[Touch-packages] [Bug 1732411] Re: On upgrade, daemon-reexec should only be issued if safe
please reopen if this is still an issue ** Changed in: systemd (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1732411 Title: On upgrade, daemon-reexec should only be issued if safe Status in lxc package in Ubuntu: Invalid Status in systemd package in Ubuntu: Invalid Bug description: Dear all, Following up the bug #1713674, when executing systemd in a hardened LXC context, it might not be suitable to reexec systemd daemon, that would not be able to perform. For instance, in our LXC, we drop several capabilities, including sys_admin and we set /sys to read-only (in which, systemd will find its cgroups). This means, systemd cannot be reexecuted, it will fail to restart and will freeze (properly) at restart making the LXC container in frozen state (still working, but no new services startable, no interaction with systemd possible anymore). When upgrading systemd the debian package, as postinst, will always attempt to reexecute systemd, possibly breaking every other upgrade where a daemon restart is made in postinst, and leaving the system in a degraded state. It would likely be appropriate the check whether the reexecute can work will before performing it: checking capabilities, sys mount point perms, etc. If not applicable, not performing a reexucte and possibly print a message to the user. Occurs with Ubuntu Xenial 16.04.3 LTS and systemd 229-4ubuntu21. Cheers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1732411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1732411] Re: On upgrade, daemon-reexec should only be issued if safe
A fix [1] in LXC was pushed recently and actually allows systemd daemon- reexec without the cap sys_admin in a container. We tested that it totally solved the issue for us. Would it possible to move this bug report to the LXC project? And to ask for a backport of such fix to Xenial LXC? Thanks! [1] https://github.com/lxc/lxc/commit/af949cc1938ff3a4e06148867a64d7715ce89a50 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1732411 Title: On upgrade, daemon-reexec should only be issued if safe Status in lxc package in Ubuntu: Invalid Status in systemd package in Ubuntu: New Bug description: Dear all, Following up the bug #1713674, when executing systemd in a hardened LXC context, it might not be suitable to reexec systemd daemon, that would not be able to perform. For instance, in our LXC, we drop several capabilities, including sys_admin and we set /sys to read-only (in which, systemd will find its cgroups). This means, systemd cannot be reexecuted, it will fail to restart and will freeze (properly) at restart making the LXC container in frozen state (still working, but no new services startable, no interaction with systemd possible anymore). When upgrading systemd the debian package, as postinst, will always attempt to reexecute systemd, possibly breaking every other upgrade where a daemon restart is made in postinst, and leaving the system in a degraded state. It would likely be appropriate the check whether the reexecute can work will before performing it: checking capabilities, sys mount point perms, etc. If not applicable, not performing a reexucte and possibly print a message to the user. Occurs with Ubuntu Xenial 16.04.3 LTS and systemd 229-4ubuntu21. Cheers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1732411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1732411] Re: On upgrade, daemon-reexec should only be issued if safe
Could you describe the minimal steps to reproduce the issue on top of a standard 16.04? NB: /sys is not read-only on official images and deployments, and this doesn't seem to affect official images. ** Description changed: Dear all, - Following up the bug report #1713674, when executing systemd in a - hardened LXC context, it might not be suitable to reexec systemd daemon, - that would not be able to perform. + Following up the bug #1713674, when executing systemd in a hardened LXC + context, it might not be suitable to reexec systemd daemon, that would + not be able to perform. For instance, in our LXC, we drop several capabilities, including sys_admin and we set /sys to read-only (in which, systemd will find its cgroups). This means, systemd cannot be reexecuted, it will fail to restart and will freeze (properly) at restart making the LXC container in frozen state (still working, but no new services startable, no interaction with systemd possible anymore). When upgrading systemd the debian package, as postinst, will always attempt to reexecute systemd, possibly breaking every other upgrade where a daemon restart is made in postinst, and leaving the system in a degraded state. It would likely be appropriate the check whether the reexecute can work will before performing it: checking capabilities, sys mount point perms, etc. If not applicable, not performing a reexucte and possibly print a message to the user. Occurs with Ubuntu Xenial 16.04.3 LTS and systemd 229-4ubuntu21. Cheers -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1732411 Title: On upgrade, daemon-reexec should only be issued if safe Status in lxc package in Ubuntu: Invalid Status in systemd package in Ubuntu: New Bug description: Dear all, Following up the bug #1713674, when executing systemd in a hardened LXC context, it might not be suitable to reexec systemd daemon, that would not be able to perform. For instance, in our LXC, we drop several capabilities, including sys_admin and we set /sys to read-only (in which, systemd will find its cgroups). This means, systemd cannot be reexecuted, it will fail to restart and will freeze (properly) at restart making the LXC container in frozen state (still working, but no new services startable, no interaction with systemd possible anymore). When upgrading systemd the debian package, as postinst, will always attempt to reexecute systemd, possibly breaking every other upgrade where a daemon restart is made in postinst, and leaving the system in a degraded state. It would likely be appropriate the check whether the reexecute can work will before performing it: checking capabilities, sys mount point perms, etc. If not applicable, not performing a reexucte and possibly print a message to the user. Occurs with Ubuntu Xenial 16.04.3 LTS and systemd 229-4ubuntu21. Cheers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1732411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1732411] Re: On upgrade, daemon-reexec should only be issued if safe
