[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

** No longer affects: linux (Ubuntu Trusty) ** No longer affects: linux (Ubuntu Precise) ** No longer affects: linux (Ubuntu) ** No longer affects: lxc (Ubuntu) ** Changed in: lxc (Ubuntu Trusty) Importance: Undecided => High -- You received this bug notification because you are a member

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Hi, The fix was uploaded last week for acceptance by the SRU team. It's waiting to be accepted into -proposed. Then it will need to be tested to be accepted into -updates. https://launchpad.net/ubuntu/precise/+queue?queue_state=1_text=lxc -- You received this bug notification because you are

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

We have tested the patch from #39 by applying in manually in on of our affected systems and can confirm that it fixes the regression. With it in place lxc-start works again when having latest precise 3.2 kernel. @Mathieu: Thanks for providing it. -- You received this bug notification because

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Hello Andy, or anyone else affected, Accepted lxc into precise-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/lxc/0.7.5-3ubuntu70 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

** Description changed: + == + SRU Justification: + Impact: containers fail to start! + Regression potential: we only add a copy of an existing apparmor allow rule + with a different syntax (no trailing /), leaving the old one for

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

** Also affects: linux (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: lxc (Ubuntu Precise) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu.

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

So, there's still no fix for 12.04 in the standard repos? I mean, Precise is called "LTS" after all. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title: lxc-test-ubuntu hangs

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Hi Marc, please check comment #33 from Serge. He explained that formally lxc in precise is not covered by lts. However a very special case as a LTS update in main in precise (kernel) did break unrelated software (lxc) which is a clear regression. And then not having that other software not in

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

I'm also interested by an update of the lxc package for precise. The attached patch is working for me (add "/dev/pts/ptmx -> /dev/ptmx" instead of "/dev/pts/ptmx/ -> /dev/ptmx/"). Note that keeping the previous rule is required for not breaking old kernels. ** Patch added:

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

@stefan-huehner - sorry, I'm losing track. is what you are asking for just a lxc update to precise-proposed with the new apparmor allow rule that jj suggested? If so, in comment #33 I was trying to encourage a debdiff to be posted by someone who could best test it. I'll then sponsor it into the

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

For me in 12.04 this worked: Adding the PPA - https://launchpad.net/~ubuntu-lxc/+archive/ubuntu/lxc-stable -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title: lxc-test-ubuntu

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

+1 after upgraded to lxc 1.0.7-0ubuntu0.9 it works for me -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title: lxc-test-ubuntu hangs forever in trusty-proposed with Linux

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Judging by jjohansen's comment #8, I guess the shipped common configuration files in precise's lxc should be updated to include the new rule. Precise's lxc is in universe, community supported. Can you provide a proposed, tested debdiff and ping me? I'll sponsor it when ready if needed. -- You

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

As Eugene said, there is a bug affecting precise with the latest 3.2 and 3.13 (supported LTS trusty kernel for precise) and the official LXC package. No backports or ppa used. The bug is marked as duplicate but no fix for 12.04 is released. -- You received this bug notification because you are

Re: [Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Quoting Stratos Zolotas (str...@gmail.com): > Another one has asked but no reply yet. Is a fix for 12.04 going to be > released? The bug is still valid there. Which bug are you looking for? You're using a backport or ppa or custom built lxc and are looking for a kernel fix? -- You received

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

as documented in comment 20 or https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1507959 lxc start fails when using latest LXC package from official ubuntu app repo with 3.2.0-92.130 and 3.2.0-92.131. -- You received this bug notification because you are a member of Kernel Packages, which is

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

I got hit by the same issue, with the same unlucky kernel (installed from normal update channel): root@x230:~# uname -a Linux x230 3.13.0-66-generic #108-Ubuntu SMP Wed Oct 7 15:20:27 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux Will read suggestions above before going to back to classical VM... --

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Another one has asked but no reply yet. Is a fix for 12.04 going to be released? The bug is still valid there. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title:

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

The above report is against: lxc 1.0.7-0ubuntu0.7 amd64 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu.

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Upgrading to 1.0.7-0ubuntu0.9 from updates fixed it. Sorry for the noise. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title: lxc-test-ubuntu hangs forever in trusty-proposed

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux (Ubuntu Trusty) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu.

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

I can confirm the same as what Stephen just said. Servers rebooted overnight for the security patch and none of the LXC containers restarted or can be started. lxc-start: conf.c: setup_pts: 1772 Permission denied - mount failed '/dev/pts/ptmx'->'/dev/ptmx' This is on a live 14.04 LTS server

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

This seems to explain it, currently trying to teach myself apparmor to find a temporary fix... apps kernel: [ 707.036112] audit: type=1400 audit(1445331859.865:41): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="/usr/bin/lxc-start" name="/dev/ptmx" pid=2746

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

@Stephen: I had the same problem after today's upgrade. Activating the proposed repository and upgrading lxc to version 1.0.7-0ubuntu0.9 fixed the issue for me. See comment #11 for details. But it's a shame this proposed fix was not released to everyone before the new kernel. ** Tags removed:

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Is there a fix for Ubuntu 12.04 LTS ? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

This bug was fixed in the package lxc - 1.0.7-0ubuntu0.9 --- lxc (1.0.7-0ubuntu0.9) trusty; urgency=medium * Update previous patch to include some extra apparmor rules. (LP: #1504781) -- Stéphane Graber Wed, 14 Oct 2015 13:59:48 -0700 ** Changed in:

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

The proposed update works for us. When is it likely to be released as we don't want to do this on our production servers? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title:

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

I'm expediting the usual 7 day maturing period; this is a rather grave regression and apparently the new kernel didn't get around to add a Breaks: to the previous LXC version. Thanks for verifying! -- You received this bug notification because you are a member of Kernel Packages, which is

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

@Martin, many thanks for releasing this into the "wild". I can confirm that it has now appeared on Trusty-updates on 1&1 servers and in the "normal" GB archives. I can also confirm that this fixes my LXC server problems. -- You received this bug notification because you are a member of Kernel

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Hello, As of this morning's security roll out of the Linux 3.13.0-66 kernel, this bug *is* effecting *live* LXC containers ;-( (I am using Trusty 14.04 LTS - I note that recently built Trusty 14.04.3 machines are not rolling out Linux 3.13.0-66 as they have Linux 3.19.0-30-generic) Reading

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

I see a connection to https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1507959. is it a duplicate? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title: lxc-test-ubuntu

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

yes, UBUNTU: SAUCE: (no-up) apparmor: fix mount not handling disconnected paths is causing the regression. However reverting this fix will cause issues for Bug 1496430, which was blocking a fix for a CVE. The correct solution is to update the profile. -- You received this bug

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

Hello Andy, or anyone else affected, Accepted lxc into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/lxc/1.0.7-0ubuntu0.8 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

To be specific I added the rule mount options=(rw,bind) /dev/pts/ptmx -> /dev/ptmx, to the lxc-start profile -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1504781 Title:

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

I suppose the recent kernel patch UBUNTU: SAUCE: (no-up) apparmor: fix mount not handling disconnected paths which got backported to trusty causes this regression. As the same code is present in later releases, I guess that in v/w lxc has an updated apparmor profile which allows the

[Kernel-packages] [Bug 1504781] Re: lxc-test-ubuntu hangs forever in trusty-proposed with Linux 3.13.0-66: AppArmor denies /dev/ptmx mounting

What I don't get is why the other tests aren't failing too, they all start containers too and so should hit the exact same failure. Why one of the last tests is the one hanging just doesn't make sense to me. Anyway, looks like there's a way for us to reproduce this and look into it. It may well