[Bug 2067900] Re: apparmor unconfined profile blocks pivot_root
We have another problem which disappears when I revert
dc757a645cfa82f6ac252365df20a36a9ff82760 ("UBUNTU: SAUCE: apparmor4.0.0
[81/90]: apparmor: convert easy uses of unconfined() to
label_mediates()") commit.
Now it is not connected with unconfined profiles at all, it involves Ubuntu
Noble (host) + LXD (any version) + Ubuntu 12.04 container. And that container
fails to get an IPv4 address using dhcp client with the following error:
dhclient3 eth0
RTNETLINK answers: Operation not permitted
RTNETLINK answers: Operation not permitted
On the host side we can see a following AppArmor denial:
Sep 05 12:01:09 kernel: audit: type=1400 audit(1725534069.603:228):
apparmor="DENIED" operation="capable" class="cap"
namespace="root//lxd-c1_" profile="/sbin/dhclient" pid=28122
comm="ip" capability=12 capname="net_admin"
Precisely the same user space works well with upstream kernels 6.8.12
and 6.11.0-rc7. But fails on 6.8.12-based Ubuntu Noble's kernel.
Reverting of dc757a645cfa82f6ac252365df20a36a9ff82760 makes things to
work again.
Reproducer is as simple as lxc launch ubuntu:12.04 myct and check if
myct gets an IPv4 address (it won't).
External link: https://discourse.ubuntu.com/t/containers-with-
ubuntu-12-04-5-lts-are-not-getting-ipv4s-anymore
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067900
Title:
apparmor unconfined profile blocks pivot_root
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/2067900/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064176] Re: LXD fan bridge causes blocked tasks
v2 submitted https://lists.ubuntu.com/archives/kernel- team/2024-September/153551.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064176 Title: LXD fan bridge causes blocked tasks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2064176/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064176] Re: LXD fan bridge causes blocked tasks
** Description changed: + SRU Justification: + + [Impact] + + User can trigger a host crash on Jammy/Noble by launching + a container which uses Ubuntu FAN network in LXD. + + [Fix] + + A first proposed patch fixes RCU locking by releasing rcu_read_lock + on the skb discard codepath. + + Second patch just use a proper way (dev_core_stats_tx_dropped_inc() function) + to increase netdev's tx_dropped statistic value. + + [Test Plan] + + As provided by Max Asnaashari: + + # Install LXD from channel latest/stable + snap install lxd --channel latest/stable + + # Configure LXD + lxd init --auto + + # Create a FAN network + lxc network create lxdfan0 bridge.mode=fan ipv4.nat=true + + # Launch a container using the FAN network + lxc launch ubuntu-minimal:22.04 c1 --network lxdfan0 + + # Try to interact with LXD + lxc ls + + [Where problems could occur] + + Change is local and only related to Ubuntu FAN code. I would not expect + any problems with this patchset. + Hi, cross posting this from https://github.com/canonical/lxd/issues/12161 I've got a lxd cluster running across 3 VMs using the fan bridge. I'm using a dev revision of LXD based on 6413a948. Creating a container causes the trace in the attached syslog snippet; this causes the container creation process to hang indefinitely. ssh logins, `lxc shell cluster1`, and `ps -aux` also hang. Apr 29 17:15:01 cluster1 kernel: [ 161.250951] [ cut here ] Apr 29 17:15:01 cluster1 kernel: [ 161.250957] Voluntary context switch within RCU read-side critical section! Apr 29 17:15:01 cluster1 kernel: [ 161.250990] WARNING: CPU: 2 PID: 510 at kernel/rcu/tree_plugin.h:320 rcu_note_context_switch+0x2a7/0x2f0 Apr 29 17:15:01 cluster1 kernel: [ 161.251003] Modules linked in: nft_masq nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 vxlan ip6_udp_tunnel udp_tunnel dummy br idge stp llc zfs(PO) spl(O) nf_tables libcrc32c nfnetlink vhost_vsock vhost vhost_iotlb binfmt_misc nls_iso8859_1 intel_rapl_msr intel_rapl_common kvm_intel kvm irqbypass crct10dif _pclmul crc32_pclmul virtio_gpu polyval_clmulni polyval_generic ghash_clmulni_intel sha256_ssse3 sha1_ssse3 virtio_dma_buf aesni_intel vmw_vsock_virtio_transport 9pnet_virtio xhci_ pci drm_shmem_helper i2c_i801 ahci 9pnet vmw_vsock_virtio_transport_common xhci_pci_renesas drm_kms_helper libahci crypto_simd joydev virtio_input cryptd lpc_ich virtiofs i2c_smbus - vsock psmouse input_leds mac_hid serio_raw rapl qemu_fw_cfg vmgenid nfsd dm_multipath auth_rpcgss scsi_dh_rdac nfs_acl lockd scsi_dh_emc scsi_dh_alua grace sch_fq_codel drm sunrpc - efi_pstore virtio_rng ip_tables x_tables autofs4 + vsock psmouse input_leds mac_hid serio_raw rapl qemu_fw_cfg vmgenid nfsd dm_multipath auth_rpcgss scsi_dh_rdac nfs_acl lockd scsi_dh_emc scsi_dh_alua grace sch_fq_codel drm sunrpc + efi_pstore virtio_rng ip_tables x_tables autofs4 Apr 29 17:15:01 cluster1 kernel: [ 161.251085] CPU: 2 PID: 510 Comm: nmbd Tainted: P O 6.5.0-28-generic #29~22.04.1-Ubuntu Apr 29 17:15:01 cluster1 kernel: [ 161.251089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)/LXD, BIOS unknown 2/2/2022 Apr 29 17:15:01 cluster1 kernel: [ 161.251091] RIP: 0010:rcu_note_context_switch+0x2a7/0x2f0 Apr 29 17:15:01 cluster1 kernel: [ 161.251095] Code: 08 f0 83 44 24 fc 00 48 89 de 4c 89 f7 e8 d1 af ff ff e9 1e fe ff ff 48 c7 c7 d0 60 56 88 c6 05 e6 27 40 02 01 e8 79 b2 f2 ff <0f> 0b e9 bd fd ff ff a9 ff ff ff 7f 0f 84 75 fe ff ff 65 48 8b 3c Apr 29 17:15:01 cluster1 kernel: [ 161.251098] RSP: 0018:b9cbc11dbbc8 EFLAGS: 00010046 Apr 29 17:15:01 cluster1 kernel: [ 161.251101] RAX: RBX: 941ef7cb3f80 RCX: Apr 29 17:15:01 cluster1 kernel: [ 161.251103] RDX: RSI: RDI: Apr 29 17:15:01 cluster1 kernel: [ 161.251104] RBP: b9cbc11dbbe8 R08: R09: Apr 29 17:15:01 cluster1 kernel: [ 161.251106] R10: R11: R12: Apr 29 17:15:01 cluster1 kernel: [ 161.25] R13: 941d893e9980 R14: R15: 941d80ad7a80 Apr 29 17:15:01 cluster1 kernel: [ 161.251113] FS: 7c7dcbdb8a00() GS:941ef7c8() knlGS: Apr 29 17:15:01 cluster1 kernel: [ 161.251115] CS: 0010 DS: ES: CR0: 80050033 Apr 29 17:15:01 cluster1 kernel: [ 161.251117] CR2: 5a30877ae488 CR3: 000105888003 CR4: 00170ee0 Apr 29 17:15:01 cluster1 kernel: [ 161.251122] Call Trace: Apr 29 17:15:01 cluster1 kernel: [ 161.251128] Apr 29 17:15:01 cluster1 kernel: [ 161.251133] ? show_regs+0x6d/0x80 Apr 29 17:15:01 cluster1 kernel: [ 161.251145] ? __warn+0x89/0x160 Apr 29 17:15:01 cluster1 kernel: [ 161.251152] ? rcu_note_context_switch+0x2a7/0x2f0 Apr 29 17:15:01 cluster1 kernel: [ 161.251155]
[Bug 2064176] Re: LXD fan bridge causes blocked tasks