>From our analysis, we indeed agree with the fact that it has nothing to do >with LXC (hence the report in the systemd tracker). We believe that only the package is faulty here and should not attempt to blindly reexec systemd on upgrade. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1732411 Title: On upgrade, daemon-reexec should only be issued if safe Status in lxc package in Ubuntu: Invalid Status in systemd package in Ubuntu: New Bug description: Dear all, Following up the bug report #1713674, when executing systemd in a hardened LXC context, it might not be suitable to reexec systemd daemon, that would not be able to perform. For instance, in our LXC, we drop several capabilities, including sys_admin and we set /sys to read-only (in which, systemd will find its cgroups). This means, systemd cannot be reexecuted, it will fail to restart and will freeze (properly) at restart making the LXC container in frozen state (still working, but no new services startable, no interaction with systemd possible anymore). When upgrading systemd the debian package, as postinst, will always attempt to reexecute systemd, possibly breaking every other upgrade where a daemon restart is made in postinst, and leaving the system in a degraded state. It would likely be appropriate the check whether the reexecute can work will before performing it: checking capabilities, sys mount point perms, etc. If not applicable, not performing a reexucte and possibly print a message to the user. Occurs with Ubuntu Xenial 16.04.3 LTS and systemd 229-4ubuntu21. Cheers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1732411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1732411] Re: On upgrade, daemon-reexec should only be issued if safe
Marking the lxc task as invalid since LXC does not drop any such capabilities by default, so such failure isn't lxc's fault. It's either the user's fault (by dropping capabilities that Ubuntu/Debian consider as required) or the systemd's package fault (for not doing a capability check). ** Changed in: lxc (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1732411 Title: On upgrade, daemon-reexec should only be issued if safe Status in lxc package in Ubuntu: Invalid Status in systemd package in Ubuntu: New Bug description: Dear all, Following up the bug report #1713674, when executing systemd in a hardened LXC context, it might not be suitable to reexec systemd daemon, that would not be able to perform. For instance, in our LXC, we drop several capabilities, including sys_admin and we set /sys to read-only (in which, systemd will find its cgroups). This means, systemd cannot be reexecuted, it will fail to restart and will freeze (properly) at restart making the LXC container in frozen state (still working, but no new services startable, no interaction with systemd possible anymore). When upgrading systemd the debian package, as postinst, will always attempt to reexecute systemd, possibly breaking every other upgrade where a daemon restart is made in postinst, and leaving the system in a degraded state. It would likely be appropriate the check whether the reexecute can work will before performing it: checking capabilities, sys mount point perms, etc. If not applicable, not performing a reexucte and possibly print a message to the user. Occurs with Ubuntu Xenial 16.04.3 LTS and systemd 229-4ubuntu21. Cheers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1732411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1732411] Re: On upgrade, daemon-reexec should only be issued if safe
** Also affects: lxc (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1732411 Title: On upgrade, daemon-reexec should only be issued if safe Status in lxc package in Ubuntu: New Status in systemd package in Ubuntu: New Bug description: Dear all, Following up the bug report #1713674, when executing systemd in a hardened LXC context, it might not be suitable to reexec systemd daemon, that would not be able to perform. For instance, in our LXC, we drop several capabilities, including sys_admin and we set /sys to read-only (in which, systemd will find its cgroups). This means, systemd cannot be reexecuted, it will fail to restart and will freeze (properly) at restart making the LXC container in frozen state (still working, but no new services startable, no interaction with systemd possible anymore). When upgrading systemd the debian package, as postinst, will always attempt to reexecute systemd, possibly breaking every other upgrade where a daemon restart is made in postinst, and leaving the system in a degraded state. It would likely be appropriate the check whether the reexecute can work will before performing it: checking capabilities, sys mount point perms, etc. If not applicable, not performing a reexucte and possibly print a message to the user. Occurs with Ubuntu Xenial 16.04.3 LTS and systemd 229-4ubuntu21. Cheers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1732411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp