is large enough - tree-wide: include directly - tests: Support running on IPv6 networks - tests: Kill containers (don't wait for shutdown) - Fix opening wrong file in suggest_default_idmap - do not set the root password in the debian template - do not set insecure passwords - don't set a default password for altlinux, gentoo, openmandriva and pld - tools: exit with return code of lxc_execute() - Keep veth.pair.name on network shutdown - Makefile: fix static clang init.lxc build - Avoid waiting for bridge interface if disabled in sysconfig/lxc - Increased buffer length in print_stats() - avoid assigning to a variable which is not POSIX shell proof (bug #1498) - remove obsolete note about api stability - conf: less error prone pointer access - conf: lxc_map_ids() non-functional changes - caps: add lxc_{proc,file}_cap_is_set() - conf: check for {filecaps,setuid} on new{g,u}idmap - conf: improve log when mounting rootfs - ls: simplify the judgment condition when list active containers - fix typo introduced in #1509 - attach|unshare: fix the wrong comment - caps: skip file capability checks on android - autotools: check for cap_get_file - caps: return false if caps are not supported - conf: non-functional changes to setup_pts() - conf: use bind-mount for /dev/ptmx - conf: non-functional changes - utils: use loop device helpers from LXD - create ISSUE_TEMPLATE.md - cgroups: improve cgfsng debugging - issue template: fix typo - conf: close fd in lxc_setup_devpts() - conf: non-functional changes - utils: tweak lxc_mount_proc_if_needed() - Change sshd template to work with Ubuntu 17.04 - conf: order mount options - conf: add MS_LAZYTIME to mount options - monitor: report errno on exec() error - af unix: allow for maximum socket name - commands: avoid NULL pointer dereference - commands: non-functional changes - lxccontainer: avoid NULL pointer dereference - monitor: simplify abstract socket logic - precise is not the latest LTS, let's use xenial instead - fix the wrong exit status - conf: non-functional changes lxc_fill_autodev() - conf: remove /dev/console from lxc_fill_autodev() - conf: non-functional changes lxc_setup() - conf: non-functional changes to console functions - conf: improve lxc_setup_dev_console() - conf: lxc_setup_ttydir_console() - config: remove /dev/console bind mount - doc: document console behavior - utils: add lxc_unstack_mountpoint() - conf: unstack all mounts atop /dev/console - console: fail when we cannot allocate peer tty - start: remove umount2() - conf: non-functional changes - utils: handle > 2^31 in lxc_unstack_mountpoint() - Install systemd units for CentOS - Merge ub
[Group.of.nepali.translators] [Bug 1691239] [NEW] SRU of LXCFS 2.0.7 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXCFS 2.0.7 as a bugfix release with following changelog: - Remove unused variable - Also check next variable for NULL on cg_rmdir - virtualize the 'btime' field of /proc/stat - cleanup: return false instead of NULL as bool - Limit memswlimit by TotalSwap - pam_cgfs: remove dead assignment - pam_cgfs: return created directly - pam_cgfs: make sure that **p is not NULL - bindings: Want space for ints? Call sizeof(int)! - pam_cgfs: make trim() safer - pam_cgfs: error out on failure in cgv2_init() - pam_cgfs: remove dead assignment - bindings: implement guest nice - bindings: increase reserved buffer size a little Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: Triaged ** Affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: Triaged ** Affects: lxcfs (Ubuntu Yakkety) Importance: Undecided Status: Triaged ** Affects: lxcfs (Ubuntu Zesty) Importance: Undecided Status: Triaged ** Affects: lxcfs (Ubuntu Artful) Importance: Undecided Status: Fix Released ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Artful) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Zesty) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu Artful) Status: New => Fix Released ** Changed in: lxcfs (Ubuntu Zesty) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Yakkety) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Trusty) Status: New => Triaged -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1691239 Title: SRU of LXCFS 2.0.7 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Triaged Status in lxcfs source package in Xenial: Triaged Status in lxcfs source package in Yakkety: Triaged Status in lxcfs source package in Zesty: Triaged Status in lxcfs source package in Artful: Fix Released Bug description: LXCFS upstream released LXCFS 2.0.7 as a bugfix release with following changelog: - Remove unused variable - Also check next variable for NULL on cg_rmdir - virtualize the 'btime' field of /proc/stat - cleanup: return false instead of NULL as bool - Limit memswlimit by TotalSwap - pam_cgfs: remove dead assignment - pam_cgfs: return created directly - pam_cgfs: make sure that **p is not NULL - bindings: Want space for ints? Call sizeof(int)! - pam_cgfs: make trim() safer - pam_cgfs: error out on failure in cgv2_init() - pam_cgfs: remove dead assignment - bindings: implement guest nice - bindings: increase reserved buffer size a little Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu
[Group.of.nepali.translators] [Bug 1675163] Re: Don't attempt to create devices in LXC containers
** No longer affects: makedev (Ubuntu Vivid) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1675163 Title: Don't attempt to create devices in LXC containers Status in makedev package in Ubuntu: Triaged Status in makedev source package in Precise: Triaged Status in makedev source package in Trusty: Triaged Status in makedev source package in Xenial: Triaged Status in makedev source package in Yakkety: Triaged Status in makedev source package in Zesty: Triaged Bug description: Right now the "makedev" postinst script will attempt to create a number of devices in /dev, failing the package upgrade should any of those mknod calls fail. LXC containers, especially unprivileged ones do not allow the use of mknod, making it impossible to upgrade makedev in those containers and preventing Ubuntu release upgrades. The fix is quite simple, detect that we are running in an LXC container and skip the rest of the postinst script as is done in a number of other cases. = SRU == Rationale This issue prevents release to release upgrades in unprivileged LXC containers when makedev is part of the upgraded set. This is currently visible when upgrading from Ubuntu 12.04 to Ubuntu 14.04. == Testcase Install the new package in an unprivileged container. With LXD, simply use "lxc launch ubuntu: test" to create the container. Prior to this fix, the upgrade will fail on some mknod errors, after it, it'll go on after printing a message indicating that LXC was detected. == Regression potential The detection logic is based on PID 1's environment containing a container=lxc entry. If a non-LXC system somehow had that set, it'd lead to the makedev upgrade no longer creating extra devices. This is unlikely to really matter though since the system is clearly already functioning properly at that point. Similarly, some privileged LXC containers can be configured in a way where mknod is possible, this update will still disable the postinst for those cases as short of attempting every mknod ahead of time, there is no reliable way to detect any seccomp or apparmor policy in play. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/makedev/+bug/1675163/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1667406] Re: Wrongly capitalized field names in JSON output of "lxc list"
** Changed in: lxd (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1667406 Title: Wrongly capitalized field names in JSON output of "lxc list" Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Trusty: Fix Released Status in lxd source package in Xenial: Fix Released Bug description: This only affects LXD 2.0.9 in Ubuntu right now. # Rationale LXD 2.0.9 regressed JSON output of "lxc list" when compared to LXD 2.0.8 by having a few fields be now capitalized. # Testcase - lxc launch ubuntu:16.04 xen - lxc list --format=json | grep Snapshots - Upgrade - lxc list --format=json | grep Snapshots ("Snapshots" is meant to be "snapshots") # Regression potential The commit only fixes the name of the two affected fields. It's unlikely that someone is already relying on the wrongly capitalized name and it's certainly worth fixing the regression for people scripting LXD. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1667406/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1667406] [NEW] Wrongly capitalized field names in JSON output of "lxc list"
Public bug reported: This only affects LXD 2.0.9 in Ubuntu right now. # Rationale LXD 2.0.9 regressed JSON output of "lxc list" when compared to LXD 2.0.8 by having a few fields be now capitalized. # Testcase - lxc launch ubuntu:16.04 xen - lxc list --format=json | grep Snapshots - Upgrade - lxc list --format=json | grep Snapshots ("Snapshots" is meant to be "snapshots") # Regression potential The commit only fixes the name of the two affected fields. It's unlikely that someone is already relying on the wrongly capitalized name and it's certainly worth fixing the regression for people scripting LXD. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxd (Ubuntu Trusty) Importance: High Status: Triaged ** Affects: lxd (Ubuntu Xenial) Importance: High Status: In Progress ** Also affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu) Status: New => Fix Released ** Changed in: lxd (Ubuntu Trusty) Status: New => Triaged ** Changed in: lxd (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxd (Ubuntu Trusty) Importance: Undecided => High ** Changed in: lxd (Ubuntu Xenial) Importance: Undecided => High -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1667406 Title: Wrongly capitalized field names in JSON output of "lxc list" Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Trusty: Triaged Status in lxd source package in Xenial: In Progress Bug description: This only affects LXD 2.0.9 in Ubuntu right now. # Rationale LXD 2.0.9 regressed JSON output of "lxc list" when compared to LXD 2.0.8 by having a few fields be now capitalized. # Testcase - lxc launch ubuntu:16.04 xen - lxc list --format=json | grep Snapshots - Upgrade - lxc list --format=json | grep Snapshots ("Snapshots" is meant to be "snapshots") # Regression potential The commit only fixes the name of the two affected fields. It's unlikely that someone is already relying on the wrongly capitalized name and it's certainly worth fixing the regression for people scripting LXD. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1667406/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1660844] Re: SRU of LXC 2.0.7 (upstream bugfix release)
** Changed in: lxc (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1660844 Title: SRU of LXC 2.0.7 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: Fix Released Status in lxc source package in Xenial: Fix Released Status in lxc source package in Yakkety: Fix Released Bug description: LXC upstream released LXC 2.0.7 as a bugfix release with following changelog: - attach: Close lsm label file descriptor - attach: Non-functional changes - attach: Simplify lsm_openat() - caps: Add lxc_cap_is_set() - conf: attach: Save errno across call to close - conf: Clearly report to either use drop or keep - conf: criu: Add make_anonymous_mount_file() - conf: Fix suggest_default_idmap() - configure: Add --enable-gnutls option - configure: Check for memfd_create() - configure: Check whether gettid() is declared - configure: Do not allow variable length arrays - configure: Remove -Werror=vla - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev() - conf: Non-functional changes - conf: Remove thread-unsafe strsignal + improve log - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - log: Add lxc_unix_epoch_to_utc() - log: Annotate lxc_unix_epoch_to_utc() - log: Drop all timezone conversion functions - log: Make sure that date is correctly formatted - log: Use lxc_unix_epoch_to_utc() - log: Use N/A if getpid() != gettid() when threaded - log: Use thread-safe localtime_r() - lvm: Suppress warnings about leaked files - lxccontainer: Log failure to send sig to init pid - monitor: Add more logging - monitor: Close mainloop on exit if we opened it - monitor: Improve log + set log level to DEBUG - monitor: Log which pipe fd is currently used - monitor: Make lxc-monitord async signal safe - monitor: Non-functional changes - python3-lxc: Fix api_test.py on s390x - start: Check for CAP_SETGID before setgroups() - start: Fix execute and improve setgroups() calls - state: Use async signal safe fun in lxc_wait() - templates: lxc-debian: Don't try to get stuff from /usr/lib/systemd on the host - templates: lxc-debian: Fix getty service startup - templates: lxc-debian: Fix typo in calling dpkg with --print-foreign-architectures option - templates: lxc-debian: Handle ppc hostarch -> powerpc - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2 - templates: lxc-opensuse: Remove libgcc_s1 - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy - templates: lxc-opensuse: Set to be unconfined by AppArmor - templates: lxc-opensuse: Update for Leap 42.2 - tests; Don't cause test failures on cleanup errors - tests: Skip unpriv tests on broken overlay module - tools: Improve logging - tools: lxc-start: Remove c->is_defined(c) check - tools: lxc-start: Set configfile after load_config - tools: Only check for O_RDONLY - tree-wide: Random macro cleanups - tree-wide: Remove any variable length arrays - tree-wide: Sic semper assertis! - utils: Add macro __LXC_NUMSTRLEN - utils: Add uid, gid, group convenience wrappers Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1660844/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1660850] Re: SRU of LXCFS 2.0.6 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1660850 Title: SRU of LXCFS 2.0.6 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Fix Released Status in lxcfs source package in Xenial: Fix Released Status in lxcfs source package in Yakkety: Fix Released Bug description: LXCFS upstream released LXCFS 2.0.6 as a bugfix release with following changelog: - Fix swap values with nested cgroups - tests: Fix run on ppc64el - Fix wrong scanning of memory.stat Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1660850/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1660850] [NEW] SRU of LXCFS 2.0.6 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXCFS 2.0.6 as a bugfix release with following changelog: - Fix swap values with nested cgroups - tests: Fix run on ppc64el - Fix wrong scanning of memory.stat Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxcfs (Ubuntu Trusty) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxcfs (Ubuntu Xenial) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxcfs (Ubuntu Yakkety) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu) Status: New => Fix Released ** Changed in: lxcfs (Ubuntu Yakkety) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Trusty) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: lxcfs (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: lxcfs (Ubuntu Yakkety) Importance: Undecided => Medium ** Changed in: lxcfs (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Yakkety) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1660850 Title: SRU of LXCFS 2.0.6 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Triaged Status in lxcfs source package in