https://lists.ubuntu.com/archives/kernel-team/2024-September/153510.html ** Patch added: "0001-UBUNTU-SAUCE-fan-release-rcu_read_lock-on-skb-discar.patch" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2064176/+attachment/5814067/+files/0001-UBUNTU-SAUCE-fan-release-rcu_read_lock-on-skb-discar.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064176 Title: LXD fan bridge causes blocked tasks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2064176/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067900] Re: apparmor unconfined profile blocks pivot_root
AFAIK, fix was landed https://gitlab.com/apparmor/apparmor/-/commit/4bb134e4bb950a8c9a1f70a27eb2acd2a35df412 But changelog https://changelogs.ubuntu.com/changelogs/pool/main/a/apparmor/apparmor_4.0.1really4.0.0-beta3-0ubuntu0.1/changelog says that everything was reverted back to 4.0.0~beta. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067900 Title: apparmor unconfined profile blocks pivot_root To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/2067900/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2077413] Re: apparmor unconfined profile blocks signal sending
Hey Christian! thanks a lot for your fast reaction on this report! >In other words: this looks like normal and expected behaviour to me. You'll need to add a rule ok, that makes sense. >Note that abstractions/base allows signal (receive) peer=unconfined, - and "unconfined" does not match your profile name. but if we have this specific rule just for unconfined label, why we don't have analogical rule for profiles with flags=(unconfined)? Because this "unconfined" profile flag was presented as a drop-in replacement for an old unconfined label. Isn't it? The problem with your proposal of adding an extra rule in a profile is that, it's a painful for existing software to step from old "unconfined" label to a new "flags=(unconfined)" profile, because this will require revisiting and modification of many existing and stable apparmor profiles. Which is not acceptable. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2077413 Title: apparmor unconfined profile blocks signal sending To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/2077413/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2077413] Re: apparmor unconfined profile blocks signal sending
** Also affects: apparmor (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2077413 Title: apparmor unconfined profile blocks signal sending To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/2077413/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066148] Re: Ubuntu Noble lacks of CRIU package
Hey Dave! Thanks a lot for paying attention to this bug! >If we're going to introduce a delta on Debian, we should ensure things are forwarded so the delta can be resolved in time. To that end, the patches should have the Origin: or Forwarded: tag so we can track what's been forwarded and where. I have fixed that in the new debdiff. Now we have 4 patches and 3 of them are just from upstream and one of them contains proper reference to a commit from external repository. >It would be preferable to add this as the two original patches it's made of so that each patch can have a simple Fixed. >Likewise, Author: should be Radostin. I'm a little confused about the origin of this patch. The referenced bug (https://github.com/checkpoint- restore/criu/issues/2398) has quite a different resolution upstream to the content of this patch (https://github.com/checkpoint- restore/criu/pull/2413/files). I'm guessing the upstream resolution is more recent; does the patch need revising? Yeah, this was addressed in another way. Also fixed. >d/p/time-t-64bit-transition-fixes.patch: I'm assuming the Author: tag is correct here, as there's no other origin, but there's also no Forwarded: tag. Does this patch need forwarding upstream? Now it's just taken from upstream. >Finally, d/changelog currently references noble but I *suspect* this will need to go into oracular first and then be SRU'd to noble (I've requested clarification on #ubuntu-release, but I think this is the procedure when something's been absent for more than one release). I don't know. Because as far as I understand Oracular should just inherit CRIU package from a new version of Debian and it will likely have newer version of CRIU from upstream and so on. ** Changed in: criu (Ubuntu) Assignee: (unassigned) => Aleksandr Mikhalitsyn (mihalicyn) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066148 Title: Ubuntu Noble lacks of CRIU package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066148] Re: Ubuntu Noble lacks of CRIU package
New debdiff. Tested with: https://launchpad.net/~mihalicyn/+archive/ubuntu/criu-noble-test-rev2/+packages ** Patch removed: "deb.diff" https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+attachment/5780743/+files/deb.diff ** Patch added: "deb.diff" https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+attachment/5805458/+files/deb.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066148 Title: Ubuntu Noble lacks of CRIU package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046486] Re: units with credentials fail in LXD containers
