Bug#969227: FTBFS with new runc 1.0.0~rc92 and libcap2 2.43

2020-08-30 Thread Shengjing Zhu 
On Mon, Aug 31, 2020 at 1:42 PM El boulangero  wrote:
>
> The patch test--fix-against-libcap2-2.43.patch actually fails the build for 
> me, in a sid chroot with libcap 2.43.
>
> 
> === RUN   TestTarUntarWithXattr
> archive_unix_test.go:267: assertion failed: string 
> "/tmp/docker-test-untar-origin293876876/2 = cap_block_suspend+ep\n" does not 
> contain "cap_block_suspend=ep": untar should have kept the 
> 'security.capability' xattr
> archive_unix_test.go:267: assertion failed: string 
> "/tmp/docker-test-untar-origin293876876/2 = cap_block_suspend+ep\n" does not 
> contain "cap_block_suspend=ep": untar should have kept the 
> 'security.capability' xattr
> 
>
> This is not very important anyway, as this patch applies to a test that 
> requires root, hence is skipped on buildd.

Indeed, it's skipped. Seems sbuild gives me a shell with root when
building fails, which makes this test to be run.

-- 
Shengjing Zhu

Bug#969227: FTBFS with new runc 1.0.0~rc92 and libcap2 2.43

2020-08-30 Thread El boulangero 
The patch test--fix-against-libcap2-2.43.patch actually fails the build for
me, in a sid chroot with libcap 2.43.


=== RUN   TestTarUntarWithXattr
archive_unix_test.go:267: assertion failed: string
"/tmp/docker-test-untar-origin293876876/2 = cap_block_suspend+ep\n" does
not contain "cap_block_suspend=ep": untar should have kept the
'security.capability' xattr
archive_unix_test.go:267: assertion failed: string
"/tmp/docker-test-untar-origin293876876/2 = cap_block_suspend+ep\n" does
not contain "cap_block_suspend=ep": untar should have kept the
'security.capability' xattr


This is not very important anyway, as this patch applies to a test that
requires root, hence is skipped on buildd.

The patch fix-build-against-runc-rc92.patch indeed fixes the build. Going
to upload  a new version of the docker.io package soon.

Thanks!

  Arnaud


On Sun, Aug 30, 2020 at 8:09 AM Dmitry Smirnov  wrote:

> On Sunday, 30 August 2020 3:01:34 AM AEST Shengjing Zhu wrote:
> > Please see the patches attached.
>
> Thank you very much!
>
>
> > BTW, is there any instruction to work with the docker.io git repo?
> > It seems `gbp buildpackage` or `gbp pq` are hard to use with it.
>
> Something like the following:
>
>   https://salsa.debian.org/onlyjob/notes/-/wikis/bp
>
> Start with "debian" directory, obtain and extract orig tarballs with
> 'origtargz' then build with your preferred method (e.g. pbuilder).
>
> MUT and complex Golang packages are ridiculously difficult to maintain
> with GBP...
>
> See also https://salsa.debian.org/onlyjob/notes/-/wikis/no-gbp
>
> --
> Best wishes,
>  Dmitry Smirnov.
>
> ---
>
> Truth — Something somehow discreditable to someone.
> -- H. L. Mencken, 1949
>
> ---
>
> A study on infectivity of asymptomatic SARS-CoV-2 carriers, concludes weak
> transmission. "The median contact time for patients was four days and that
> for family members was five days."
> -- https://pubmed.ncbi.nlm.nih.gov/32513410/
>

Bug#969227: FTBFS with new runc 1.0.0~rc92 and libcap2 2.43

2020-08-29 Thread Dmitry Smirnov 
On Sunday, 30 August 2020 3:01:34 AM AEST Shengjing Zhu wrote:
> Please see the patches attached.

Thank you very much!


> BTW, is there any instruction to work with the docker.io git repo?
> It seems `gbp buildpackage` or `gbp pq` are hard to use with it.

Something like the following:

  https://salsa.debian.org/onlyjob/notes/-/wikis/bp

Start with "debian" directory, obtain and extract orig tarballs with
'origtargz' then build with your preferred method (e.g. pbuilder).

MUT and complex Golang packages are ridiculously difficult to maintain
with GBP...

See also https://salsa.debian.org/onlyjob/notes/-/wikis/no-gbp

-- 
Best wishes,
 Dmitry Smirnov.

---

Truth — Something somehow discreditable to someone.
-- H. L. Mencken, 1949

---

A study on infectivity of asymptomatic SARS-CoV-2 carriers, concludes weak
transmission. "The median contact time for patients was four days and that
for family members was five days."
-- https://pubmed.ncbi.nlm.nih.gov/32513410/


signature.asc
Description: This is a digitally signed message part.

Bug#969227: FTBFS with new runc 1.0.0~rc92 and libcap2 2.43

2020-08-29 Thread Shengjing Zhu 
Package: docker.io
Version: 19.03.12+dfsg1-3
Severity: serious

Please see the patches attached.