Xenial: In Progress Status in lxcfs source package in Yakkety: In Progress Bug description: LXCFS upstream released LXCFS 2.0.6 as a bugfix release with following changelog: - Fix swap values with nested cgroups - tests: Fix run on ppc64el - Fix wrong scanning of memory.stat Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1660850/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1660844] [NEW] SRU of LXC 2.0.7 (upstream bugfix release)
Public bug reported: LXC upstream released LXC 2.0.7 as a bugfix release with following changelog: - attach: Close lsm label file descriptor - attach: Non-functional changes - attach: Simplify lsm_openat() - caps: Add lxc_cap_is_set() - conf: attach: Save errno across call to close - conf: Clearly report to either use drop or keep - conf: criu: Add make_anonymous_mount_file() - conf: Fix suggest_default_idmap() - configure: Add --enable-gnutls option - configure: Check for memfd_create() - configure: Check whether gettid() is declared - configure: Do not allow variable length arrays - configure: Remove -Werror=vla - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev() - conf: Non-functional changes - conf: Remove thread-unsafe strsignal + improve log - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers - log: Add lxc_unix_epoch_to_utc() - log: Annotate lxc_unix_epoch_to_utc() - log: Drop all timezone conversion functions - log: Make sure that date is correctly formatted - log: Use lxc_unix_epoch_to_utc() - log: Use N/A if getpid() != gettid() when threaded - log: Use thread-safe localtime_r() - lvm: Suppress warnings about leaked files - lxccontainer: Log failure to send sig to init pid - monitor: Add more logging - monitor: Close mainloop on exit if we opened it - monitor: Improve log + set log level to DEBUG - monitor: Log which pipe fd is currently used - monitor: Make lxc-monitord async signal safe - monitor: Non-functional changes - python3-lxc: Fix api_test.py on s390x - start: Check for CAP_SETGID before setgroups() - start: Fix execute and improve setgroups() calls - state: Use async signal safe fun in lxc_wait() - templates: lxc-debian: Don't try to get stuff from /usr/lib/systemd on the host - templates: lxc-debian: Fix getty service startup - templates: lxc-debian: Fix typo in calling dpkg with --print-foreign-architectures option - templates: lxc-debian: Handle ppc hostarch -> powerpc - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2 - templates: lxc-opensuse: Remove libgcc_s1 - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy - templates: lxc-opensuse: Set to be unconfined by AppArmor - templates: lxc-opensuse: Update for Leap 42.2 - tests; Don't cause test failures on cleanup errors - tests: Skip unpriv tests on broken overlay module - tools: Improve logging - tools: lxc-start: Remove c->is_defined(c) check - tools: lxc-start: Set configfile after load_config - tools: Only check for O_RDONLY - tree-wide: Random macro cleanups - tree-wide: Remove any variable length arrays - tree-wide: Sic semper assertis! - utils: Add macro __LXC_NUMSTRLEN - utils: Add uid, gid, group convenience wrappers Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxc (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxc (Ubuntu Trusty) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxc (Ubuntu Xenial) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxc (Ubuntu Yakkety) Importance: Medium Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxc (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxc (Ubuntu) Status: New => Fix Released ** Changed in: lxc (Ubuntu Trusty) Status: New => In Progress ** Changed in: lxc (Ubuntu Trusty) Status: In Progress => Triaged ** Changed in: lxc (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxc (Ubuntu Yakkety) Status: New => In Progress ** Changed in: lxc (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: lxc (Ubuntu Yakkety) Importance: Undecided => Medium ** Changed in: lxc (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: lxc (Ubuntu Trusty) Assignee: (unassigned) => Stéphane
[Group.of.nepali.translators] [Bug 1660506] [NEW] SRU of LXD 2.0.9 (upstream bugfix release)
Move REST API to new package: godoc - shared: Move REST API to new package: image - shared: Move REST API to new package: network - shared: Move REST API to new package: operation - shared: Move REST API to new package: profile - shared: Move REST API to new package: response - shared: Move REST API to new package: server - shared: Move REST API to new package: status - shared: Move WebsocketUpgrader to network.go - shared: Remove GroupName function and add UserId one - shared: Rename idmapset_test_linux.go to idmapset_linux_test.go - shared: Support absolute file transfer tracking - shared/idmapset: Drop debugging code - shared/idmapset: Fix intersection test - shared/logging: Introduce our own formatter - shared/logging: Make PrintStack print at the Error level - shared/simplestreams: Don't depend on custom http handler - shared/simplestreams: Pass UserAgent as argument - shared/util: Add Int64InSlice() - shared/util: GetByteSizeString() take precision argument - shared/util: Improve byte parsing - shared/util: ParseByteSizeString() deal with bytes - tests: Don't ignore errors in db tests - tests: Fix bad variable name - tests: Fix deadcode to work with new upstream - tests: Fix shellcheck being confused by cd - tests: Fix standalone remote test - tests: Shorten test name to fit on Jenkins - tests: Simplify testsuite spawn code - tests: Test lxd shutdown - tests: Use lxc restart instead of reboot Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Invalid ** Affects: lxd (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu) Status: New => Invalid ** Changed in: lxd (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxd (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1660506 Title: SRU of LXD 2.0.9 (upstream bugfix release) Status in lxd package in Ubuntu: Invalid Status in lxd source package in Xenial: In Progress Bug description: LXD upstream released LXD 2.0.6 as a bugfix release with following changelog: - Exec sessions being killed by a signal will now report the signal number as part of their exit code. - VLAN device types are now properly reported in the API and client. - The client will now show the date an image was last used at (in lxc image info). - The client will now let you delete multiple images at once. - LXD is now using Weblate for its translations. - client: Add a done signal to Monitor API - client: Better handle http errors - client: Commonize update methods - doc: Add Documentation on Network Configuration via cloud-init - doc: Added reference to godoc to README.md - doc: Update README.md for CI and Weblate status - extra/lxc-to-lxd: Add more unsupported config keys - extra/lxc-to-lxd: All properties must be strings - extra/lxc-to-lxd: Copy the rootfs by default, don't move it - extra/lxc-to-lxd: Show nicer error on missing python3-lxc - extra/lxc-to-lxd: Switch to using a config whitelist - global: Fix typos - global: "gofmt -s" run - lxc: Better handle timestamps - lxc: Make help messages more consistent - lxc: Properly check yaml errors - lxc/init: Fix example - lxc/init: Properly replace args list - lxc/launch: Just use init.go's flags() - lxc/list: Sort IPv4 and IPv6 addresses - lxc/remote: Update help - lxd-bridge: Add ip6tables filter rules - lxd-bridge: DHCP happens over UDP only - lxd-bridge: Make IPv4 firewalling optional (default is enabled) - lxd/containers: Add basic logging to container creation - lxd/containers: Allow passing in-memory buffers to a FileResponse - lxd/containers: Also call setgroups when attaching to the container - lxd/containers: Avoid race condition in network fill function - lxd/containers: Blacklist lxc.syslog and lxc.ephemeral in raw.lxc - lxd/containers: Detect background tasks to allow clean ex
[Group.of.nepali.translators] [Bug 1653725] Re: lxc-android-config not starting on ubuntu-touch/staging/* xenial-based images after lxc upgrade
** Also affects: lxc (Ubuntu Zesty) Importance: High Assignee: Christian Brauner (cbrauner) Status: Fix Committed ** Also affects: lxc-android-config (Ubuntu Zesty) Importance: High Status: New ** Also affects: lxc (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxc-android-config (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: lxc-android-config (Ubuntu Yakkety) Importance: Undecided Status: New ** No longer affects: lxc-android-config (Ubuntu) ** Changed in: lxc (Ubuntu Yakkety) Status: New => Triaged ** Changed in: lxc (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxc (Ubuntu Yakkety) Importance: Undecided => High ** Changed in: lxc (Ubuntu Xenial) Importance: Undecided => High ** Also affects: lxc (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxc (Ubuntu Trusty) Status: New => Triaged ** Changed in: lxc (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: lxc (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxc (Ubuntu Yakkety) Assignee: (unassigned) => Stéphane Graber (stgraber) ** No longer affects: lxc-android-config (Ubuntu Xenial) ** No longer affects: lxc-android-config (Ubuntu Yakkety) ** No longer affects: lxc-android-config (Ubuntu Zesty) ** Changed in: lxc (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1653725 Title: lxc-android-config not starting on ubuntu-touch/staging/* xenial-based images after lxc upgrade Status in Canonical System Image: Confirmed Status in lxc package in Ubuntu: Fix Committed Status in lxc source package in Trusty: Triaged Status in lxc source package in Xenial: Triaged Status in lxc source package in Yakkety: Triaged Status in lxc source package in Zesty: Fix Committed Bug description: As in topic. Since the 20161217 rootfs, after upgrade of lxc from 2.0.5-0ubuntu1~ubuntu16.04.3 to 2.0.6-0ubuntu1~ubuntu16.04.1 the lxc- android-config service does not start - making the devices unbootable. The syslog only states this: Jan 3 10:50:30 ubuntu-phablet systemd[1]: Starting LXC Android Config and Container Initialization... Jan 3 10:50:30 ubuntu-phablet kernel: [5.790810] (3)[1:systemd]SLEEP_EN = 0x1 Jan 3 10:50:30 ubuntu-phablet systemd[1]: Starting Light Display Manager... Jan 3 10:50:30 ubuntu-phablet systemd-udevd[672]: Could not generate persistent MAC address for ifb0: No such file or directory Jan 3 10:50:30 ubuntu-phablet systemd-udevd[684]: Could not generate persistent MAC address for ifb1: No such file or directory Jan 3 10:50:30 ubuntu-phablet lxc-start[1220]: You lack access to /var/lib/lxc Jan 3 10:50:30 ubuntu-phablet systemd[1]: lxc-android-config.service: Control process exited, code=exited status=1 Jan 3 10:50:30 ubuntu-phablet systemd[1]: Failed to start LXC Android Config and Container Initialization. Jan 3 10:50:30 ubuntu-phablet systemd[1]: Dependency failed for force-mtp.service. Jan 3 10:50:30 ubuntu-phablet systemd[1]: force-mtp.service: Job force-mtp.service/start failed with result 'dependency'. Jan 3 10:50:30 ubuntu-phablet systemd[1]: lxc-android-config.service: Unit entered failed state. Jan 3 10:50:30 ubuntu-phablet systemd[1]: lxc-android-config.service: Failed with result 'exit-code'. This makes all of our frieza and cooler devices useless for testing purposes. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1653725/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1652117] Re: sbuild-launchpad-chroot doesn't detect current overlayfs
** No longer affects: sbuild-launchpad-chroot (Ubuntu Xenial) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1652117 Title: sbuild-launchpad-chroot doesn't detect current overlayfs Status in sbuild-launchpad-chroot package in Ubuntu: Triaged Status in sbuild-launchpad-chroot source package in Yakkety: Triaged Status in sbuild-launchpad-chroot source package in Zesty: Triaged Bug description: With the switch from out of tree overlayfs to in-tree overlay, sbuild- launchpad-chroot must be updated to properly detect both of those, otherwise users end up with a "directory" type chroot that doesn't use unioning and so looses a few of the useful features provided by this tool. # Rationale New kernel doesn't have a "overlayfs" module, it's now called "overlay". Both names should be used in the detection code. # Test case - Before upgrade - sbuild-launchpad-chroot create -n test -s xenial -a amd64 - Check that /etc/schroot/chroot.d/test doesn't contain "union-type" - sbuild-launchpad-chroot remove -n test - After upgrade - sbuild-launchpad-chroot create -n test -s xenial -a amd64 - Check that /etc/schroot/chroot.d/test contains "union-type" - sbuild-launchpad-chroot remove -n test # Regression potential Not much, this won't affect anyone who has existing chroots, it only affects new chroots and re-introduces the behavior that people have been expecting up until the time where the overlayfs driver was removed from the kernel. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sbuild-launchpad-chroot/+bug/1652117/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1647012] Re: SRU of LXCFS 2.0.5 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Trusty) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647012 Title: SRU of LXCFS 2.0.5 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Fix Released Status in lxcfs source package in Xenial: Fix Released Status in lxcfs source package in Yakkety: Fix Released Bug description: LXCFS upstream released LXCFS 2.0.5 as a bugfix release with following changelog: - Add Documentation key to systemd unit - bindings: allow getattr on O_WRONLY files - bindings: remove noop check - fix Active/Inactive /proc/meminfo - macro: add header for shared macros - pam_cgfs: reimplement and add cgroupfs v2 support - pam_cgfs: re-use cgroups that already belong to us - pam_cgfs: handle cgroupfs v1 cpuset controller - pam_cgfs: improve logging - cgroups: handle non-existent isolcpus file Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1647012/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1647010] Re: SRU of LXC 2.0.6 (upstream bugfix release)
** Changed in: lxc (Ubuntu Trusty) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647010 Title: SRU of LXC 2.0.6 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: Fix Released Status in lxc source package in Xenial: Fix Released Status in lxc source package in Yakkety: Fix Released Bug description: LXC upstream released LXC 2.0.5 as a bugfix release with following changelog: - Security fix for CVE-2016-8649 - utils: make detect_ramfs_rootfs() return bool - tests: add test for detect_ramfs_rootfs() - add Documentation entries to lxc and lxc@ units - mark the python examples as having utf-8 encoding - log: sanity check the returned value from snprintf() - lxc-alpine: mount /dev/shm as tmpfs - archlinux: Do DHCP on eth0 - archlinux: Fix resolving - Drop leftover references to lxc_strerror() - tests: fix image download for s390x - tools: fix coding style in lxc_attach - tools: make overlay valid backend - tools: better error reporting for lxc-start - alpine: Fix installing extra packages - lxc-alpine: do not drop setfcap - s390x: Fix seccomp handling of personalities - tools: correct the argument typo in lxc_copy - Use libtool for liblxc.so - c/r: use --external instead of --veth-pair - c/r: remember to increment netnr - c/r: add checkpoint/restore support for macvlan interfaces - ubuntu: Fix package upgrades requiring proc - c/r: drop duplicate hunk from macvlan case - c/r: use snprintf to compute device name - Tweak libtool handling to work with Android - tests: add lxc_error() and lxc_debug() - container start: clone newcgroup immediately - use python3_sitearch for including the python code - fix rpm build, include all built files, but only once - cgfs: fix invalid free() - find OpenSUSE's build also as obs-build - improve help text for --fancy and --fancy-format - improve wording of the help page for lxc-ls - cgfs: add print_cgfs_init_debuginfo() - cgfs: skip empty entries under /proc/self/cgroup - cgfs: explicitly check for NULL - tools: use correct exit code for lxc-stop - c/r: explicitly emit bind mounts as criu arguments - log: bump LXC_LOG_BUFFER_SIZE to 4096 - conf: merge network namespace move & rename on shutdown - c/r: save criu's stdout during dump too - c/r: remove extra \ns from logs - c/r: fix off-by-one error - c/r: check state before doing a checkpoint/restore - start: CLONE_NEWCGROUP after we have setup cgroups - create symlink for /var/run - utils: add lxc_append_string() - cgroups: remove isolated cpus from cpuset.cpus - Update Ubuntu release name: add zesty and remove wily - templates: add squashfs support to lxc-ubuntu-cloud.in - cgroups: skip v2 hierarchy entry - also stop lxc-net in runlevels 0 and 6 - add lxc.egg-info to gitignore - install bash completion where pkg-config tells us to - conf: do not use %m format specifier - debian: Don't depend on libui-dialog-perl - cgroups: use %zu format specifier to print size_t - lxc-checkpoint: automatically detect if --external or --veth-pair - cgroups: prevent segfault in cgfsng - utils: add lxc_preserve_ns() - start: add netnsfd to lxc_handler - conf: use lxc_preserve_ns() - attach: use lxc_preserve_ns() - lxc_user_nic: use lxc_preserve_ns() - conf, start: improve log output - conf: explicitly remove veth device from host - conf, start: be smarter when deleting networks - start, utils: improve preserve_ns() - start, error: improve log + non-functional changes - start, namespace: move ns_info to namespace.