>Ill need to check with mihalicyn if the fix relies on a thr lxd snap switching base to core24. no, but we need https://github.com/canonical/lxd-pkg-snap/pull/477 Full details: https://github.com/canonical/lxd/issues/13810#issuecomment-2253259452 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2046486 Title: units with credentials fail in LXD containers To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-images/+bug/2046486/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046486] Re: units with credentials fail in LXD containers
see also https://github.com/canonical/lxd/issues/13810 ** Changed in: lxd (Ubuntu) Status: Confirmed => Fix Committed ** Bug watch added: github.com/canonical/lxd/issues #13810 https://github.com/canonical/lxd/issues/13810 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2046486 Title: units with credentials fail in LXD containers To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-images/+bug/2046486/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046486] Re: units with credentials fail in LXD containers
https://github.com/canonical/lxd/pull/13820 ** Changed in: lxd (Ubuntu) Assignee: (unassigned) => Aleksandr Mikhalitsyn (mihalicyn) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2046486 Title: units with credentials fail in LXD containers To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-images/+bug/2046486/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067900] Re: apparmor unconfined profile blocks pivot_root
upstream discussion https://gitlab.com/apparmor/apparmor/-/merge_requests/1247 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067900 Title: apparmor unconfined profile blocks pivot_root To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/2067900/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067900] Re: apparmor unconfined profile blocks pivot_root
It looks like the same issue happens with "kill" syscall: Jul 01 15:52:45 kernel: audit: type=1400 audit(1719849165.951:291): apparmor="DENIED" operation="signal" class="signal" profile="lxd-v1_" pid=15369 comm="lxd" requested_mask="receive" denied_mask="receive" signal=kill peer="snap.lxd.daemon" this started to appear after LXD was enabled to use unconfined profile mode. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067900 Title: apparmor unconfined profile blocks pivot_root To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/2067900/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046486] Re: units with credentials fail in LXD containers
https://lore.kernel.org/all/20240628153712.288166-1-aleksandr.mikhalit...@canonical.com/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2046486 Title: units with credentials fail in LXD containers To manage notifications about this bug go to: https://bugs.launchpad.net/lxd/+bug/2046486/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2070048] Re: nvme-tcp: fix retry logic
** Description changed: SRU Justification [Impact] * Request to port some out-of-upstream-tree patches to fix NVMe over TCP request retry logic issues [Fix] * Port patches from LKML: https://lore.kernel.org/all/20230908100049.80809-1-h...@suse.de/ [Test Plan] * It was tested internally in LXD team using a custom kernel build (linux-hwe-6.5 - 6.5.0-41.41~22.04.2ubuntu1nvmefixes) for Jammy: https://launchpad.net/~mihalicyn/+archive/ubuntu/kernel-nvme-fixes/+packages * SUSE kernel has these patches applied for a long time: https://github.com/SUSE/kernel-source/blob/rpm-6.4.0-150600.21/patches.suse/nvme-tcp-do-not-terminate-commands-when-in-resetting.patch https://github.com/SUSE/kernel-source/blob/rpm-6.4.0-150600.21/patches.suse/nvme-tcp-add-recovery_delay-to-sysfs.patch https://github.com/SUSE/kernel-source/blob/rpm-6.4.0-150600.21/patches.suse/nvme-tcp-delay-error-recovery-until-the-next-kato.patch https://github.com/SUSE/kernel-source/blob/rpm-6.4.0-150600.21/patches.suse/nvme-tcp-make-err_work-a-delayed-work.patch [Regression potential] * Limited to nvme-tcp block driver only [Other Info] Internal BugLink: https://warthogs.atlassian.net/browse/LXD-1120 + + Related LXD feature: + https://github.com/canonical/lxd/pull/12304 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2070048 Title: nvme-tcp: fix retry logic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2070048/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046486] Re: units with credentials fail in LXD containers
Hopefully, this will be fixed by https://github.com/canonical/lxd/pull/13681 I think we need some help with validation/review and testing. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2046486 Title: units with credentials fail in LXD containers To manage notifications about this bug go to: https://bugs.launchpad.net/lxd/+bug/2046486/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2070048] Re: nvme-tcp: fix retry logic
Have just sent patches for Unstable/Oracular tree: https://lists.ubuntu.com/archives/kernel-team/2024-June/151662.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2070048 Title: nvme-tcp: fix retry logic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2070048/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2070048] Re: nvme-tcp: fix retry logic
** Changed in: ubuntu Assignee: (unassigned) => Aleksandr Mikhalitsyn (mihalicyn) ** Package changed: ubuntu => linux (Ubuntu) ** Changed in: linux (Ubuntu) Status: Confirmed => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2070048 Title: nvme-tcp: fix retry logic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2070048/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2070048] [NEW] nvme-tcp: fix retry logic
Public bug reported: SRU Justification [Impact] * Request to port some out-of-upstream-tree patches to fix NVMe over TCP request retry logic issues [Fix] * Port patches from LKML: https://lore.kernel.org/all/20230908100049.80809-1-h...