BTW, is there any instruction to work with the docker.io git repo?
It seems `gbp buildpackage` or `gbp pq` are hard to use with it.
Description: Fix build with runc 1.0.0~rc92
Author: Shengjing Zhu 

Forwarded: not-needed
Last-Update: 2020-08-29

--- docker.io-19.03.12+dfsg1.orig/containerd/vendor/github.com/containerd/cri/pkg/containerd/opts/spec.go
+++ docker.io-19.03.12+dfsg1/containerd/vendor/github.com/containerd/cri/pkg/containerd/opts/spec.go
@@ -421,7 +421,7 @@ func WithDevices(osi osinterface.OS, con
 Type:   string(dev.Type),
 Major:  ,
 Minor:  ,
-Access: dev.Permissions,
+Access: string(dev.Permissions),
 			})
 		}
 		return nil
--- docker.io-19.03.12+dfsg1.orig/engine/daemon/stats/collector_unix.go
+++ docker.io-19.03.12+dfsg1/engine/daemon/stats/collector_unix.go
@@ -8,14 +8,14 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/opencontainers/runc/libcontainer/system"
 	"golang.org/x/sys/unix"
 )
 
 // platformNewStatsCollector performs platform specific initialisation of the
 // Collector structure.
 func platformNewStatsCollector(s *Collector) {
-	s.clockTicksPerSecond = uint64(system.GetClockTicks())
+	// modified from https://github.com/moby/moby/pull/41186
+	s.clockTicksPerSecond = 100
 }
 
 const nanoSecondsPerSecond = 1e9
--- docker.io-19.03.12+dfsg1.orig/engine/oci/devices_linux.go
+++ docker.io-19.03.12+dfsg1/engine/oci/devices_linux.go
@@ -31,7 +31,7 @@ func deviceCgroup(d *configs.Device) spe
 		Type:   t,
 		Major:  ,
 		Minor:  ,
-		Access: d.Permissions,
+		Access: string(d.Permissions),
 	}
 }
 
--- docker.io-19.03.12+dfsg1.orig/containerd/sys/proc.go
+++ /dev/null
@@ -1,80 +0,0 @@
-// +build linux
-
-/*
-   Copyright The containerd Authors.
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-*/
-
-package sys
-
-import (
-	"bufio"
-	"fmt"
-	"os"
-	"strconv"
-	"strings"
-
-	"github.com/opencontainers/runc/libcontainer/system"
-)
-
-const nanoSecondsPerSecond = 1e9
-
-var clockTicksPerSecond = uint64(system.GetClockTicks())
-
-// GetSystemCPUUsage returns the host system's cpu usage in
-// nanoseconds. An error is returned if the format of the underlying
-// file does not match.
-//
-// Uses /proc/stat defined by POSIX. Looks for the cpu
-// statistics line and then sums up the first seven fields
-// provided. See `man 5 proc` for details on specific field
-// information.
-func GetSystemCPUUsage() (uint64, error) {
-	var line string
-	f, err := os.Open("/proc/stat")
-	if err != nil {
-		return 0, err
-	}
-	bufReader := bufio.NewReaderSize(nil, 128)
-	defer func() {
-		bufReader.Reset(nil)
-		f.Close()
-	}()
-	bufReader.Reset(f)
-	err = nil
-	for err == nil {
-		line, err = bufReader.ReadString('\n')
-		if err != nil {
-			break
-		}
-		parts := strings.Fields(line)
-		switch parts[0] {
-		case "cpu":
-			if len(parts) < 8 {
-return 0, fmt.Errorf("bad format of cpu stats")
-			}
-			var totalClockTicks uint64
-			for _, i := range parts[1:8] {
-v, err := strconv.ParseUint(i, 10, 64)
-if err != nil {
-	return 0, fmt.Errorf("error parsing cpu stats")
-}
-totalClockTicks += v
-			}
-			return (totalClockTicks * nanoSecondsPerSecond) /
-clockTicksPerSecond, nil
-		}
-	}
-	return 0, fmt.Errorf("bad stats format")
-}
Description: Fix build against libcap2 2.43
Author: Shengjing Zhu 

Bug: https://github.com/moby/moby/issues/41398
Forwarded: no
Last-Update: 2020-08-29

--- docker.io-19.03.12+dfsg1.orig/engine/pkg/archive/archive_unix_test.go
+++ docker.io-19.03.12+dfsg1/engine/pkg/archive/archive_unix_test.go
@@ -264,7 +264,7 @@ func TestTarUntarWithXattr(t *testing.T)
 		}
 		out, err := exec.Command("getcap", filepath.Join(origin, "2")).CombinedOutput()
 		assert.NilError(t, err, string(out))
-		assert.Check(t, is.Contains(string(out), "= cap_block_suspend+ep"), "untar should have kept the 'security.capability' xattr")
+		assert.Check(t, is.Contains(string(out), "cap_block_suspend=ep"), "untar should have kept the 'security.capability' xattr")
 	}
 }