** Description changed: [Impact] In order to follow our policy on keeping the container stack (docker.io, containerd, and runc) up-to-date in our supported releases, let's backport the stack in Hirsute to Groovy, Focal, and Bionic. docker.io version 20.10.2 was introduced in mid January in Hirsute and no issue was reported so far against it, which demonstrates its stability. Also, runc version 1.0-rc93 has an important fix regarding a glibc and seccomp issue (LP: #1916485). And finally, containerd version 1.4.4 has a fix for CVE-2021-21334. [Test Plan] Per https://wiki.ubuntu.com/DockerUpdates, our test case is the autopkgtests [Where problems could occur] As usual, we deliver most benefit to our users by delivering an upstream experience. A risk of regressions is part of that. + + [Other Info] + + The SRU team brought up to my attention that a couple of changes were + made to the containerd service file which worth a mention here. The + following lines were added by upstream: + + +RestartSec=5 + +OOMScoreAdjust=-999 + + The docker.io service file also has some changes made by upstream: + + [Unit] + -BindsTo=containerd.service + +Wants=containerd.service + + [Service] + +OOMScoreAdjust=-500 + + The changes in the Unit section is fine because this is the current + behavior of our debian packages (we are patching it to apply this + change). The second change in the Service section was the default + already but then upstream moved from code to the service unit file. Look + at the changes dropped from docker.io current in Groovy + (components/engine/cmd/dockerd/config_unix.go): + + - flags.IntVar(&conf.OOMScoreAdjust, "oom-score-adjust", -500, + "Set the oom_score_adj for the daemon") + + Due to that I believe the changes made are safe to be backported.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1919322 Title: Backport the container stack in Hirsute To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/containerd/+bug/1919322/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