@suse.de/ [Test Plan] * It was tested internally in LXD team using a custom kernel build (linux-hwe-6.5 - 6.5.0-41.41~22.04.2ubuntu1nvmefixes) for Jammy: https://launchpad.net/~mihalicyn/+archive/ubuntu/kernel-nvme-fixes/+packages * SUSE kernel has these patches applied for a long time: https://github.com/SUSE/kernel-source/blob/rpm-6.4.0-150600.21/patches.suse/nvme-tcp-do-not-terminate-commands-when-in-resetting.patch https://github.com/SUSE/kernel-source/blob/rpm-6.4.0-150600.21/patches.suse/nvme-tcp-add-recovery_delay-to-sysfs.patch https://github.com/SUSE/kernel-source/blob/rpm-6.4.0-150600.21/patches.suse/nvme-tcp-delay-error-recovery-until-the-next-kato.patch https://github.com/SUSE/kernel-source/blob/rpm-6.4.0-150600.21/patches.suse/nvme-tcp-make-err_work-a-delayed-work.patch [Regression potential] * Limited to nvme-tcp block driver only [Other Info] Internal BugLink: https://warthogs.atlassian.net/browse/LXD-1120 ** Affects: ubuntu Importance: Undecided Assignee: Aleksandr Mikhalitsyn (mihalicyn) Status: Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2070048 Title: nvme-tcp: fix retry logic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2070048/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064144] Re: lxc ships apparmor config that confuses aa-logprof
If I understand correctly, a proper replacement for
mount options=(rw,make-unbindable) -> **,
is
mount options=(rw,make-unbindable) -> /{,**},
It turned out that replacing it with:
mount options=(rw,make-unbindable) -> /**,
does not work properly and restricts anything on /
(see also https://github.com/lxc/lxc/pull/4456 )
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064144
Title:
lxc ships apparmor config that confuses aa-logprof
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/2064144/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064144] Re: lxc ships apparmor config that confuses aa-logprof
JFYI: https://github.com/lxc/lxc/pull/4452 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064144 Title: lxc ships apparmor config that confuses aa-logprof To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/2064144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062176] Re: Cannot launch armhf containers on arm64 host under noble
Another reproducer:
# cat test2.c
#include
#include
void *threadfn(void *ptr)
{
return NULL;
}
int main(int argc, char **argv)
{
pthread_t thread;
pthread_create(&thread, NULL, &threadfn, NULL);
pthread_join(thread, NULL);
return 0;
}
# arm-linux-gnueabihf-gcc -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 -static
test2.c
# strace -n -f /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.3 ./a.out
...
[pid 3205] [ 338] set_robust_list(0xf7b3180c, 12
[pid 3204] [ 240] <... futex resumed>) = -1 ENOSYS (Function not
implemented)
BOOM!
[pid 3205] [ 338] <... set_robust_list resumed>) = 0
[pid 3204] [ 146] writev(2, [{iov_base="The futex facility returned an u"...,
iov_len=54}], 1The futex facility returned an unexpected error code.
[pid 3205] [ 175] rt_sigprocmask(SIG_SETMASK, [],
[pid 3204] [ 146] <... writev resumed>) = 54
[pid 3205] [ 175] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid 3204] [ 192] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0
[pid 3205] [ 175] rt_sigprocmask(SIG_BLOCK, ~[RT_1],
[pid 3204] [ 192] <... mmap2 resumed>) = 0xf733
[pid 3205] [ 175] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid 3204] [ 175] rt_sigprocmask(SIG_UNBLOCK, [ABRT],
[pid 3205] [ 220] madvise(0xf7331000, 8372224, MADV_DONTNEED
[pid 3204] [ 175] <... rt_sigprocmask resumed>NULL, 8) = 0
[pid 3205] [ 220] <... madvise resumed>) = 0
[pid 3205] [ 1] exit(0
[pid 3204] [ 224] gettid(
[pid 3205] [ 1] <... exit resumed>) = ?
[pid 3205] [ 1] +++ exited with 0 +++
[ 224] <... gettid resumed>)= 3204
[ 20] getpid() = 3204
[ 268] tgkill(3204, 3204, SIGABRT) = 0
[ 268] --- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=3204, si_uid=0}
---
[ 268] +++ killed by SIGABRT (core dumped) +++
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2062176
Title:
Cannot launch armhf containers on arm64 host under noble
To manage notifications about this bug go to:
https://bugs.launchpad.net/lxd/+bug/2062176/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062176] Re: Cannot launch armhf containers on arm64 host under noble
>The test case given in the github issue is invalid, because it builds
without the default noble compiler flags of -D_FILE_OFFSET_BITS=64
-D_TIME_BITS=64 so tells us nothing about what code is actually being
run as part of noble that depends on the old syscall.
It's not invalid, cause we can't require old software binaries to be
built with a new -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 flags. Imagine
people who run, let say, Ubuntu Bionic for armhf inside the LXD
container. All the binaries inside that container image will use
__NR_futex and not __NR_futex_time64 for obvious reasons. We can not ask
people to rebuild all the software with a new flags, that breaks idea of
running stuff inside the container. Isn't it?
Also, right now, I have repeated my experiment but with a new flags:
# arm-linux-gnueabihf-gcc -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 -static test.c
# strace -n -f /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.3 ./a.out
[ 221] execve("/usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.3",
["/usr/arm-linux-gnueabihf/lib/ld-"..., "./a.out"], 0xddf2a718 /* 27 vars
*/
[ 221] [ Process PID=2166 runs in 32 bit mode. ]
strace: WARNING: Proper structure decoding for this personality is not
supported, please consider building strace with mpers support enabled.
[ 221] <... execve resumed>)= 0
...
[ 6] close(3) = 0
[ 11] execve("./a.out", ["./a.out"], 0xffd6a6a0 /* 27 vars */) = 0
[ 45] brk(NULL)= 0x1c96000
...
[ 125] mprotect(0x5f000, 12288, PROT_READ) = 0
[ 240] futex(0xff812a1c, FUTEX_WAKE, 1) = -1 ENOSYS (Function not implemented)
[ 397] statx(1, "", AT_STATX_SYNC_AS_STAT|AT_NO_AUTOMOUNT|AT_EMPTY_PATH,
STATX_BASIC_STATS, {stx_mask=STATX_BASIC_STATS|STATX_MNT_ID, stx_attributes=0,
stx_mode=S_IFCHR|0620, stx_size=0, ...}) = 0
[ 4] write(1, "Error! Function not implemented", 31Error! Function not
implemented) = 31
[ 248] exit_group(1)= ?