{c,h} - attach, utils: bugfixes - attach: use ns_info[LXC_NS_MAX] struct - namespace: always attach to user namespace first - cgroup: improve isolcpus handling - cgroups: handle non-existent isolcpus file - utils: add lxc_safe_uint() - tests: add unit tests for lxc_safe_uint() - utils: add lxc_safe_int() - tests: add unit tests for lxc_safe_int() - conf/ile: get ip prefix via lxc_safe_uint() - confile: use lxc_safe_u/int in config_init_{u,g}id - conf/ile: use lxc_safe_uint() in config_pts() - conf/ile: use lxc_safe_u/int() in config_start() - conf/ile: use lxc_safe_uint() in config_monitor() - conf/ile: use lxc_safe_uint() in config_tty() - conf/ile: use lxc_safe_uint() in config_kmsg() - conf/ile: avoid atoi in config_lsm_aa_incomplete() - con
[Group.of.nepali.translators] [Bug 1644377] Re: SRU of LXD 2.0.8 (upstream bugfix release)
** Changed in: lxd (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1644377 Title: SRU of LXD 2.0.8 (upstream bugfix release) Status in lxd package in Ubuntu: Invalid Status in lxd source package in Trusty: Fix Released Status in lxd source package in Xenial: Fix Released Bug description: LXD upstream released LXD 2.0.6 as a bugfix release with following changelog: - Support for container specific uid/gid maps (see userns-idmap.md) - appveyor: Add config to git (Issue #2537) - appveyor: Cleanup appveyor.yml before modifications - appveyor: Create archive with platform specifier in its name - appveyor: Do verbose testing for test names and timings - appveyor: Publish compiled binaries for download - client: Rework progress handling - doc: Add hacking guide (debugging.md) - doc: Add official Windows support in README - doc: Bump liblxc version required in README - doc: Sort API endpoints in rest-api.md - doc: Update README to specify docker installation details - doc: Update requirements, we actually require 2.0.0 or higher - doc: Use consistent method ordering in rest-api.md - extra/bash: Allow dash in parameters to lxc-client bash-completion - extra/bash: Fix _lxd_profiles in lxc-client bash-completion - extra/lxc-to-lxd: Better output with no container - extra/lxc-to-lxd: Check that source path exists (disk) (Issue #2572) - extra/lxc-to-lxd: Consistent logging - extra/lxc-to-lxd: Don't fail dry-run with runnning containers - extra/lxc-to-lxd: Drop dependency on pylxd - extra/lxc-to-lxd: Fix lxdpath handling - extra/lxc-to-lxd: Formatting - extra/lxc-to-lxd: Migrate lxc.aa_profile if set - extra/lxc-to-lxd: Print summary and proper exit code - lxc/copy: Don't use the operation as a marker of success - lxc/copy: Wait on the source operation too - lxc/delete: update help text - lxc/exec: Set term to "dumb" on windows (Issue #2288) - lxc/finger: update help text - lxc: Fix tests on Windows/Mac - lxc/list: Fix typo in help message - lxc/remote: Fix remote add with Go tip - lxc/restore: update help text - lxc: Use .yaml as the yaml extension in examples - lxd/certificates: Export all documented certificate fields - lxd/containers: Add /snap/bin to PATH even if only /snap exists - lxd/containers: Also clean up apparmor stuff in OnStart when something fails - lxd/containers: Attach to userns on file operations - lxd/containers: Be more verbose on mkdir failure - lxd/containers: Better handle concurent stop/shutdown - lxd/containers: Catch and return more errors in OnStop - lxd/containers: Clarify container delete failure error - lxd/containers: Don't destroy ephemeral container on restart (Issue #2555) - lxd/containers: Don't double delete ephemeral containers - lxd/containers: Don't show invalid logs - lxd/containers: Fix forkmount to work with 4.8 and higher - lxd/containers: Fix invalid filename of metadata on export (Issue #2467) - lxd/containers: Improve config validation on update - lxd/containers: Improve container error handling - lxd/containers: Improve container locking mechanism (Issue #2612) - lxd/containers: log OnStart/OnStop hook errors - lxd/containers: More reliable container autostart (Issue #2469) - lxd/containers: Only load kernel modules if not loaded - lxd/containers: Properly validate CPU allowance - lxd/containers: Properly validate memory limits (Issue #2483) - lxd/containers: Record the err from go-lxc - lxd/containers: Remove legacy code from OnStop - lxd/containers: Remove unused code - lxd/containers: Save properties on publish - lxd/containers: Set LXC loglevel to match daemon (Issue #2528) - lxd/containers: Skip leading whitespace in raw.lxc - lxd/containers: Start storage when necessary in stateful start - lxd/containers: Timeout container freeze on stop - lxd/images: Detect out of disk space unpack errors (Issue #2201) - lxd/images: Don't make unnecessary image copies (Issue #2508) - lxd/images: Don't update images at all if interval is 0 - lxd/images: Store the simplestreams cache to disk (Issue #2487) - lxd/init: Detect zfs kernel support - lxd/init: Ignore ZFS if in a container - lxd/main: Immediately exit when no DB in activateifneeded - lxd/migration: Fix a race for collecting logs - lxd/migration: Remove debugging by file creation - lxd/migration: Start migration storage at the right time (Issue #2505) - lxd/storage: Fix 10s delay on removing used ZFS images (Issue #2617) - lxd/storage: Freeze before copying in dir backend - lxd/storage: Simplify rsync code - shared/certificates: Be more thorough when parsing ip addr - sha
[Group.of.nepali.translators] [Bug 1647017] Re: [SRU] Update xenial and yakkety to match zesty version
Local test rebuild worked fine, autopkgtest looks happy, releasing. ** Changed in: lxd (Ubuntu Yakkety) Status: Triaged => Fix Released ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647017 Title: [SRU] Update xenial and yakkety to match zesty version Status in golang-gopkg-lxc-go-lxc.v2 package in Ubuntu: Fix Released Status in lxd package in Ubuntu: Fix Released Status in golang-gopkg-lxc-go-lxc.v2 source package in Xenial: Fix Released Status in golang-gopkg-lxc-go-lxc.v2 source package in Yakkety: Fix Released Status in lxd source package in Yakkety: Fix Released Bug description: == Rationale == Update go-lxc to match in all supported Ubuntu releases. This includes adding a couple more bindings related to attach which will be used as the basis for an attach bugfix in the upcoming LXD bugfix release. == Test case == Current LXD from the target series and the current upstream LXD should be rebuilt against this and the testsuite run. This on top of the autopkgtests included in the go-lxc package will validate that this didn't cause regressions and that the new bindings work properly (as used in current upstream LXD). == Regression potential == go-lxc is only used by LXD at this point and LXD CI runs against the latest go-lxc upstream. This is also the version of go-lxc which is in the current development release and so has effectively received the most stress testing by LXD upstream. The risk of regression is therefore very low and the content of this new snapshot is basically limited to clean additions or straightforward bugfixes. go-lxc is used by LXD as the way to interact with liblxc. As a result, upstream changes for it are usually restricted to bugfixes or minor improvements (for things like CRIU support). To make our lives easier, we like to keep go-lxc in sync in all supported Ubuntu releases to match the LXC version that we also keep in sync there. To do so, we need to SRU a new version of go-lxc to xenial and yakkety, with the following upstream changelog: - bindings C: check for LXC_DEVEL in version.h file - bindings go: check for LXC_DEVEL in version.h - lxc-binding: add binding for c->attach() - container: add RunCommandNoWait() - lxc_test: add test for RunCommandNoWait() - Move LXC_DEVEL define to after version.h include - c/r: make sure container is running before doing a dump - container, error: return correct error - Fix TestRunCommandNoWait failure - tests: Skip architecture test on !x86 - tests: Make skip messages consistent - Run "go fmt" The xenial SRU will not require any extra work. The next LXD upload will simply pick up the new go-lxc at build time. For the yakkety SRU, we will need to upload a no change rebuild of LXD to build against the new go-lxc and we'll need them both to be released at the same time. That's because of the addition of the "attach()" function which changes the Go shared library hash. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/golang-gopkg-lxc-go-lxc.v2/+bug/1647017/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1647017] Re: [SRU] Update xenial and yakkety to match zesty version
** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Yakkety) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647017 Title: [SRU] Update xenial and yakkety to match zesty version Status in golang-gopkg-lxc-go-lxc.v2 package in Ubuntu: Fix Released Status in lxd package in Ubuntu: Fix Released Status in golang-gopkg-lxc-go-lxc.v2 source package in Xenial: Fix Released Status in golang-gopkg-lxc-go-lxc.v2 source package in Yakkety: Fix Released Status in lxd source package in Yakkety: Fix Released Bug description: == Rationale == Update go-lxc to match in all supported Ubuntu releases. This includes adding a couple more bindings related to attach which will be used as the basis for an attach bugfix in the upcoming LXD bugfix release. == Test case == Current LXD from the target series and the current upstream LXD should be rebuilt against this and the testsuite run. This on top of the autopkgtests included in the go-lxc package will validate that this didn't cause regressions and that the new bindings work properly (as used in current upstream LXD). == Regression potential == go-lxc is only used by LXD at this point and LXD CI runs against the latest go-lxc upstream. This is also the version of go-lxc which is in the current development release and so has effectively received the most stress testing by LXD upstream. The risk of regression is therefore very low and the content of this new snapshot is basically limited to clean additions or straightforward bugfixes. go-lxc is used by LXD as the way to interact with liblxc. As a result, upstream changes for it are usually restricted to bugfixes or minor improvements (for things like CRIU support). To make our lives easier, we like to keep go-lxc in sync in all supported Ubuntu releases to match the LXC version that we also keep in sync there. To do so, we need to SRU a new version of go-lxc to xenial and yakkety, with the following upstream changelog: - bindings C: check for LXC_DEVEL in version.h file - bindings go: check for LXC_DEVEL in version.h - lxc-binding: add binding for c->attach() - container: add RunCommandNoWait() - lxc_test: add test for RunCommandNoWait() - Move LXC_DEVEL define to after version.h include - c/r: make sure container is running before doing a dump - container, error: return correct error - Fix TestRunCommandNoWait failure - tests: Skip architecture test on !x86 - tests: Make skip messages consistent - Run "go fmt" The xenial SRU will not require any extra work. The next LXD upload will simply pick up the new go-lxc at build time. For the yakkety SRU, we will need to upload a no change rebuild of LXD to build against the new go-lxc and we'll need them both to be released at the same time. That's because of the addition of the "attach()" function which changes the Go shared library hash. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/golang-gopkg-lxc-go-lxc.v2/+bug/1647017/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1647312] Re: Containers don't restart after clean host shutdown
** Changed in: lxd (Ubuntu Trusty) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647312 Title: Containers don't restart after clean host shutdown Status in lxd package in Ubuntu: In Progress Status in lxd source package in Trusty: Fix Released Status in lxd source package in Xenial: Fix Released Bug description: LXD is supposed to record the containers state on host shutdown and restore them to their previous state on restart. A change in LXD 2.6.2 and LXD 2.0.8 regressed this, so now containers need to be manually started after reboot. Upstream bug report: https://github.com/lxc/lxd/issues/2686 Upstream fix: https://github.com/lxc/lxd/pull/2687 This will need to be SRUed very quickly. # SRU paperwork ## Rationale Regresses "lxd shutdown". ## Test case - lxc launch ubuntu:16.04 abc - lxd shutdown - ps aux | grep -q abc && echo "FAIL, container still running" - lxc finger - lxc list | grep abc | grep RUNNING ## Regression potential Fix is pretty straightforward and specific to this issue. A test was also added as part of this, so it's very unlikely that anything else would be affected by this fix. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1647312/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1647312] [NEW] Containers don't restart after clean host shutdown
Public bug reported: LXD is supposed to record the containers state on host shutdown and restore them to their previous state on restart. A change in LXD 2.6.2 and LXD 2.0.8 regressed this, so now containers need to be manually started after reboot. Upstream bug report: https://github.com/lxc/lxd/issues/2686 Upstream fix: https://github.com/lxc/lxd/pull/2687 This will need to be SRUed very quickly. # SRU paperwork ## Rationale Regresses "lxd shutdown". ## Test case - lxc launch ubuntu:16.04 abc - lxd shutdown - ps aux | grep -q abc && echo "FAIL, container still running" - lxc finger - lxc list | grep abc | grep RUNNING ## Regression potential Fix is pretty straightforward and specific to this issue. A test was also added as part of this, so it's very unlikely that anything else would be affected by this fix. ** Affects: lxd (Ubuntu) Importance: High Status: In Progress ** Affects: lxd (Ubuntu Trusty) Importance: High Status: In Progress ** Affects: lxd (Ubuntu Xenial) Importance: High Status: In Progress ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu Trusty) Status: New => In Progress ** Changed in: lxd (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxd (Ubuntu Xenial) Importance: Undecided => High ** Changed in: lxd (Ubuntu Trusty) Importance: Undecided => High -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647312 Title: Containers don't restart after clean host shutdown Status in lxd package in Ubuntu: In Progress Status in lxd source package in Trusty: In Progress Status in lxd source package in Xenial: In Progress Bug description: LXD is supposed to record the containers state on host shutdown and restore them to their previous state on restart. A change in LXD 2.6.2 and LXD 2.0.8 regressed this, so now containers need to be manually started after reboot. Upstream bug report: https://github.com/lxc/lxd/issues/2686 Upstream fix: https://github.com/lxc/lxd/pull/2687 This will need to be SRUed very quickly. # SRU paperwork ## Rationale Regresses "lxd shutdown". ## Test case - lxc launch ubuntu:16.04 abc - lxd shutdown - ps aux | grep -q abc && echo "FAIL, container still running" - lxc finger - lxc list | grep abc | grep RUNNING ## Regression potential Fix is pretty straightforward and specific to this issue. A test was also added as part of this, so it's very unlikely that anything else would be affected by this fix. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1647312/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1647017] [NEW] [SRU] Update xenial and yakkety to match zesty version
