Your message dated Sat, 06 May 2017 19:19:50 +0000
with message-id <[email protected]>
and subject line Bug#858149: fixed in systemd 232-23
has caused the Debian Bug report #858149,
regarding systemd-nspawn: ephemeral flag ignored with raw images
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
858149: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858149
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: systemd-container
Version: 230-7~bpo8+2
Severity: important
Dear Maintainer,
Short version
=============
Assuming one has an image /var/lib/machines/jessie.raw and spawn it
with: systemd-nspawn --ephemeral -m jessie
The jessie.raw ends up being modified.
Fix released with systemd 233 that should be backported:
https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6
Longer version
==============
systemd-nspawn has a [-x|--ephemeral] option which is supposed to
snapshot the image and boot a container out of it. Once the container is
terminated, the snapshot is dismissed entirely.
The ephemeral option is ignored entirely when using a raw image, for
example via --machine which can load either a fs tree if the name match
a directory or a raw image if the base name match.
The upstream issue has a detailled reproducible case:
https://github.com/systemd/systemd/issues/4664
Original thread:
https://lists.freedesktop.org/archives/systemd-devel/2016-November/037699.html
The fix is commit 0f3be6ca4
https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6
It seems straightforward to backport to jessie-backports and for
stretch. Non ephemeral ephemeral containers sounds like a release
critical bug to me.
Note: upstream issue also state that junk files are left behind in host
/tmp there are a couple more commits to address that:
https://github.com/poettering/systemd/commit/64e604111a8466764f36ae8ac83d5d0c0addc024
https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6
-- System Information:
Debian Release: 8.7
APT prefers stable
APT policy: (500, 'stable'), (99, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-0.bpo.2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages systemd-container depends on:
ii libacl1 2.2.52-2
ii libblkid1 2.25.2-6
ii libbz2-1.0 1.0.6-7+b3
ii libc6 2.19-18+deb8u7
ii libcurl3-gnutls 7.38.0-4+deb8u5
ii libgcrypt20 1.6.3-2+deb8u2
ii liblzma5 5.1.1alpha+20120614-2+b3
ii libseccomp2 2.1.1-1
ii libselinux1 2.3-2
ii systemd 230-7~bpo8+2
ii zlib1g 1:1.2.8.dfsg-2+b1
Versions of packages systemd-container recommends:
ii btrfs-tools 3.17-1.1
ii libnss-mymachines 230-7~bpo8+2
systemd-container suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: systemd
Source-Version: 232-23
We believe that the bug you reported is fixed in the latest version of
systemd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Biebl <[email protected]> (supplier of updated systemd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 29 Apr 2017 21:47:47 +0200
Source: systemd
Binary: systemd systemd-sysv systemd-container systemd-journal-remote
systemd-coredump libpam-systemd libnss-myhostname libnss-mymachines
libnss-resolve libnss-systemd libsystemd0 libsystemd-dev udev libudev1
libudev-dev udev-udeb libudev1-udeb
Architecture: source
Version: 232-23
Distribution: unstable
Urgency: medium
Maintainer: Debian systemd Maintainers
<[email protected]>
Changed-By: Michael Biebl <[email protected]>
Description:
libnss-myhostname - nss module providing fallback resolution for the current
hostname
libnss-mymachines - nss module to resolve hostnames for local container
instances
libnss-resolve - nss module to resolve names via systemd-resolved
libnss-systemd - nss module providing dynamic user and group name resolution
libpam-systemd - system and service manager - PAM module
libsystemd-dev - systemd utility library - development files
libsystemd0 - systemd utility library
libudev-dev - libudev development files
libudev1 - libudev shared library
libudev1-udeb - libudev shared library (udeb)
systemd - system and service manager
systemd-container - systemd container/nspawn tools
systemd-coredump - tools for storing and retrieving coredumps
systemd-journal-remote - tools for sending and receiving remote journal logs
systemd-sysv - system and service manager - SysV links
udev - /dev/ and hotplug management daemon
udev-udeb - /dev/ and hotplug management daemon (udeb)
Closes: 837893 849316 858149 859152 861158
Changes:
systemd (232-23) unstable; urgency=medium
.
[ Michael Biebl ]
* journal: fix up syslog facility when forwarding native messages.
Native journal messages (_TRANSPORT=journal) typically don't have a
syslog facility attached to it. As a result when forwarding the
messages to syslog they ended up with facility 0 (LOG_KERN).
Apply syslog_fixup_facility() so we use LOG_USER instead. (Closes: #837893)
* nspawn: Support ephemeral boots from images (Closes: #858149)
* Exclude test binaries from dh_shlibdeps.
The test binaries in libsystemd-dev require libsystemd-shared which is
shipped in the systemd package. Those test binaries are primarily meant
to be run via autopkgtest. As the libsystemd-dev package is not supposed
to depend on systemd, exclude the tests from dh_shlibdeps and instead
update the autopkgtest dependencies to pull in the systemd package.
(Closes: #859152)
.
[ Felipe Sateler ]
* Backport patch to make inability to get OS version nonfatal in machinectl.
Otherwise machinectl list breaks when there are libvirt machines
(Closes: #849316)
.
[ Sjoerd Simons ]
* init-functions: Only call daemon-reload when planning to redirect.
systemctl daemon-reload is a quite a heavy operation, it will re-parse
all configuration and re-run all generators. This should only be done
when strictly needed. (Closes: #861158)
Checksums-Sha1:
d6fd9138b8e4ef6769b2cec0f722c24da99ceadc 4769 systemd_232-23.dsc
6bce8df017362ad4f221b8102ddf29f1c370e32a 199700 systemd_232-23.debian.tar.xz
a75ab38ece8973b76bf265f2e55ee1073daa7b84 9708 systemd_232-23_source.buildinfo
Checksums-Sha256:
84137c0c68b69ca9f361b95c042c3ea0b16b245d7ed270edac34e2580880adef 4769
systemd_232-23.dsc
7b0e07300006bd97d4768ddc003e58135f4a0c59157e18127268dfd39c35b56d 199700
systemd_232-23.debian.tar.xz
eadf3ef371e321b0fce7a83c16a6a566f63f83ecb460f9e76e0f539821668972 9708
systemd_232-23_source.buildinfo
Files:
60e1444145facbe89ee08764018e25f4 4769 admin optional systemd_232-23.dsc
cbdf5f5e8dc6eebfe345192a1da2f760 199700 admin optional
systemd_232-23.debian.tar.xz
9ea0f9a589b4b4419443b71c6362bc34 9708 admin optional
systemd_232-23_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEECbOsLssWnJBDRcxUauHfDWCPItwFAlkOGy0ACgkQauHfDWCP
Itw/HA/9EL9E00fowvYxQ47b/VpbX9LqkFci2NrwR0PKRWNg+glDNGQnVSGP3bZw
Pz6UG/gDQ1bmQcEhv+mfNVdiv/Hc6xOC1fVhkeNbbFeNPyTF3+B+I4sCj/EmoIsc
4vc4jhhJaH0QpO4cudJ6khxQ6TnRTt2Klx/lUs+H0jjv0qaj2Sblhj/flu0D9azF
YtweTvI5+F2GFndAlQTpqhv3TAR/y5slpH1AzcJyO/sNCQ3mw79UY6qWxfhPCcIO
b0mfAs2SnxgeJ+h422JZgdkrXjT9G100DZRLIqd4ccMbJTYcRbkLbECP+3Wto4LM
TA4VyY55c+2Hlesn7qebKcalggfPvHpOaEm6EhnPKIJa5BOuJAgdWtE4zj8gZu1s
YlXGVagew3hQjgAUi/eAeVgXVYPyvD1op06l6M/UKB9nwxg5eowCRa8ilaX296ka
iyDB3Ta2pKjBZmfNjyGG2Dg3aci9cFgeMMTs8YUHJCsAPwLfFJuEqHThK3yVKcUR
HqQD21q8KEQharxOmX4BGhfl+OhEH1tEws2km/Zre/9c3vHw3W6I+kXDpkR9cLt8
Q/M6eWndfr9QZ8Y3tzHqzFD6W2x6tG1PpLaemgVR7h2aY4LxFfI1FPrTcr21GovE
DjgrrwZ63ZHfll9CehxiWmem41BJCRIUEcf42DtuomahxS0cxVM=
=deOZ
-----END PGP SIGNATURE-----
--- End Message ---