[ 248] +++ exited with 1 +++
Obviously, these flags are not changing anything in behavior because
__NR_futex constant value does not depend on _TIME_BITS or
_FILE_OFFSET_BITS values.
=== strace from a real armhf container (Ubuntu 22.04.4 LTS inside):
# strace -o strace.log -n -f lxc-start -F ubuntu-armh
2944 [ 322] openat(4, "systemd",
O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_CLOEXEC|O_PATH) = 5
...
e=4096, ...}) = 0
2944 [ 6] close(4) = 0
2944 [ 322] openat(5, "system.conf.d",
O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_CLOEXEC|O_PATH) = -1
ENOENT (No such file or directory)
...
2944 [ 240] futex(0xf798a4b4, FUTEX_WAKE_PRIVATE, 2147483647) = -1 ENOSYS
(Function not imple
mented)
2944 [ 146] writev(2, [{iov_base="The futex facility returned an u"...,
iov_len=54}], 1) = 54
2944 [ 192] mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0xf79c
2944 [ 175] rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
2944 [ 224] gettid() = 1
2944 [ 20] getpid() = 1
2944 [ 268] tgkill(1, 1, SIGABRT) = 0
2944 [ 268] --- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=1,
si_uid=0} ---
As we can see:
2944 [ 240] futex(0xf798a4b4, FUTEX_WAKE_PRIVATE, 2147483647) = -1 ENOSYS
(Function not imple
mented)
so, the same syscall number 240 was called.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2062176
Title:
Cannot launch armhf containers on arm64 host under noble
To manage notifications about this bug go to:
https://bugs.launchpad.net/lxd/+bug/2062176/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062176] Re: Cannot launch armhf containers on arm64 host under noble
Hi Steve, I have described a reason of this issue above: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2062176/comments/3 >So this is not a bug in glibc, This is not a bug. This is a kernel configuration issue. Kernel configuration has COMPAT_32BIT_TIME=n, but must have COMPAT_32BIT_TIME=y to support running armhf binaries properly. >Someone will need to strace this to find the guilty binary. That's what I did earlier and written my minimal reproducer for the problem ;-) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062176 Title: Cannot launch armhf containers on arm64 host under noble To manage notifications about this bug go to: https://bugs.launchpad.net/lxd/+bug/2062176/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062176] Re: Cannot launch armhf containers on arm64 host under noble
This is the reason:
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux-raspi/+git/noble/tree/debian.raspi/config/annotations?h=master-next#n155
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2038582
Minimal reproducer:
# cat test.c
#define _GNU_SOURCE
#include
#include
#include
#include
#include
#include
#include
#define futex(A, B, C, D, E, F) syscall(__NR_futex, A, B, C, D, E, F)
int main(int argc, char **argv)
{
unsigned int addr = 0;
long ret;
ret = futex(&addr, FUTEX_WAKE, 1, NULL, NULL, 0);
if (ret) {
printf("Error! %s", strerror(errno));
exit(1);
}
printf("OK!\n");
return 0;
}
# uname -a
Linux ubuntu 6.8.0-1004-raspi #4-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 02:29:55
UTC 2024 aarch64 aarch64 aarch64 GNU/Linux
$ arm-linux-gnueabihf-gcc -static test.c
$ strace -f /usr/arm-linux-gnueabihf/lib/ld-linux-armhf.so.3 ./a.out
futex(0xff83679c, FUTEX_WAKE, 1)= -1 ENOSYS (Function not implemented)
statx(1, "", AT_STATX_SYNC_AS_STAT|AT_NO_AUTOMOUNT|AT_EMPTY_PATH,
STATX_BASIC_STATS, {stx_mask=STATX_BASIC_STATS|STATX_MNT_ID, stx_attributes=0,
stx_mode=S_IFCHR|0620, stx_size=0, ...}) = 0
write(1, "Error! Function not implemented", 31Error! Function not implemented)
= 31
exit_group(1) = ?
+++ exited with 1 +++
This code uses futex_time32:
https://github.com/torvalds/linux/blob/4a4be1ad3a6efea16c56615f31117590fd881358/kernel/futex/syscalls.c#L492
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2062176
Title:
Cannot launch armhf containers on arm64 host under noble
To manage notifications about this bug go to:
https://bugs.launchpad.net/lxd/+bug/2062176/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064144] Re: lxc ships apparmor config that confuses aa-logprof
From LXC side, we probably should fix this too, just to follow the AppArmor spec. I'll prepare a PR for that. John, what's the best way to validate AppArmor profiles syntax and conformance with the spec? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064144 Title: lxc ships apparmor config that confuses aa-logprof To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/2064144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066148] Re: Ubuntu Noble lacks of CRIU package
New debdiff. Tested with https://launchpad.net/~mihalicyn/+archive/ubuntu/criu-noble- test/+packages ** Patch added: "deb.diff" https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+attachment/5780743/+files/deb.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066148 Title: Ubuntu Noble lacks of CRIU package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066148] Re: Ubuntu Noble lacks of CRIU package