Public bug reported: go-lxc is used by LXD as the way to interact with liblxc. As a result, upstream changes for it are usually restricted to bugfixes or minor improvements (for things like CRIU support). To make our lives easier, we like to keep go-lxc in sync in all supported Ubuntu releases to match the LXC version that we also keep in sync there. To do so, we need to SRU a new version of go-lxc to xenial and yakkety, with the following upstream changelog: - bindings C: check for LXC_DEVEL in version.h file - bindings go: check for LXC_DEVEL in version.h - lxc-binding: add binding for c->attach() - container: add RunCommandNoWait() - lxc_test: add test for RunCommandNoWait() - Move LXC_DEVEL define to after version.h include - c/r: make sure container is running before doing a dump - container, error: return correct error - Fix TestRunCommandNoWait failure - tests: Skip architecture test on !x86 - tests: Make skip messages consistent - Run "go fmt" The xenial SRU will not require any extra work. The next LXD upload will simply pick up the new go-lxc at build time. For the yakkety SRU, we will need to upload a no change rebuild of LXD to build against the new go-lxc and we'll need them both to be released at the same time. That's because of the addition of the "attach()" function which changes the Go shared library hash. ** Affects: golang-gopkg-lxc-go-lxc.v2 (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxd (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Yakkety) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxd (Ubuntu Yakkety) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu) Status: New => Fix Released ** Also affects: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu) Importance: Undecided Status: New ** No longer affects: lxd (Ubuntu Xenial) ** Changed in: lxd (Ubuntu) Status: New => Invalid ** Changed in: lxd (Ubuntu) Status: Invalid => Fix Released ** Changed in: lxd (Ubuntu Yakkety) Status: New => In Progress ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Yakkety) Status: New => In Progress ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxd (Ubuntu Yakkety) Status: In Progress => Triaged ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Yakkety) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxd (Ubuntu Yakkety) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647017 Title: [SRU] Update xenial and yakkety to match zesty version Status in golang-gopkg-lxc-go-lxc.v2 package in Ubuntu: Fix Released Status in lxd package in Ubuntu: Fix Released Status in golang-gopkg-lxc-go-lxc.v2 source package in Xenial: In Progress Status in golang-gopkg-lxc-go-lxc.v2 source package in Yakkety: In Progress Status in lxd source package in Yakkety: Triaged Bug description: go-lxc is used by LXD as the way to interact with liblxc. As a result, upstream changes for it are usually restricted to bugfixes or minor improvements (for things like CRIU support). To make our lives easier, we like to keep go-lxc in sync in all supported Ubuntu releases to match the LXC version that we also keep in sync there. To do so, we need to SRU a new version of go-lxc to xenial and yakkety, with the following upstream changelog: - bindings C: check for LXC_DEVEL in version.h file - bindings go: check for LXC_DEVEL in version.h - lxc-binding: add binding for c->attach() - container: add RunCommandNoWait() - lxc_test: add test for RunCommandNoWait() - Move LXC_DEVEL define to after version.h include - c/r: make sure container is running before doing a dump - container, error: return correct error - Fix TestRunCommandNoWait failure - tests: Skip architecture test on !x86 - tests: Make skip messages consistent - Run "go fmt" The xenial SRU will not require any extra work. The next LXD upload will simply pick up the new go-l
[Group.of.nepali.translators] [Bug 1647012] [NEW] SRU of LXCFS 2.0.5 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXCFS 2.0.5 as a bugfix release with following changelog: - Add Documentation key to systemd unit - bindings: allow getattr on O_WRONLY files - bindings: remove noop check - fix Active/Inactive /proc/meminfo - macro: add header for shared macros - pam_cgfs: reimplement and add cgroupfs v2 support - pam_cgfs: re-use cgroups that already belong to us - pam_cgfs: handle cgroupfs v1 cpuset controller - pam_cgfs: improve logging - cgroups: handle non-existent isolcpus file Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxcfs (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxcfs (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxcfs (Ubuntu Yakkety) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxcfs (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu Trusty) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Yakkety) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Yakkety) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647012 Title: SRU of LXCFS 2.0.5 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: In Progress Status in lxcfs source package in Xenial: In Progress Status in lxcfs source package in Yakkety: In Progress Bug description: LXCFS upstream released LXCFS 2.0.5 as a bugfix release with following changelog: - Add Documentation key to systemd unit - bindings: allow getattr on O_WRONLY files - bindings: remove noop check - fix Active/Inactive /proc/meminfo - macro: add header for shared macros - pam_cgfs: reimplement and add cgroupfs v2 support - pam_cgfs: re-use cgroups that already belong to us - pam_cgfs: handle cgroupfs v1 cpuset controller - pam_cgfs: improve logging - cgroups: handle non-existent isolcpus file Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1647012/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1647010] [NEW] SRU of LXC 2.0.6 (upstream bugfix release)
ure a static MAC address on the LXC bridge - tests: remove overflow tests - attach: do not send procfd to attached process Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Zesty and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxc (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxc (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxc (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Affects: lxc (Ubuntu Yakkety) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxc (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxc (Ubuntu Trusty) Status: New => In Progress ** Changed in: lxc (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxc (Ubuntu Yakkety) Status: New => In Progress ** Changed in: lxc (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxc (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxc (Ubuntu Yakkety) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647010 Title: SRU of LXC 2.0.6 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: In Progress Status in lxc source package in Xenial: In Progress Status in lxc source package in Yakkety: In Progress Bug description: LXC upstream released LXC 2.0.5 as a bugfix release with following changelog: - Security fix for CVE-2016-8649 - utils: make detect_ramfs_rootfs() return bool - tests: add test for detect_ramfs_rootfs() - add Documentation entries to lxc and lxc@ units - mark the python examples as having utf-8 encoding - log: sanity check the returned value from snprintf() - lxc-alpine: mount /dev/shm as tmpfs - archlinux: Do DHCP on eth0 - archlinux: Fix resolving - Drop leftover references to lxc_strerror() - tests: fix image download for s390x - tools: fix coding style in lxc_attach - tools: make overlay valid backend - tools: better error reporting for lxc-start - alpine: Fix installing extra packages - lxc-alpine: do not drop setfcap - s390x: Fix seccomp handling of personalities - tools: correct the argument typo in lxc_copy - Use libtool for liblxc.so - c/r: use --external instead of --veth-pair - c/r: remember to increment netnr - c/r: add checkpoint/restore support for macvlan interfaces - ubuntu: Fix package upgrades requiring proc - c/r: drop duplicate hunk from macvlan case - c/r: use snprintf to compute device name - Tweak libtool handling to work with Android - tests: add lxc_error() and lxc_debug() - container start: clone newcgroup immediately - use python3_sitearch for including the python code - fix rpm build, include all built files, but only once - cgfs: fix invalid free() - find OpenSUSE's build also as obs-build - improve help text for --fancy and --fancy-format - improve wording of the help page for lxc-ls - cgfs: add print_cgfs_init_debuginfo() - cgfs: skip empty entries under /proc/self/cgroup - cgfs: explicitly check for NULL - tools: use correct exit code for lxc-stop - c/r: explicitly emit bind mounts as criu arguments - log: bump LXC_LOG_BUFFER_SIZE to 4096 - conf: merge network namespace move & rename on shutdown - c/r: save criu's stdout during dump too - c/r: remove extra \ns from logs - c/r: fix off-by-one error - c/r: check state before doing a checkpoint/restore - start:
[Group.of.nepali.translators] [Bug 1632144] Re: SRU of LXC 2.0.5 (upstream bugfix release)
** Changed in: lxc (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1632144 Title: SRU of LXC 2.0.5 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: Fix Released Status in lxc source package in Xenial: Fix Released Bug description: LXC upstream released LXC 2.0.5 as a bugfix release with following changelog: - Fix .gitignore after /tools/ split - Add lxc-test-utils to .gitignore - bdev: use correct overlay module name - cleanup: tools: remove --name from lxc-top usage message - cleanup: whitespaces in option alignment for lxc-execute - Use full GPG fingerprint instead of long IDs. - tools: move --rcfile to the common options list - tools: set configfile after load_config - doc: add --rcfile to common opts - doc: Update Korean lxc-attach(1) - doc: Add --rcfile to Korean common opts - doc: Add --rcfile to Japanese common opts - tools: use exit(EXIT_*) everywhere - tools: unify exit() calls outside of main() - utils: Add mips signalfd syscall numbers - seccomp: Implement MIPS seccomp handling - seccomp: Add mips and mips64 entries to lxc_config_parse_arch - seccomp: fix strerror() - confile: add more archs to lxc_config_parse_arch() - seccomp: add support for s390x - seccomp: remove double include and order includes - seccomp: non functional changes - templates: use fd 9 instead of 200 - templates: fedora requires openssl binary - tools: use boolean for ret in lxc_device.c - c/r: use /proc/self/tid/children instead of pidfile - c/r: Fix pid_t on some arches - templates: Add mips hostarch detection to debian - cleanup: replace tabs wth spaces in usage strings - remove extra 'ret' - c/r: write status only after trying to parse the pid - set FULL_PATH_NAMES=NO in doc/api/Doxyfile - templates: rm halt.target -> sigpwr.target symlink - templates: remove creation of bogus directory - console: use correct log name - configure: add --disable-werror - tests: fix get_item tests - templates: use correct cron version in alpine template - c/r: zero a smaller than known migrate_opts struct - lxczfs: small fixes - c/r: free valid_opts if necessary - make rsync deal with sparse files efficiently - lxc-create -t debian fails on ppc64el arch - c/r: fix typo in comment - cgroup: add new functions for interacting with hierachies - utils: add lxc_deslashify - c/r: pass --cgroup-roots on checkpoint - cgroup: get rid of weird hack in cgfsng_escape - cgroup: drop cgroup_canonical_path - c/r: check that cgroup_num_hierarchies > 0 - tools: do not add trailing spaces on lxc-ls -1 - conf: retrieve mtu from netdev->link - conf: try to retrieve mtu from veth - c/r: detatch from controlling tty on restore - Fix null derefence if attach is called without access to any tty - utils: fix lxc_string_split() - tools: lxc_deslashify() handle special cases - tests: add unit tests for lxc_deslashify() - Fix for ALTLinux container creation in all branches - utils: lxc_deslashify() free memory - Fix spelling of CentOS in the templates - Define LXC_DEVEL to detect development releases - tools: lxc-checkconfig conditionalize devpts check Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1632144/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1645037] Re: apparmor_parser hangs indefinitely when called by multiple threads
This has been confirmed to affect both the 4.4 and 4.8 kernels. ** Project changed: apparmor => apparmor (Ubuntu) ** Also affects: linux (Ubuntu) Importance: Undecided Status: New ** Also affects: apparmor (Ubuntu Zesty) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Zesty) Importance: Undecided Status: New ** Also affects: apparmor (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects: apparmor (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Xenial) Status: New => Triaged ** Changed in: linux (Ubuntu Yakkety) Status: New => Triaged ** Changed in: linux (Ubuntu Zesty) Status: New => Triaged ** No longer affects: apparmor (Ubuntu Xenial) ** No longer affects: apparmor (Ubuntu Yakkety) ** No longer affects: apparmor (Ubuntu Zesty) ** Changed in: apparmor (Ubuntu) Status: New => Triaged ** Changed in: apparmor (Ubuntu) Assignee: (unassigned) => John Johansen (jjohansen) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1645037 Title: apparmor_parser hangs indefinitely when called by multiple threads Status in apparmor package in Ubuntu: Triaged Status in linux package in Ubuntu: Triaged Status in linux source package in Xenial: Triaged Status in linux source package in Yakkety: Triaged Status in linux source package in Zesty: Triaged Bug description: This bug surfaced when starting ~50 LXC container with LXD in parallel multiple times: # Create the containers for c in c foo{1..50}; do lxc launch images:ubuntu/xenial $c; done # Exectute this loop multiple times until you observe errors. for c in c foo{1..50}; do lxc restart $c & done After this you can ps aux | grep apparmor and you should see output similar to: root 19774 0.0 0.0 12524 1116 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19775 0.0 0.0 12524 1208 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19776 0.0 0.0 13592 3224 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19778 0.0 0.0 13592 3384 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19780 0.0 0.0 12524 1208 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19782 0.0 0.0 12524 1208 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19783 0.0 0.0 13592 3388 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19784 0.0 0.0 13592 3252 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19794 0.0 0.0 12524 1208 pts/1S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 root 19795 0.0 0.0 13592 3256 pts/1D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 apparmor_parser remains stuck even after all LXC/LXD commands have exited. dmesg output yields lines like: [41902.815174] audit: type=1400 audit(1480191089.678:43): apparmor="STATUS" operation="profile_load" profile="unconfined" name ="lxd-foo30_" pid=12545 comm="apparmor_parser" and cat /proc/12545/stack shows: [] aa_remove_profiles+0x88/0x270 21:19 brauner [] profile_remove+0x144/0x2e0 21:19 brauner [] __vfs_write+0x18/0x40 21:19 brauner [] vfs_write+0xb8/0x1b0 21:19 brauner [] SyS_write+0x55/0xc0 21:19 brauner [] entry_SYSCALL_64_fastpath+0x1e/0xa8 21:19 brauner [] 0x This looks like a potential kernel bug. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1645037/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More