** Patch removed: "deb.diff" https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+attachment/5779927/+files/deb.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066148 Title: Ubuntu Noble lacks of CRIU package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066148] Re: Ubuntu Noble lacks of CRIU package
Tested with PPA and it looks like compile-time problem is fixed, but now we have the next one: https://launchpadlibrarian.net/730889722/buildlog_ubuntu-noble-ppc64el.criu_3.17.1-3ubuntu1_BUILDING.txt.gz mkdir -p /<>/debian/criu/usr/lib/powerpc64le-linux-gnu install -m 755 lib/c/libcriu.so /<>/debian/criu/usr/lib/powerpc64le-linux-gnu/libcriu.so.2.0 ln -fns libcriu.so.2.0 /<>/debian/criu/usr/lib/powerpc64le-linux-gnu/libcriu.so.2 ln -fns libcriu.so.2.0 /<>/debian/criu/usr/lib/powerpc64le-linux-gnu/libcriu.so install -m 755 lib/c/libcriu.a /<>/debian/criu/usr/lib/powerpc64le-linux-gnu/libcriu.a mkdir -p /<>/debian/criu/usr/include/criu/ install -m 644 lib/c/criu.h images/rpc.proto images/rpc.pb-c.h criu/include/version.h /<>/debian/criu/usr/include/criu/ mkdir -p /<>/debian/criu/usr/lib/powerpc64le-linux-gnu/pkgconfig sed -e 's,@version@,3.17.1,' -e 's,@libdir@,/usr/lib/powerpc64le-linux-gnu,' -e 's,@includedir@,/usr/include/criu/,' lib/c/criu.pc.in > lib/c/criu.pc install -m 644 lib/c/criu.pc /<>/debian/criu/usr/lib/powerpc64le-linux-gnu/pkgconfig python3 scripts/crit-setup.py install --prefix=/<>/debian/criu/usr --record lib/.crit-setup.files /usr/lib/python3/dist-packages/setuptools/_distutils/cmd.py:66: SetuptoolsDeprecationWarning: setup.py install is deprecated. !! Please avoid running ``setup.py`` directly. Instead, use pypa/build, pypa/installer or other standards-based tools. See https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.html for details. !! self.initialize_options() /usr/lib/python3/dist-packages/setuptools/_distutils/cmd.py:66: EasyInstallDeprecationWarning: easy_install command is deprecated. !! Please avoid running ``setup.py`` and ``easy_install``. Instead, use pypa/build, pypa/installer or other standards-based tools. See https://github.com/pypa/setuptools/issues/917 for details. !! self.initialize_options() TEST FAILED: /<>/debian/criu/usr/local/lib/python3.12/dist-packages/ does NOT support .pth files bad install directory or PYTHONPATH You are attempting to install a package to a directory that is not on PYTHONPATH and which Python does not read ".pth" files from. The installation directory you specified (via --install-dir, --prefix, or the distutils default setting) was: /<>/debian/criu/usr/local/lib/python3.12/dist-packages/ and your PYTHONPATH environment variable currently contains: '' Here are some of your options for correcting the problem: * You can choose a different installation directory, i.e., one that is on PYTHONPATH or supports .pth files * You can add the installation directory to the PYTHONPATH environment variable. (It must then also be on PYTHONPATH whenever you run Python and want to use the package(s) you are installing.) * You can set up the installation directory to support ".pth" files by using one of the approaches described here: https://setuptools.pypa.io/en/latest/deprecated/easy_install.html#custom- installation-locations Please make the appropriate changes for your system and try again. zip_safe flag not set; analyzing archive contents... pycriu.images.__pycache__.__init__.cpython-312: module references __file__ xmlto man -m custom.xsl criu.xml Note: Writing criu.8 mkdir -p /<>/debian/criu/usr/share/man/man8 install -m 644 criu.8 /<>/debian/criu/usr/share/man/man8 mkdir -p /<>/debian/criu/usr/share/man/man1 install -m 644 crit.1 criu-ns.1 compel.1 amdgpu_plugin.1 /<>/debian/criu/usr/share/man/man1 make[2]: Leaving directory '/<>' # Remove amdgpu_plugin manpage until we really provide the plugin rm -f --verbose /<>/debian/criu/usr/share/man/man1/amdgpu_plugin.1.gz make[1]: Leaving directory '/<>' dh_installdocs -a dh_installchangelogs -a dh_installexamples -a dh_installman -a dh_python3 -a I: dh_python3 tools:113: replacing shebang in debian/criu/usr/sbin/criu-ns dh_perl -a dh_usrlocal -a dh_usrlocal: error: debian/criu/usr/local/bin/crit is not a directory make: *** [debian/rules:9: binary-arch] Error 25 dpkg-buildpackage: error: debian/rules binary-arch subprocess returned exit status 2 ** Bug watch added: github.com/pypa/setuptools/issues #917 https://github.com/pypa/setuptools/issues/917 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066148 Title: Ubuntu Noble lacks of CRIU package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@l
[Bug 2066148] Re: Ubuntu Noble lacks of CRIU package
It's clearly a false-positive on GCC 13.2 Attaching a Debian diff with workaround (disable warnings and prevent compilation failures). ** Patch added: "deb.diff" https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+attachment/5779927/+files/deb.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066148 Title: Ubuntu Noble lacks of CRIU package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066148] [NEW] Ubuntu Noble lacks of CRIU package
Public bug reported: It looks like because of build failures on Noble toolchain: https://launchpad.net/ubuntu/noble/+source/criu/+builds precisely the same version was building just fine on Mantic. $ rmadison criu -u ubuntu criu | 2.0-2ubuntu3 | xenial/universe | source, amd64, armhf, ppc64el criu | 2.6-1ubuntu1~ubuntu16.04.2 | xenial-updates/universe | source, amd64, armhf, ppc64el criu | 3.6-2 | bionic/universe | source, amd64, arm64, armhf, ppc64el, s390x criu | 3.16.1-2 | jammy/universe | source, amd64, arm64, armhf, ppc64el, s390x criu | 3.17.1-3 | mantic/universe | source, amd64, arm64, armhf, ppc64el, s390x ** Affects: criu (Ubuntu) Importance: Undecided Status: New ** Description changed: It looks like because of build failures on Noble toolchain: https://launchpad.net/ubuntu/noble/+source/criu/+builds precisely the same version was building just fine on Mantic. + + $ rmadison criu -u ubuntu + criu | 2.0-2ubuntu3 | xenial/universe | source, amd64, armhf, ppc64el + criu | 2.6-1ubuntu1~ubuntu16.04.2 | xenial-updates/universe | source, amd64, armhf, ppc64el + criu | 3.6-2 | bionic/universe | source, amd64, arm64, armhf, ppc64el, s390x + criu | 3.16.1-2 | jammy/universe | source, amd64, arm64, armhf, ppc64el, s390x + criu | 3.17.1-3 | mantic/universe | source, amd64, arm64, armhf, ppc64el, s390x -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066148 Title: Ubuntu Noble lacks of CRIU package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/criu/+bug/2066148/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060965] Re: liblxc is missing in 24.04
Hi! Couldn't you check if this is fixed for you? This is what I see now on Noble: root@lxc-test-noble:~# apt search liblxc Sorting... Done Full Text Search... Done golang-gopkg-lxc-go-lxc.v2-dev/noble 0.0+git20230621.be98af2-1 all Go bindings for liblxc liblxc-common/noble,now 1:5.0.3-2ubuntu5 amd64 [installed,automatic] Linux Containers userspace tools (library) liblxc-dev/noble 1:5.0.3-2ubuntu5 all Transitional package - liblxc-dev -> lxc-dev liblxc1/noble,now 1:5.0.3-2ubuntu5 amd64 [installed,automatic] Linux Containers userspace tools (library) root@lxc-test-noble:~# apt install lxc-dev ... root@lxc-test-noble:~# lxc-start --version 5.0.3 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060965 Title: liblxc is missing in 24.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2060965/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059550] Re: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble)
https://autopkgtest.ubuntu.com/packages/l/lxc all tests are green, except i386 (which is broken for years :-( and this should not block a migration). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059550 Title: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060965] Re: liblxc is missing in 24.04
Hi! I would suggest to way 1-2 days, because right now we are trying to get https://launchpad.net/ubuntu/+source/lxc/1:5.0.3-2ubuntu5 in Noble. This should solve this problem too. I can only guess that your problem connected with that 1:5.0.1-0ubuntu8 was early replaced by 1:5.0.3-2ubuntu1, but this change was reverted at some point (it happened 2 days ago). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060965 Title: liblxc is missing in 24.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2060965/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059550] Re: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble)
** Patch added: "debdiff.diff" https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+attachment/5763468/+files/debdiff.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059550 Title: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059550] Re: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble)
Ok, lxc/1:5.0.3-2ubuntu4 was uploaded and it's getting better but, unfortunately, "lxc-test-unpriv" test wasn't skipped really. Despite this bug (https://bugs.launchpad.net/ubuntu/+source/autopkgtest/+bug/2056461) I was able to make my local autopkgtest environment to work: autopkgtest \ --apt-upgrade \ --shell-fail \ --output-dir dep8-lxc-pkg-ubuntu \ lxc-5.0.3/ \ -- lxd --vm ubuntu-daily:noble -c limits.cpu=10 -c limits.memory=15GiB == PASS: lxc-tests: /usr/bin/lxc-test-snapshot PASS: lxc-tests: /usr/bin/lxc-test-startone PASS: lxc-tests: /usr/bin/lxc-test-state-server PASS: lxc-tests: /usr/bin/lxc-test-symlink PASS: lxc-tests: /usr/bin/lxc-test-sys-mixed PASS: lxc-tests: /usr/bin/lxc-test-sysctls IGNORED: lxc-tests: /usr/bin/lxc-test-unpriv PASS: lxc-tests: /usr/bin/lxc-test-usernic PASS: lxc-tests: /usr/bin/lxc-test-usernsexec PASS: lxc-tests: /usr/bin/lxc-test-utils SUMMARY: pass=55, fail=0, ignored=1 autopkgtest [17:46:01]: test exercise: ---] autopkgtest [17:46:02]: test exercise: - - - - - - - - - - results - - - - - - - - - - exercise PASS autopkgtest [17:46:02]: test basics-create-destroy: preparing testbed Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. (Reading database ... 69249 files and directories currently installed.) Removing autopkgtest-satdep (0) ... autopkgtest [17:50:16]: test no-devel: [--- + grep LXC_DEVEL /usr/include/lxc/version.h + grep 0 #define LXC_DEVEL 0 autopkgtest [17:50:17]: test no-devel: ---] no-devel PASS autopkgtest [17:50:17]: test no-devel: - - - - - - - - - - results - - - - - - - - - - autopkgtest [17:50:18]: summary exercise PASS basics-create-destroy PASS (superficial) no-devel PASS == -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059550 Title: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059550] Re: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble)
Thanks, Julian! Once this version pass all tests and reach archives I'll prepare PRs for https://salsa.debian.org/lxc-team/lxc to be in sync with Debian. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059550 Title: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059550] Re: autopkgtest failures on 1:5.0.3-2ubuntu2 (Noble)
It's worth mentioning that this debdiff includes not only tests disabling but also fix that allows to build source package on Ubuntu. If you do: pull-lp-source liblxc-dev noble-proposed cd lxc-5.0.3 debuild -S -d you will see something like this: dpkg-source -b . dpkg-source: info: using source format '3.0 (quilt)' dpkg-source: info: building lxc using existing ./lxc_5.0.3.orig.tar.gz dpkg-source: info: building lxc using existing ./lxc_5.0.3.orig.tar.gz.asc dpkg-source: info: using patch list from debian/patches/series dpkg-source: info: local changes detected, the modified files are: lxc-5.0.3/config/apparmor/abstractions/start-container.in lxc-5.0.3/config/apparmor/usr.bin.lxc-copy lxc-5.0.3/config/apparmor/usr.bin.lxc-start dpkg-source: error: aborting due to unexpected upstream changes, see /tmp/lxc_5.0.3-2ubuntu3.diff.21HvOc dpkg-source: info: Hint: make sure the version in debian/changelog matches the unpacked source tree dpkg-source: info: you can integrate the local changes with dpkg-source --commit dpkg-buildpackage: error: dpkg-source -b . subprocess returned exit status 2 debuild: fatal error at line 1182: dpkg-buildpackage -us -uc -ui -S -d failed It's because of the way how we apply custom Ubuntu patches. This debian diff file contains fix for this too. ** Summary changed: - autopkgtest failures on 1:5.0.3-2ubuntu2 (Noble) + autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059550 Title: autopkgtest failures on 1:5.0.3-2ubuntu3 (Noble) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059550] Re: autopkgtest failures on 1:5.0.3-2ubuntu2 (Noble)