[Group.of.nepali.translators] [Bug 1632152] Re: SRU of LXD 2.0.5 (upstream bugfix release)
** Changed in: lxd (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1632152 Title: SRU of LXD 2.0.5 (upstream bugfix release) Status in lxd package in Ubuntu: Invalid Status in lxd source package in Trusty: Fix Released Status in lxd source package in Xenial: Fix Released Bug description: LXD upstream released LXD 2.0.5 as a bugfix release with following changelog: - Support for AppArmor namespacing and stacking - Rework LXD daemon logging to be cleaner and more generally useful - "lxc info CONTAINER" now shows the name of the remote for the container - Client errors now include the remote the container is on - /snap/bin is included to PATH if present in the container - doc: Add txqueuelen tweak. - doc: Clarify that user_subvol_rm_allowed is needed for btrfs nesting - doc: Fix the table style of environment.md - doc: Fix typos in production-setup.md - doc: Remove trailing spaces in production-setup.md - doc: Spacing cleanup - extras: Containers state checking for start, stop and exec commands - extras: Fixed container convert from LXC to LXD - fuidshift: expand symlinks to last path component - lxc: Drop unused httpAddr property - lxc/exec: Document lxc exec -- args - lxc/exec: Use os.LookupEnv from go 1.5 to find environment vars - lxc: Fix spacing alignment in config.go's examples - lxc/help: Send error to stdout - lxd/apparmor: Be less restrictive when unprivileged - lxd-bridge: Fail on dnsmasq failure - lxd-bridge: Fix crash in lxd-bridge-proxy - lxd: Consistently handle name conflicts - lxd/container: Allow unsetting any config key - lxd/container_lxc: handle xattrs - lxd/container: Retry generating petnames - lxd/container: Return an error on "restart" without force when paused - lxd/container: Rework container operation locking - lxd/daemon: Do our own socket activation - lxd/db: Fix int64 handling - lxd/db: Make a database backup on schema updates - lxd/db: Rework DB schema updates - lxd/image: Fix support for lzma alone file format - lxd/image: Tweak squashfs for low-memory systems - lxd/init: Change default host to all (::) - lxd/init: Change validation functions for consistency - lxd/init: Default to "dir" when "zfs" isn't available - lxd/init: Don't fail when passed "all" as an IP - lxd/init: Enable compression on new zfs pools - lxd/init: Fix listed default value for ZFS pool - lxd/init: use more intelligent logic for partition sizing - lxd/migration: Fix copying across different CoW based backend - lxd/migration: Also show warnings on c/r errors - lxd/migration: Bump ghost limit - lxd/migration: Don't use ActionScript if it's not available - lxd/migration: Preserve snapshot configuration - lxd/migration: Resume dumped container on failed restore - lxd/migration: Use liblxc's new preserves_inodes feature - lxd/network: Detect bonds - lxd/network: Detect openvswitch - lxd/network: Fix networkIsInUse - lxd/network: Move and rename isOnBridge - lxd/profile: Cleaner error on existing profile name - lxd/profile: Properly cleanup on profile removal - lxd/storage: Copy everything on container copy - lxd/storage: Extra checks and config for ZFS pools - Makefile: Don't recursively include test deps - README: Add AppVeyor badge (Windows testing) - shared: Add GetOwner stub for Windows - shared: Generate client certificate with proper extended usage info - shared: Make TestReaderToChannel transfer smaller - shared: New RunCommand wrapper function - tests: Add a test to make sure we don't accidentally include new deps - tests: add test for GetAllXattr() - tests: Fix apparmor version check - tests: Fix for newer shellcheck - tests: Force UTC timezone - tests: Only check leftovers on active LXD - tests: skip tests when xatts are not supported Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports a
[Group.of.nepali.translators] [Bug 1644377] [NEW] SRU of LXD 2.0.6 (upstream bugfix release)
stream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Invalid ** Affects: lxd (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxd (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Changed in: lxd (Ubuntu) Status: New => Invalid ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu Trusty) Status: New => In Progress ** Changed in: lxd (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxd (Ubuntu Trusty) Status: In Progress => Triaged ** Changed in: lxd (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxd (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1644377 Title: SRU of LXD 2.0.6 (upstream bugfix release) Status in lxd package in Ubuntu: Invalid Status in lxd source package in Trusty: Triaged Status in lxd source package in Xenial: In Progress Bug description: LXD upstream released LXD 2.0.6 as a bugfix release with following changelog: - Support for container specific uid/gid maps (see userns-idmap.md) - appveyor: Add config to git (Issue #2537) - appveyor: Cleanup appveyor.yml before modifications - appveyor: Create archive with platform specifier in its name - appveyor: Do verbose testing for test names and timings - appveyor: Publish compiled binaries for download - client: Rework progress handling - doc: Add hacking guide (debugging.md) - doc: Add official Windows support in README - doc: Bump liblxc version required in README - doc: Sort API endpoints in rest-api.md - doc: Update README to specify docker installation details - doc: Update requirements, we actually require 2.0.0 or higher - doc: Use consistent method ordering in rest-api.md - extra/bash: Allow dash in parameters to lxc-client bash-completion - extra/bash: Fix _lxd_profiles in lxc-client bash-completion - extra/lxc-to-lxd: Better output with no container - extra/lxc-to-lxd: Check that source path exists (disk) (Issue #2572) - extra/lxc-to-lxd: Consistent logging - extra/lxc-to-lxd: Don't fail dry-run with runnning containers - extra/lxc-to-lxd: Drop dependency on pylxd - extra/lxc-to-lxd: Fix lxdpath handling - extra/lxc-to-lxd: Formatting - extra/lxc-to-lxd: Migrate lxc.aa_profile if set - extra/lxc-to-lxd: Print summary and proper exit code - lxc/copy: Don't use the operation as a marker of success - lxc/copy: Wait on the source operation too - lxc/delete: update help text - lxc/exec: Set term to "dumb" on windows (Issue #2288) - lxc/finger: update help text - lxc: Fix tests on Windows/Mac - lxc/list: Fix typo in help message - lxc/remote: Fix remote add with Go tip - lxc/restore: update help text - lxc: Use .yaml as the yaml extension in examples - lxd/certificates: Export all documented certificate fields - lxd/containers: Add /snap/bin to PATH even if only /snap exists - lxd/containers: Also clean up apparmor stuff in OnStart when something fails - lxd/containers: Attach to userns on file operations - lxd/containers: Be more verbose on mkdir failure - lxd/containers: Better handle concurent stop/shutdown - lxd/containers: Catch and return more errors in OnStop - lxd/containers: Clarify container delete failure error - lxd/containers: Don't destroy ephemeral container on restart (Issue #2555) - lxd/containers: Don't double delete ephemeral containers - lxd/containers: Don't show invalid logs - lxd/containers: Fix forkmount to work with 4.8 and higher - lxd/containers: Fix invalid filename of metadata on export (Issue #2467) - lxd/containers: Improve config validation on update - lxd/containers: Improve container error handling - lxd/containers: Improve container locking mechanism (Issue #2612) - lxd/containers: log OnStart/OnStop hook errors - lxd/containers: More reliable container autostart (Issue #2469) - lxd/containers: Only load kernel modules if
[Group.of.nepali.translators] [Bug 1635639] Re: Seccomp error with 2.0.5-0ubuntu1~ubuntu16.04.1 on s390x
** Changed in: lxc (Ubuntu Zesty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1635639 Title: Seccomp error with 2.0.5-0ubuntu1~ubuntu16.04.1 on s390x Status in juju-ci-tools: Fix Released Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Xenial: Fix Released Status in lxc source package in Yakkety: Fix Released Status in lxc source package in Zesty: Fix Released Bug description: ## SRU paperwork ### Rationale LXC 2.0.5 added support for Seccomp on the s390x architecture for those kernels that support it. Unfortunately the personality handling for s390x is wrong and results in the profile being setup twice, causing a failure to start the container. This effectively means that LXC 2.0.5 fails out of the box on s390x. ### Test case With LXC: - lxc-start -n some-container -F With LXD: - lxc start some-container ### Regression potential Our own testing shows that the fix works perfectly fine. The code change itself only affects s390x (under ifdef) so can't possibly affect the other architectures. The worst that can happen should this fix be wrong is either status quo (container won't start) or having the container start without seccomp support (status quo when compared to 2.0.4). ## Original bug report The s390x host used to Juju testing spontaneously broke today. The disk filled up, we restarted so that we could remove unused kernels. We discovered that lxc1 cannot create containers any more. $ sudo lxc-create -t ubuntu-cloud -n curtis -- -r xenial -a s390x $ sudo lxc-start -o lxc.log -n curtis lxc-start: tools/lxc_start.c: main: 344 The container failed to start. lxc-start: tools/lxc_start.c: main: 346 To get more details, run the container in foreground mode. lxc-start: tools/lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options. $ cat lxc.log lxc-start 20161020121833.069 ERRORlxc_seccomp - seccomp.c:get_new_ctx:224 - Seccomp error -17 (File exists) adding arch: 15 lxc-start 20161020121833.069 ERRORlxc_start - start.c:lxc_init:430 - failed loading seccomp policy lxc-start 20161020121833.069 ERRORlxc_start - start.c:__lxc_start:1313 - failed to initialize the container lxc-start 20161020121838.075 ERRORlxc_start_ui - tools/lxc_start.c:main:344 - The container failed to start. lxc-start 20161020121838.075 ERRORlxc_start_ui - tools/lxc_start.c:main:346 - To get more details, run the container in foreground mode. lxc-start 20161020121838.075 ERRORlxc_start_ui - tools/lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options. # sinzui: checking when s390x seccomp support was added to the # kernel, to see if it's just a missing config in our kernel that'd fix that # cleanly or if we'd need it backported to 4.4 which would be a bit more # annoying # sinzui: config-4.4.0-45-generic is what you're running right? # stgraber uname-a says 4.4.0-45-generic # stgraber> sinzui: you can workaround it by putting a file # with lxc.seccomp= # in /usr/share/lxc/config/common.conf.d/, that should get you going again WORK AROUND for LXC 1 # on the s390x-slave sudo vim /usr/share/lxc/config/common.conf.d/10-secomp-hack.conf $ cat /usr/share/lxc/config/common.conf.d/10-secomp-hack.conf # Advised to stgraber to add this file after seeing lxc-start fail with # lxc-start 20161020121833.069 ERRORlxc_seccomp - seccomp. lxc.seccomp= To manage notifications about this bug go to: https://bugs.launchpad.net/juju-ci-tools/+bug/1635639/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1628289] Update Released
The verification of the Stable Release Update for squashfuse has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions. ** Changed in: squashfuse (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1628289 Title: snapd should depend on squashfuse (for use in containers) Status in Snappy: New Status in squashfuse package in Ubuntu: Fix Released Status in squashfuse source package in Xenial: Fix Released Bug description: We're finally making progress on the apparmor stacking and snapd in container front. The next LXD release will include the needed support as will the kernel soon afterwards. With that, one can finally get snaps to install inside containers, but for any of it to work, squashfuse must be present in the container so that snapd can use it to mount the filesystem. squashfuse is in the archive and I've contributed support to snapd a while back, so all that should be needed is for the snapd package to be updated to depend or at least recommend squashfuse. To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1628289/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1632152] [NEW] SRU of LXD 2.0.5 (upstream bugfix release)