** Patch added: "debdiff.diff" https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+attachment/5763115/+files/debdiff.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059550 Title: autopkgtest failures on 1:5.0.3-2ubuntu2 (Noble) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056461] Re: autopkgtest-virt-qemu on noble images sometimes hangs doing copydown
Looks like I'm facing the same issue: /testbed-packages autopkgtest-virt-qemu: DBG: +> cat autopkgtest-virt-qemu: DBG: +>? autopkgtest-virt-qemu: DBG: +", 'deststdout', "<_io.BufferedReader name='/dev/null'>", 'devnull_read', <_io.BufferedReader name='/dev/null'>] autopkgtest-virt-qemu: DBG: +< tar --directory lxc-5.0.3// --warning=none -c . -f - autopkgtest-virt-qemu: DBG: +> /tmp/autopkgtest-qemu.1i2y4v3q/runcmd sh -ec if ! test -d /tmp/autopkgtest.5ldgRV/ubtree-/; then mkdir -- /tmp/autopkgtest.5ldgRV/ubtree-/; fi; cd /tmp/autopkgtest.5ldgRV/ubtree-/; tar --warning=none --preserve-permissions --extract --no-same-owner -f - autopkgtest-virt-qemu: DBG: +>? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056461 Title: autopkgtest-virt-qemu on noble images sometimes hangs doing copydown To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/autopkgtest/+bug/2056461/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059550] [NEW] autopkgtest failures on 1:5.0.3-2ubuntu2 (Noble)
Public bug reported: We can see autopkgtest failures on Noble: https://autopkgtest.ubuntu.com/packages/lxc 1:5.0.3-2ubuntu2 from noble-proposed/universe Details from log (https://autopkgtest.ubuntu.com/results/autopkgtest-noble/noble/amd64/l/lxc/20240327_203000_ce7d4@/log.gz): = 3266s Removing autopkgtest-satdep (0) ... 3269s autopkgtest [20:29:48]: test no-devel: [--- 3269s + grep LXC_DEVEL /usr/include/lxc/version.h 3269s + grep 0 3269s #define LXC_DEVEL 0 3269s autopkgtest [20:29:48]: test no-devel: ---] 3269s autopkgtest [20:29:48]: test no-devel: - - - - - - - - - - results - - - - - - - - - - 3269s no-devel PASS 3269s autopkgtest [20:29:48]: summary 3269s exercise FAIL non-zero exit status 1 3269s unprivileged-containers FAIL non-zero exit status 1 3269s basics-create-destroy PASS (superficial) 3269s no-devel PASS = unprivileged-containers = 1896s Unpacking the rootfs 1900s 1900s --- 1900s You just created an Ubuntu mantic amd64 (20240326_07:42) container. 1900s 1900s To enable SSH, run: apt install openssh-server 1900s No default root or user password are set by LXC. 1900s + systemd-run --scope --quiet --user --property=Delegate=yes lxc-start -n mycontainer 1900s Failed to connect to bus: No medium found = exercise = 1113s FAIL: lxc-tests: /usr/bin/lxc-test-unpriv 1113s --- 1113s Name: c1 1113s State: RUNNING 1113s PID:52927 1113s Link: veth1001_HZ75 1113s TX bytes: 0 bytes 1113s RX bytes: 0 bytes 1113s Total bytes: 0 bytes 1113s Name: c1 1113s State: RUNNING 1113s PID:52994 1113s Link: veth1001_ujGT 1113s TX bytes: 0 bytes 1113s RX bytes: 0 bytes 1113s Total bytes: 0 bytes 1113s lxc-copy: c1: ../src/lxc/utils.c: lxc_drop_groups: 1365 Operation not permitted - Failed to drop supplimentary groups <...> 1113s info: Removing crontab ... 1113s info: Removing user `lxcunpriv' ... 1113s FAIL 1113s --- 1114s PASS: lxc-tests: /usr/bin/lxc-test-usernic 1114s PASS: lxc-tests: /usr/bin/lxc-test-usernsexec 1114s PASS: lxc-tests: /usr/bin/lxc-test-utils 1114s 1114s SUMMARY: pass=55, fail=1, ignored=0 1115s autopkgtest [19:53:54]: test exercise: ---] 1115s autopkgtest [19:53:54]: test exercise: - - - - - - - - - - results - - - - - - - - - - 1115s exercise FAIL non-zero exit status 1 = In the previous version we had no unprivileged-containers testsuite because it was inherited from Debian. lxc-test-unpriv was a skipped test too because we had this piece of code: https://git.launchpad.net/ubuntu/+source/lxc/tree/debian/tests/exercise?h=applied/ubuntu/noble#n129 = # Skip some tests due to cgroup v2 incompatibility if [ -e /sys/fs/cgroup/system.slice/memory.current ]; then [ "$testbin" = "lxc-test-apparmor-mount" ] && \ ignore "$STRING" && continue [ "$testbin" = "lxc-test-autostart" ] && \ ignore "$STRING" && continue [ "$testbin" = "lxc-test-no-new-privs" ] && \ ignore "$STRING" && continue [ "$testbin" = "lxc-test-unpriv" ] && \ ignore "$STRING" && continue fi = Just compare: https://git.launchpad.net/ubuntu/+source/lxc/tree/debian/tests/control?h=applied/ubuntu/noble and https://git.launchpad.net/ubuntu/+source/lxc/tree/debian/tests/control?h=applied/ubuntu/noble-devel We want to fix all of this for sure, but it would be awesome to get an updated and actual version of LXC in the upcoming Ubuntu Noble release too. So, may be it makes sense to skip this tests for the sake of having LXC updated. What I found in Debian, is that autopkgtests are skipped too: https://ci.debian.net/packages/l/lxc/unstable/amd64/ Taking this into account it (probably) reasonable to skip this tests too for now. ** Affects: lxc (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059550 Title: autopkgtest failures on 1:5.0.3-2ubuntu2 (Noble) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2059550/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