Public bug reported: LXD upstream released LXD 2.0.5 as a bugfix release with following changelog: - Support for AppArmor namespacing and stacking - Rework LXD daemon logging to be cleaner and more generally useful - "lxc info CONTAINER" now shows the name of the remote for the container - Client errors now include the remote the container is on - /snap/bin is included to PATH if present in the container - doc: Add txqueuelen tweak. - doc: Clarify that user_subvol_rm_allowed is needed for btrfs nesting - doc: Fix the table style of environment.md - doc: Fix typos in production-setup.md - doc: Remove trailing spaces in production-setup.md - doc: Spacing cleanup - extras: Containers state checking for start, stop and exec commands - extras: Fixed container convert from LXC to LXD - fuidshift: expand symlinks to last path component - lxc: Drop unused httpAddr property - lxc/exec: Document lxc exec -- args - lxc/exec: Use os.LookupEnv from go 1.5 to find environment vars - lxc: Fix spacing alignment in config.go's examples - lxc/help: Send error to stdout - lxd/apparmor: Be less restrictive when unprivileged - lxd-bridge: Fail on dnsmasq failure - lxd-bridge: Fix crash in lxd-bridge-proxy - lxd: Consistently handle name conflicts - lxd/container: Allow unsetting any config key - lxd/container_lxc: handle xattrs - lxd/container: Retry generating petnames - lxd/container: Return an error on "restart" without force when paused - lxd/container: Rework container operation locking - lxd/daemon: Do our own socket activation - lxd/db: Fix int64 handling - lxd/db: Make a database backup on schema updates - lxd/db: Rework DB schema updates - lxd/image: Fix support for lzma alone file format - lxd/image: Tweak squashfs for low-memory systems - lxd/init: Change default host to all (::) - lxd/init: Change validation functions for consistency - lxd/init: Default to "dir" when "zfs" isn't available - lxd/init: Don't fail when passed "all" as an IP - lxd/init: Enable compression on new zfs pools - lxd/init: Fix listed default value for ZFS pool - lxd/init: use more intelligent logic for partition sizing - lxd/migration: Fix copying across different CoW based backend - lxd/migration: Also show warnings on c/r errors - lxd/migration: Bump ghost limit - lxd/migration: Don't use ActionScript if it's not available - lxd/migration: Preserve snapshot configuration - lxd/migration: Resume dumped container on failed restore - lxd/migration: Use liblxc's new preserves_inodes feature - lxd/network: Detect bonds - lxd/network: Detect openvswitch - lxd/network: Fix networkIsInUse - lxd/network: Move and rename isOnBridge - lxd/profile: Cleaner error on existing profile name - lxd/profile: Properly cleanup on profile removal - lxd/storage: Copy everything on container copy - lxd/storage: Extra checks and config for ZFS pools - Makefile: Don't recursively include test deps - README: Add AppVeyor badge (Windows testing) - shared: Add GetOwner stub for Windows - shared: Generate client certificate with proper extended usage info - shared: Make TestReaderToChannel transfer smaller - shared: New RunCommand wrapper function - tests: Add a test to make sure we don't accidentally include new deps - tests: add test for GetAllXattr() - tests: Fix apparmor version check - tests: Fix for newer shellcheck - tests: Force UTC timezone - tests: Only check leftovers on active LXD - tests: skip tests when xatts are not supported Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Invalid ** Affects: lxd (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxd (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Changed in: lxd (Ubuntu) Status: New => Invalid ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (
[Group.of.nepali.translators] [Bug 1632144] [NEW] SRU of LXC 2.0.5 (upstream bugfix release)
Public bug reported: LXC upstream released LXC 2.0.5 as a bugfix release with following changelog: - Fix .gitignore after /tools/ split - Add lxc-test-utils to .gitignore - bdev: use correct overlay module name - cleanup: tools: remove --name from lxc-top usage message - cleanup: whitespaces in option alignment for lxc-execute - Use full GPG fingerprint instead of long IDs. - tools: move --rcfile to the common options list - tools: set configfile after load_config - doc: add --rcfile to common opts - doc: Update Korean lxc-attach(1) - doc: Add --rcfile to Korean common opts - doc: Add --rcfile to Japanese common opts - tools: use exit(EXIT_*) everywhere - tools: unify exit() calls outside of main() - utils: Add mips signalfd syscall numbers - seccomp: Implement MIPS seccomp handling - seccomp: Add mips and mips64 entries to lxc_config_parse_arch - seccomp: fix strerror() - confile: add more archs to lxc_config_parse_arch() - seccomp: add support for s390x - seccomp: remove double include and order includes - seccomp: non functional changes - templates: use fd 9 instead of 200 - templates: fedora requires openssl binary - tools: use boolean for ret in lxc_device.c - c/r: use /proc/self/tid/children instead of pidfile - c/r: Fix pid_t on some arches - templates: Add mips hostarch detection to debian - cleanup: replace tabs wth spaces in usage strings - remove extra 'ret' - c/r: write status only after trying to parse the pid - set FULL_PATH_NAMES=NO in doc/api/Doxyfile - templates: rm halt.target -> sigpwr.target symlink - templates: remove creation of bogus directory - console: use correct log name - configure: add --disable-werror - tests: fix get_item tests - templates: use correct cron version in alpine template - c/r: zero a smaller than known migrate_opts struct - lxczfs: small fixes - c/r: free valid_opts if necessary - make rsync deal with sparse files efficiently - lxc-create -t debian fails on ppc64el arch - c/r: fix typo in comment - cgroup: add new functions for interacting with hierachies - utils: add lxc_deslashify - c/r: pass --cgroup-roots on checkpoint - cgroup: get rid of weird hack in cgfsng_escape - cgroup: drop cgroup_canonical_path - c/r: check that cgroup_num_hierarchies > 0 - tools: do not add trailing spaces on lxc-ls -1 - conf: retrieve mtu from netdev->link - conf: try to retrieve mtu from veth - c/r: detatch from controlling tty on restore - Fix null derefence if attach is called without access to any tty - utils: fix lxc_string_split() - tools: lxc_deslashify() handle special cases - tests: add unit tests for lxc_deslashify() - Fix for ALTLinux container creation in all branches - utils: lxc_deslashify() free memory - Fix spelling of CentOS in the templates - Define LXC_DEVEL to detect development releases - tools: lxc-checkconfig conditionalize devpts check Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxc (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxc (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxc (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Changed in: lxc (Ubuntu) Status: New => Fix Released ** Also affects: lxc (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxc (Ubuntu Trusty) Status: New => Triaged ** Changed in: lxc (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxc (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxc (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1632144 Title: SRU of LXC 2.0.5 (upstream bugfix release) Status in lxc package i
[Group.of.nepali.translators] [Bug 1615099] Re: SRU of LXC 2.0.4 (upstream bugfix release)
** Changed in: lxc (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1615099 Title: SRU of LXC 2.0.4 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: Fix Released Status in lxc source package in Xenial: Fix Released Bug description: LXC upstream released LXC 2.0.4 as a bugfix release with following changelog: - core: Add a prefix to the lxc.pc - core: Add flag in mount_entry to skip NODEV in case of a persistent dev entry - core: Add missing cgroup namespace to ns_info struct - core: attach: setns instead of unshare in lxc-attach - core: bdev: Add subdirectories to search path - core: bdev: Be smarter about btrfs subvolume detection - core: cgfsng: Don't pre-calculate path - core: cgfsng: Fix is_lxcfs() and is_cgroupfs() - core: cgroups: Move cgroup files to common subfolder - core: conf: Set pty_info to NULL after free - core: Detect if we should send SIGRTMIN+3 - core: Replace readdir_r() with readdir() - core: Set up MTU for vlan-type interfaces. - core: tools, tests: Reorganize repo - c/r: Add support for CRIU's --action-script - c/r: Add support for ghost-limit in CRIU - c/r: Drop in-flight connections during CRIU dump - c/r: Initialize migrate_opts properly - c/r: Make local function static - c/r: Replace tmpnam() with mkstemp() - c/r: Store criu version - c/r: Use PRIu64 format specifier - doc: Fix typo found by lintian - doc: Update Japanese lxc-attach(1) - doc: Update lxc-attach(1) - lxc-attach: Add -f option (rcfile) - lxc-attach: Cleanup whitespaces - lxc-create: Add missing newline in output - lxc-ls: Use correct runtime path - templates: alpine: Add support for new arch - templates: alpine: Mount tmpfs under /run - templates: debian: Add more quotes to variables (at least $rootfs should now be covered) - templates: debian: Avoid noisy perl warnings caused by missing locales - templates: debian: fix regression when creating wheezy containers - templates: debian: Make shellcheck (Ubuntu: 0.3.7-5 amd64) most possible happy - tests: Add unit tests for lxc_string_in_array() - tests: Add unit tests for lxc_string_replace() Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1615099/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1615109] Re: SRU of LXCFS 2.0.3 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1615109 Title: SRU of LXCFS 2.0.3 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Fix Released Status in lxcfs source package in Xenial: Fix Released Bug description: LXCFS upstream released LXC 2.0.3 as a bugfix release with following changelog: - Skip empty entries under /proc/self/cgroup - Setup and use a minimal chroot and mount namespace for cgroup mounts - Code cleanup and minor refactoring Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1615109/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1632140] [NEW] SRU of LXCFS 2.0.4 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXCFS 2.0.4 as a bugfix release with following changelog: - Fix test_reload for lxcfs chroot - Virtualize more of the meminfo fields - pam: fix race in cgroup creation - meminfo: don't show negative swapfree - bindings: improve debugging - bindings: use openat fd for fstatat(), unlinkat() - bindings: close open fds on error - bindings: grant access to /var/lib/lxcfs - bindings: enable access to /var/lib/lxcfs/cgroup - bindings: allow access to /var/lib/lxcfs/proc - lxcfs, bindings: show "." and ".." dir entries - lxcfs: better fs behavior on /var/lib/lxcfs - bindings: non functional changes - bindings: set errno in pick_controller_from_path() - bindings: more consistent fs behavior - add pld linux support - don't use argv[0] in usage output - bindings: revert cgroup check - bindings: improve returned errnos - bindings: make rmdir behave more consistently - libtool: do not link lxcfs against liblxcfs - bindings, lxcfs: improve debugging - bindings: fix debug macro - autotools: add -avoid-version - bindings: restore original working directory - bindings: add function to check fs type - bindings: agnostic naming - bindings: use chroot() on ramfs - bindings: fix type weirdness with statfs f_type - bindings: make pivot_enter() contain all its code Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxcfs (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxcfs (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Changed in: lxcfs (Ubuntu) Status: New => Fix Released ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Trusty) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Description changed: - LXCFS upstream released LXC 2.0.4 as a bugfix release with following changelog: - - Fix test_reload for lxcfs chroot - - Virtualize more of the meminfo fields - - pam: fix race in cgroup creation - - meminfo: don't show negative swapfree - - bindings: improve debugging - - bindings: use openat fd for fstatat(), unlinkat() - - bindings: close open fds on error - - bindings: grant access to /var/lib/lxcfs - - bindings: enable access to /var/lib/lxcfs/cgroup - - bindings: allow access to /var/lib/lxcfs/proc - - lxcfs, bindings: show "." and ".." dir entries - - lxcfs: better fs behavior on /var/lib/lxcfs - - bindings: non functional changes - - bindings: set errno in pick_controller_from_path() - - bindings: more consistent fs behavior - - add pld linux support - - don't use argv[0] in usage output - - bindings: revert cgroup check - - bindings: improve returned errnos - - bindings: make rmdir behave more consistently - - libtool: do not link lxcfs against liblxcfs - - bindings, lxcfs: improve debugging - - bindings: fix debug macro - - autotools: add -avoid-version - - bindings: restore original working directory - - bindings: add function to check fs type - - bindings: agnostic naming - - bindings: use chroot() on ramfs - - bindings: fix type weirdness with statfs f_type - - bindings: make pivot_enter() contain all its code + LXCFS upstream released LXCFS 2.0.4 as a bugfix release with following changelog: + - Fix test_reload for lxcfs chroot + - Virtualize more of the meminfo fields + - pam: fix race in cgroup creation + - meminfo: don't show negative swapfree + - bindings: improve debugging + - bindings: use openat fd for fstatat(), unlinkat() + - bindings: close open fds on error
[Group.of.nepali.translators] [Bug 1621557] Re: Refresh go-lxc in Xenial for upcoming LXD stable release
** Patch added: "go-lxc.debdiff" https://bugs.launchpad.net/ubuntu/+source/golang-gopkg-lxc-go-lxc.v2/+bug/1621557/+attachment/4736970/+files/go-lxc.debdiff ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu) Status: New => Fix Released ** Also affects: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Status: New => In Progress ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: golang-gopkg-lxc-go-lxc.v2 (Ubuntu Xenial) Importance: Undecided => High -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1621557 Title: Refresh go-lxc in Xenial for upcoming LXD stable release Status in golang-gopkg-lxc-go-lxc.v2 package in Ubuntu: Fix Released Status in golang-gopkg-lxc-go-lxc.v2 source package in Xenial: In Progress Bug description: Hello, The next LXD stable release (2.0.5) will be depending on a couple of recent additions to the go-lxc package. Those additions export a few more flags from CRIU that liblxc support which allow fixing a large number of race conditions around live migration. So while those extra flags may count as features as far as go-lxc is concerned, they are needed for bugfixes to LXD. lxd is the only downstream user of go-lxc in the archive and those changes are perfectly backward compatible so out of archive packages will not break with this. The version we'd like to get in Xenial has now been in Yakkety for over a month. Changelog from 0.0~git20160405.0.85d46fc-0ubuntu2 to 0.0~git20160803.0.f8a6938-0ubuntu1: - BUGFIX: removed definition check at restore - BUGFIX: fixed restore from checkpoint (was always failing) - EXTRA FLAG: c/r: add support for liblxc's ghost_limit - EXTRA FLAG: c/r: add support for liblxc's action_script - BUGFIX: actually send the predump dir through - EXTRA FLAG: c/r: add support for lxc's preserves_inodes - CLEANUP: remove commented out code - BUGFIX: Silence go get warning Debdiff attached. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/golang-gopkg-lxc-go-lxc.v2/+bug/1621557/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1619767] Re: Session load command is broken
** Also affects: ltt-control (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: ltt-control (Ubuntu) Status: New => Fix Released ** Changed in: ltt-control (Ubuntu Trusty) Status: New => In Progress ** No longer affects: ltt-control (Ubuntu Trusty) ** Also affects: ltt-control (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: ltt-control (Ubuntu Xenial) Status: New => In Progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1619767 Title: Session load command is broken Status in ltt-control package in Ubuntu: Fix Released Status in ltt-control source package in Xenial: In Progress Bug description: [Impact] Loading a saved lttng session is currently impossible because of a missing file in the package. Trying to load a session results in the following error: root@session:~# lttng load toto I/O warning : failed to load external entity "/usr/share/xml/lttng/session.xsd" XML Error: Failed to locate the main schema resource at '/usr/share/xml/lttng/session.xsd'. Error: XSD parsing failed Error: Invalid session configuration [Test Case] * Install lttng apt-get install lttng-tools * Create, save and delete a session lttng create mysession lttng enable-event -u -a lttng save mysession lttng destroy mysession * Load the saved session lttng load mysession * Loading the session should succeed. [Regression Potential] * Regression is very unlikely, we are only adding a missing file to the package. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ltt-control/+bug/1619767/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1615109] [NEW] SRU of LXCFS 2.0.3 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXC 2.0.3 as a bugfix release with following changelog: - Skip empty entries under /proc/self/cgroup - Setup and use a minimal chroot and mount namespace for cgroup mounts - Code cleanup and minor refactoring Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxcfs (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxcfs (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Changed in: lxcfs (Ubuntu) Status: New => Fix Released ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu Trusty) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Xenial) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1615109 Title: SRU of LXCFS 2.0.3 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Triaged Status in lxcfs source package in Xenial: Triaged Bug description: LXCFS upstream released LXC 2.0.3 as a bugfix release with following changelog: - Skip empty entries under /proc/self/cgroup - Setup and use a minimal chroot and mount namespace for cgroup mounts - Code cleanup and minor refactoring Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1615109/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1597544] Re: SRU of LXD 2.0.3 (upstream bugfix release)
** Changed in: lxd (Ubuntu Trusty) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1597544 Title: SRU of LXD 2.0.3 (upstream bugfix release) Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Trusty: Fix Released Status in lxd source package in Xenial: New Bug description: LXD upstream released LXC 2.0.1 as a bugfix release with following changelog: - extras: Better bash completion coverage - client/delete: Allow -f as a shortcut of --force - client/info: Include the certificate fingerprint in server info (Issue #2098) - client/info: Show remote in the --show-log example provided on error - core: Add squashfs support as needed by newer Ubuntu images - core: Tweak TLS cipher list a bit to allow browsers to talk to LXD (Issue #2034) - daemon/container: Setup /dev/fuse by default - client: Better handle connection errors - client: Check all alias args to support subcommand aliases (Issue #2095) - client/file: Don't modify file permissions on edit - client/image: Use the daemon provided fingerprint on image copy (Issue #2162) - client: Normalize the URLs in the client (Issue #2112) - client/remote: Fix a panic in 'remote add' (Issue #2089) - client/remote: Fix parsing of : - core: Better handle PEM decoding errors (Issue #2119) - core: Check for zero byte send in ReaderToChannel (Issue #2072) - core: Fix a concurrent websocket write crash - core: Use default buffer size for WebsocketUpgrader - daemon: Add missing linebreak to lxd help - daemon/api: Set Location on sync POST requests (Issue #2092) - daemon/btrfs: Fix failure to restore on btrfs (Issue #2058) - daemon/certificate: Fail to add an existing certificate - daemon/config: Allow "none" as compression algorithm (regression fix) - daemon/container: Add target path to rootfs tarball in image export (Issue #1980) - daemon/container: Better handle bind mounts - daemon/container: GET of a nonexistent file now 404s (Issue #2059) - daemon/container: Make devices cgroup config more readable - daemon/containers: Improve error message on disk setup failure - daemon/container: Use defer to undo changes on failed update - daemon/db: Don't try to chmod zfs.img when testing db upgrades - daemon/db: Don't try to update /var/lib/lxd/containers in go tests - daemon/init: Actually unset the storage keys - daemon/lvm: Don't call lvextend with recent LVM versions - daemon/migration: Setup some buffering for zfs/btrfs send - daemon/migration: Simplify checkpoint/restore code everywhere - daemon/migration: switch to the new LXC migrate API - daemon/zfs: Improve block device detection - daemon/zfs: Mount if not mounted (Issue #1888) - doc: Clarify ZFS snapshot shortcomings (Issue #2055) - doc: Drop JSON example from configuration.md - doc: Fix certificates JSON examples to cover all fields - doc: Fix typo in "unix-block" description - doc: Improve shared folder documentation (README) (Issue #2123) - lxd/patches: Add support for one-time patches (separate from DB schema updates) - Makefile: go get has become worse, now need 3 runs - Makefile: Update repository URL for xgettext-go - migration: Consolidate error handling - test: 201 is a valid return code for alias creation - test: Add a test for ReaderToChannel - test: Add test for "lxc file edit" target file owner and permission Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1597544/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : ht
[Group.of.nepali.translators] [Bug 1582891] Re: SRU of LXD 2.0.1 (upstream bugfix release)
** Changed in: lxd (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1582891 Title: SRU of LXD 2.0.1 (upstream bugfix release) Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Trusty: Fix Released Status in lxd source package in Xenial: Fix Released Bug description: LXD upstream released LXC 2.0.1 as a bugfix release with following changelog: - Don't fail to start when shmounts can't be mounted, instead fail container startup - Invalidate the simplestreams cache on proxy change - Write the container's config file on start to the log path directly - Fix crash in list due to empty responses (Issue #1903) - Fail when removing non-existent profiles (Issue #1886) - Document --alias to image import (Issue #1900) - Fix "lxc start" and "lxc stop" options (stateful/stateless) - Give better error on invalid source stream (simplestreams) - Add basic REST API usage example to README.md - Fix typo in lxc stop --help - Convert lxc-to-lxd to stable supported pylxd API (Issue #1901) - Properly log image update failures - Better validate and rollback bad images (Issue #1913) - Send operation return value through SmartError - Fix basic filtering in lxc list (Issue #1917) - Tell the user how to launch a container on first start (Issue #1931) - Redirect "remote" to "remote:" when not conflicting (Issue #1931) - Don't load the LXC config for snapshots (Issue #1935) - list: Allow filtering by unset key (Issue #1917) - Fix example in lxc launch - Update Japanese translation and other po files - Fall back to cpuset.cpus on older kernels (Issue #1929) - Properly validate the server configuration keys (Issue #1939) - Fix daemonConfig handling of storage - Don't remove config file on forkmigrate - Fix config handling following config validation change - Fixed Markdown syntax in documentation - Don't fail early when removing disks (Issue #1964) - Don't recursively delete devices - Don't fail when some unix devices fail to be deleted - Use the same config checks for unix-char and unix-block - Allow removing when fs object no longer exists (Issue #1967) - Do proper logfile expiry (Issue #1966) - Make logging a bit more consistent - Don't ignore zfs errors - Properly update the mode, uid and gid on existing files (Issue #1975) - Detect invalid certificate files (Issue #1977) - Fix broken apparmor status check - Allow on/off as boolean strings - Properly validate the container configuration keys (Issue #1940) - Don't mask rsync transfer errors - Move execPath to a global variable - Use custom netcat instead of nc -U for rsync over websocket (Issue #1944) - Fix wrong state dir path in migration - Don't fail deleting images when the storage delete fails - Improve messages in the Japanese translation - Add more checks for the criu binary - Rework (live) migration tests - Make it explicit in documentation that devices on create are optional - Properly record the source of all image copies (Issue #2010) - Don't mark containers as ERROR while being created (Issue #1988) - Cleanup events sent for operations (Issue #1992) - Fix ZFS refcounting issues (Issue #1916 and Issue #2013) - Propagate snapshot config when copying a snapshot (Issue #2017) - Implement lxc config show for snapshots - Add Unix socket example to REST API usage. Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty-backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1582891/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1597544] [NEW] SRU of LXD 2.0.3 (upstream bugfix release)
Public bug reported: LXD upstream released LXC 2.0.1 as a bugfix release with following changelog: - extras: Better bash completion coverage - client/delete: Allow -f as a shortcut of --force - client/info: Include the certificate fingerprint in server info (Issue #2098) - client/info: Show remote in the --show-log example provided on error - core: Add squashfs support as needed by newer Ubuntu images - core: Tweak TLS cipher list a bit to allow browsers to talk to LXD (Issue #2034) - daemon/container: Setup /dev/fuse by default - client: Better handle connection errors - client: Check all alias args to support subcommand aliases (Issue #2095) - client/file: Don't modify file permissions on edit - client/image: Use the daemon provided fingerprint on image copy (Issue #2162) - client: Normalize the URLs in the client (Issue #2112) - client/remote: Fix a panic in 'remote add' (Issue #2089) - client/remote: Fix parsing of : - core: Better handle PEM decoding errors (Issue #2119) - core: Check for zero byte send in ReaderToChannel (Issue #2072) - core: Fix a concurrent websocket write crash - core: Use default buffer size for WebsocketUpgrader - daemon: Add missing linebreak to lxd help - daemon/api: Set Location on sync POST requests (Issue #2092) - daemon/btrfs: Fix failure to restore on btrfs (Issue #2058) - daemon/certificate: Fail to add an existing certificate - daemon/config: Allow "none" as compression algorithm (regression fix) - daemon/container: Add target path to rootfs tarball in image export (Issue #1980) - daemon/container: Better handle bind mounts - daemon/container: GET of a nonexistent file now 404s (Issue #2059) - daemon/container: Make devices cgroup config more readable - daemon/containers: Improve error message on disk setup failure - daemon/container: Use defer to undo changes on failed update - daemon/db: Don't try to chmod zfs.img when testing db upgrades - daemon/db: Don't try to update /var/lib/lxd/containers in go tests - daemon/init: Actually unset the storage keys - daemon/lvm: Don't call lvextend with recent LVM versions - daemon/migration: Setup some buffering for zfs/btrfs send - daemon/migration: Simplify checkpoint/restore code everywhere - daemon/migration: switch to the new LXC migrate API - daemon/zfs: Improve block device detection - daemon/zfs: Mount if not mounted (Issue #1888) - doc: Clarify ZFS snapshot shortcomings (Issue #2055) - doc: Drop JSON example from configuration.md - doc: Fix certificates JSON examples to cover all fields - doc: Fix typo in "unix-block" description - doc: Improve shared folder documentation (README) (Issue #2123) - lxd/patches: Add support for one-time patches (separate from DB schema updates) - Makefile: go get has become worse, now need 3 runs - Makefile: Update repository URL for xgettext-go - migration: Consolidate error handling - test: 201 is a valid return code for alias creation - test: Add a test for ReaderToChannel - test: Add test for "lxc file edit" target file owner and permission Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1597544 Title: SRU of LXD 2.0.3 (upstream bugfix release) Status in lxd package in Ubuntu: Fix Released Status in lxd source package in Trusty: New Status in lxd source package in Xenial: New Bug description: LXD upstream released LXC 2.0.1 as
[Group.of.nepali.translators] [Bug 1597523] Re: SRU of LXC 2.0.13(upstream bugfix release)
** Changed in: lxc (Ubuntu Trusty) Status: New => Fix Released ** Summary changed: - SRU of LXC 2.0.13(upstream bugfix release) + SRU of LXC 2.0.3 (upstream bugfix release) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1597523 Title: SRU of LXC 2.0.3 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: Fix Released Status in lxc source package in Xenial: New Bug description: LXC upstream released LXC 2.0.2 & 2.0.3 as bugfix releases with following changelog: - apparmor: Refresh generated file - apparmor: add make-rslave to usr.bin.lxc-start - apparmor: Allow bind-mounts and {r}shared/{r}private - apparmor: allow mount move - apparmor: Update mount states handling - core: Drop lxc-devsetup as unneeded by current autodev - core: Fix redefinition of struct in6_addr - core: Include all lxcmntent.h function declarations on Bionic - c/r: c/r: use criu's "full" mode for cgroups - systemd: start containers in foreground when using the lxc@.service - templates: debian: Make sure init is installed - templates: oracle: Fix console login - templates: plamo: Fix various issues - templates: ubuntu: Install apt-transport-https by default - travis: ensure 'make install' doesn't fail - travis: test VPATH builds - upstart: Force lxc-instance to behave like a good Upstart client Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1597523/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1582889] Re: SRU of LXCFS 2.0.1 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1582889 Title: SRU of LXCFS 2.0.1 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Fix Released Status in lxcfs source package in Xenial: Fix Released Bug description: LXCFS upstream released LXC 2.0.1 as a bugfix release with following changelog: - Fix cpuinfo on s390x. - Use recursive cgroup values in diskstats. - Allow traversal (rx) to controller directories. - Fix do_mount_cgroups() crash on failure. - Better error handling in a number of path processing functions. - Better error handling in swap calculation. Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty-backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1582889/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1582887] Re: SRU of LXC 2.0.1 (upstream bugfix release)
** Changed in: lxc (Ubuntu Trusty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1582887 Title: SRU of LXC 2.0.1 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: Fix Released Status in lxc source package in Xenial: Fix Released Bug description: LXC upstream released LXC 2.0.1 as a bugfix release with following changelog: - apparmor: Also allow fstype=fuse for fuse filesystems - attach: adapt lxc-attach tests & add test for pty logging - attach: don't fail attach on failure to setup a SIGWINCH handler. - attach: fix a variety of lxc-attach pts handling issues - attach: switch console pty to raw mode (fixes ncurses-based programs) - attach: use raw settings of ssh for pty - bindings: fixed python-lxc reference to var before assignment in create() - bindings: set PyErr when Container.__init__ fails - cgfsng: defer to cgfs if needed subsystems are not available - cgfsng: don't require that systemd subsystem be mounted - core: Added missing type to keys in lxc_list_nicconfigs - core: Allow configuration file values to be quoted - core: log: remove duplicate definitons and bump buffer size - core: sync: properly fail on unexpected message sizes - core: Unshare netns after setting the userns mappings (fixes ownership of /proc/net) - core: various fixes as reported by static analysis - c/r: add an option to use faster inotify support in CRIU - c/r: rearrange things to pass struct migrate_opts all the way down - doc: ignore temporary files generated by doxygen - doc: tweak manpage generation date to be compatible with reproducible builds - doc: update MAINTAINERS - doc: update to translated manpages - init: add missing lsb headers to sysvinit scripts - init: don't make sysv init scripts dependant on distribution specifics - init: drop obsolete syslog.target from lxc.service.in - lxc-attach: add logging option to manpage - lxc-checkconfig: better render when stdout isn't a terminal - lxc-create: fix -B best option - lxc-destroy: avoid double print - lxc-ls: use fewer syscalls when doing ipc - templates: Add apt-transport-https to minbase variant of Ubuntu template - templates: fix a typo in the capabilities name for Gentoo (sys_resource) - templates: logic fix in the Centos template for RHEL7+ support - templates: tweak Alpine DHCP configuration to send its hostname - templates: tweak to network configuration of the Oracle template Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty-backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1582887/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1597493] Re: SRU of LXCFS 2.0.2 (upstream bugfix release)
** Changed in: lxcfs (Ubuntu Trusty) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1597493 Title: SRU of LXCFS 2.0.2 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Fix Released Status in lxcfs source package in Xenial: Fix Committed Bug description: LXCFS upstream released LXC 2.0.2 as a bugfix release with following changelog: - Don't build pam/ when --with-pamdir=none - libpam_cgfs: Don't create new path if we are under /user.slice/user-$uid.slice Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1597493/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1597523] [NEW] SRU of LXC 2.0.13(upstream bugfix release)
Public bug reported: LXC upstream released LXC 2.0.2 & 2.0.3 as bugfix releases with following changelog: - apparmor: Refresh generated file - apparmor: add make-rslave to usr.bin.lxc-start - apparmor: Allow bind-mounts and {r}shared/{r}private - apparmor: allow mount move - apparmor: Update mount states handling - core: Drop lxc-devsetup as unneeded by current autodev - core: Fix redefinition of struct in6_addr - core: Include all lxcmntent.h function declarations on Bionic - c/r: c/r: use criu's "full" mode for cgroups - systemd: start containers in foreground when using the lxc@.service - templates: debian: Make sure init is installed - templates: oracle: Fix console login - templates: plamo: Fix various issues - templates: ubuntu: Install apt-transport-https by default - travis: ensure 'make install' doesn't fail - travis: test VPATH builds - upstart: Force lxc-instance to behave like a good Upstart client Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxc (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxc (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: lxc (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxc (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1597523 Title: SRU of LXC 2.0.13(upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: New Status in lxc source package in Xenial: New Bug description: LXC upstream released LXC 2.0.2 & 2.0.3 as bugfix releases with following changelog: - apparmor: Refresh generated file - apparmor: add make-rslave to usr.bin.lxc-start - apparmor: Allow bind-mounts and {r}shared/{r}private - apparmor: allow mount move - apparmor: Update mount states handling - core: Drop lxc-devsetup as unneeded by current autodev - core: Fix redefinition of struct in6_addr - core: Include all lxcmntent.h function declarations on Bionic - c/r: c/r: use criu's "full" mode for cgroups - systemd: start containers in foreground when using the lxc@.service - templates: debian: Make sure init is installed - templates: oracle: Fix console login - templates: plamo: Fix various issues - templates: ubuntu: Install apt-transport-https by default - travis: ensure 'make install' doesn't fail - travis: test VPATH builds - upstart: Force lxc-instance to behave like a good Upstart client Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1597523/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1597493] [NEW] SRU of LXCFS 2.0.2 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXC 2.0.2 as a bugfix release with following changelog: - Don't build pam/ when --with-pamdir=none - libpam_cgfs: Don't create new path if we are under /user.slice/user-$uid.slice Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu) Status: New => Fix Released ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1597493 Title: SRU of LXCFS 2.0.2 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: New Status in lxcfs source package in Xenial: New Bug description: LXCFS upstream released LXC 2.0.2 as a bugfix release with following changelog: - Don't build pam/ when --with-pamdir=none - libpam_cgfs: Don't create new path if we are under /user.slice/user-$uid.slice Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty- backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1597493/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1582889] [NEW] SRU of LXCFS 2.0.1 (upstream bugfix release)
Public bug reported: LXCFS upstream released LXC 2.0.1 as a bugfix release with following changelog: - Fix cpuinfo on s390x. - Use recursive cgroup values in diskstats. - Allow traversal (rx) to controller directories. - Fix do_mount_cgroups() crash on failure. - Better error handling in a number of path processing functions. - Better error handling in swap calculation. Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty-backports as well, making sure we have the same version everywhere. ** Affects: lxcfs (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxcfs (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxcfs (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxcfs (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxcfs (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu) Status: New => Fix Released ** Changed in: lxcfs (Ubuntu Trusty) Status: New => Triaged ** Changed in: lxcfs (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxcfs (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxcfs (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1582889 Title: SRU of LXCFS 2.0.1 (upstream bugfix release) Status in lxcfs package in Ubuntu: Fix Released Status in lxcfs source package in Trusty: Triaged Status in lxcfs source package in Xenial: In Progress Bug description: LXCFS upstream released LXC 2.0.1 as a bugfix release with following changelog: - Fix cpuinfo on s390x. - Use recursive cgroup values in diskstats. - Allow traversal (rx) to controller directories. - Fix do_mount_cgroups() crash on failure. - Better error handling in a number of path processing functions. - Better error handling in swap calculation. Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty-backports as well, making sure we have the same version everywhere. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1582889/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1582891] [NEW] SRU of LXD 2.0.1 (upstream bugfix release)
Public bug reported: LXD upstream released LXC 2.0.1 as a bugfix release with following changelog: - Don't fail to start when shmounts can't be mounted, instead fail container startup - Invalidate the simplestreams cache on proxy change - Write the container's config file on start to the log path directly - Fix crash in list due to empty responses (Issue #1903) - Fail when removing non-existent profiles (Issue #1886) - Document --alias to image import (Issue #1900) - Fix "lxc start" and "lxc stop" options (stateful/stateless) - Give better error on invalid source stream (simplestreams) - Add basic REST API usage example to README.md - Fix typo in lxc stop --help - Convert lxc-to-lxd to stable supported pylxd API (Issue #1901) - Properly log image update failures - Better validate and rollback bad images (Issue #1913) - Send operation return value through SmartError - Fix basic filtering in lxc list (Issue #1917) - Tell the user how to launch a container on first start (Issue #1931) - Redirect "remote" to "remote:" when not conflicting (Issue #1931) - Don't load the LXC config for snapshots (Issue #1935) - list: Allow filtering by unset key (Issue #1917) - Fix example in lxc launch - Update Japanese translation and other po files - Fall back to cpuset.cpus on older kernels (Issue #1929) - Properly validate the server configuration keys (Issue #1939) - Fix daemonConfig handling of storage - Don't remove config file on forkmigrate - Fix config handling following config validation change - Fixed Markdown syntax in documentation - Don't fail early when removing disks (Issue #1964) - Don't recursively delete devices - Don't fail when some unix devices fail to be deleted - Use the same config checks for unix-char and unix-block - Allow removing when fs object no longer exists (Issue #1967) - Do proper logfile expiry (Issue #1966) - Make logging a bit more consistent - Don't ignore zfs errors - Properly update the mode, uid and gid on existing files (Issue #1975) - Detect invalid certificate files (Issue #1977) - Fix broken apparmor status check - Allow on/off as boolean strings - Properly validate the container configuration keys (Issue #1940) - Don't mask rsync transfer errors - Move execPath to a global variable - Use custom netcat instead of nc -U for rsync over websocket (Issue #1944) - Fix wrong state dir path in migration - Don't fail deleting images when the storage delete fails - Improve messages in the Japanese translation - Add more checks for the criu binary - Rework (live) migration tests - Make it explicit in documentation that devices on create are optional - Properly record the source of all image copies (Issue #2010) - Don't mark containers as ERROR while being created (Issue #1988) - Cleanup events sent for operations (Issue #1992) - Fix ZFS refcounting issues (Issue #1916 and Issue #2013) - Propagate snapshot config when copying a snapshot (Issue #2017) - Implement lxc config show for snapshots - Add Unix socket example to REST API usage. Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty-backports as well, making sure we have the same version everywhere. ** Affects: lxd (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxd (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxd (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxd (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxd (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu) Status: New => Fix Released ** Changed in: lxd (Ubuntu Trusty) Status: New => Triaged ** Changed in: lxd (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxd (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxd (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, whic
[Group.of.nepali.translators] [Bug 1582887] [NEW] SRU of LXC 2.0.1 (upstream bugfix release)
Public bug reported: LXC upstream released LXC 2.0.1 as a bugfix release with following changelog: - apparmor: Also allow fstype=fuse for fuse filesystems - attach: adapt lxc-attach tests & add test for pty logging - attach: don't fail attach on failure to setup a SIGWINCH handler. - attach: fix a variety of lxc-attach pts handling issues - attach: switch console pty to raw mode (fixes ncurses-based programs) - attach: use raw settings of ssh for pty - bindings: fixed python-lxc reference to var before assignment in create() - bindings: set PyErr when Container.__init__ fails - cgfsng: defer to cgfs if needed subsystems are not available - cgfsng: don't require that systemd subsystem be mounted - core: Added missing type to keys in lxc_list_nicconfigs - core: Allow configuration file values to be quoted - core: log: remove duplicate definitons and bump buffer size - core: sync: properly fail on unexpected message sizes - core: Unshare netns after setting the userns mappings (fixes ownership of /proc/net) - core: various fixes as reported by static analysis - c/r: add an option to use faster inotify support in CRIU - c/r: rearrange things to pass struct migrate_opts all the way down - doc: ignore temporary files generated by doxygen - doc: tweak manpage generation date to be compatible with reproducible builds - doc: update MAINTAINERS - doc: update to translated manpages - init: add missing lsb headers to sysvinit scripts - init: don't make sysv init scripts dependant on distribution specifics - init: drop obsolete syslog.target from lxc.service.in - lxc-attach: add logging option to manpage - lxc-checkconfig: better render when stdout isn't a terminal - lxc-create: fix -B best option - lxc-destroy: avoid double print - lxc-ls: use fewer syscalls when doing ipc - templates: Add apt-transport-https to minbase variant of Ubuntu template - templates: fix a typo in the capabilities name for Gentoo (sys_resource) - templates: logic fix in the Centos template for RHEL7+ support - templates: tweak Alpine DHCP configuration to send its hostname - templates: tweak to network configuration of the Oracle template Just like Ubuntu itself, upstream releases long term support releases, as is 2.0 and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This bugfix release has already been uploaded to Yakkety and automatically backported in the upstream PPAs for all Ubuntu releases. So far without any reported regression. This should qualify under the minor upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. Once the SRU hits -updates, we will be backporting this to trusty-backports as well, making sure we have the same version everywhere. ** Affects: lxc (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: lxc (Ubuntu Trusty) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: Triaged ** Affects: lxc (Ubuntu Xenial) Importance: Undecided Assignee: Stéphane Graber (stgraber) Status: In Progress ** Also affects: lxc (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: lxc (Ubuntu) Status: New => Fix Released ** Changed in: lxc (Ubuntu Trusty) Status: New => In Progress ** Changed in: lxc (Ubuntu Trusty) Status: In Progress => Triaged ** Changed in: lxc (Ubuntu Xenial) Status: New => In Progress ** Changed in: lxc (Ubuntu Trusty) Assignee: (unassigned) => Stéphane Graber (stgraber) ** Changed in: lxc (Ubuntu Xenial) Assignee: (unassigned) => Stéphane Graber (stgraber) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1582887 Title: SRU of LXC 2.0.1 (upstream bugfix release) Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: Triaged Status in lxc source package in Xenial: In Progress Bug description: LXC upstream released LXC 2.0.1 as a bugfix release with following changelog: - apparmor: Also allow fstype=fuse for fuse filesystems - attach: adapt lxc-attach tests & add test for pty logging - attach: don't fail attach on failure to setup a SIGWINCH handler. - attach: fix a variety of lxc-attach pts handling issues - attach: switch console pty to raw mode (fixes ncurses-based programs) - attach: use raw settings of ssh for pty - bindings: fixed python-lxc reference to var before assignment in create()