[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-17 Thread Launchpad Bug Tracker
*** This bug is a duplicate of bug 1350947 *** https://bugs.launchpad.net/bugs/1350947 Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxc (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread John Johansen
Can you please attach the output of apparmor_parser -p /etc/apparmor.d/usr.bin.lxc-start -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stefan Bader
** Also affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc container

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stefan Bader
So for now I added also a task for the kernel, though the truth (if such a thing exists) could be somewhere between. Serge, Stephane, what we probably need to figure out is what exactly lxc-start tries to get done when slave mounting /run/netns. And somehow it might be possible that it needs

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stefan Bader
Stop the bot. ** Changed in: linux (Ubuntu) Status: Incomplete = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc container

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stefan Bader
Stop the bot. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc container corrupts all network namespaces on the same physical host Status

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stéphane Graber
so I think it's some systemd handling which does that. LXC unshares the mnt namespace which gets it a copy of the host's, then it's doing some magic (rprivate I believe) to get things working under systemd, then mounts what it needs, unmounts everything else and pivot_root. lxc itself has no code

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stefan Bader
When stracing lxc-start one of the sub-processes is doing the access. This is the strace of that sub-process. ** Attachment added: lxc-start.strace.3131 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1401148/+attachment/4278745/+files/lxc-start.strace.3131 -- You received this bug

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stefan Bader
lxc-start.strace.3093:clone(child_stack=0x7fff7fbc0290, flags=CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWNET|SIGCHLD) = 3131 lxc-start.strace.3093:open(/proc/3131/ns/net, O_RDONLY) = 16 lxc-start.strace.3093:waitid(P_PID, 3131, {}, WNOHANG|WEXITED|WNOWAIT, NULL) = -- You

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stefan Bader
This is the output of apparmor_parser -p /etc/apparmor.d/usr.bin.lxc- start on Vivid with 3.16 kernel. ** Attachment added: aa-parser.txt https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1401148/+attachment/4278746/+files/aa-parser.txt -- You received this bug notification because you

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Serge Hallyn
Is this only happening when systemd is in the container, or when systemd is on the host? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Stefan Bader
I would have assumed systemd is on neither. Since it seems to be the same all the way since Trusty (at least). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title:

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Serge Hallyn
*** This bug is a duplicate of bug 1350947 *** https://bugs.launchpad.net/bugs/1350947 It appears that as tyhicks pointed out this is a dup of bug 1350947. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu.

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Serge Hallyn
*** This bug is a duplicate of bug 1350947 *** https://bugs.launchpad.net/bugs/1350947 James if you'd like to increase the priority of bug 1350947 please do so. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-11 Thread Serge Hallyn
*** This bug is a duplicate of bug 1350947 *** https://bugs.launchpad.net/bugs/1350947 hah, as pointed out in comment #4 of that bug. Marking this as a dup ** This bug has been marked a duplicate of bug 1350947 apparmor: no working rule to allow making a mount private -- You received

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-10 Thread James Page
Confirmed on utopic as well. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc container corrupts all network namespaces on the same physical

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-10 Thread James Page
Confirmed on vivid as well. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc container corrupts all network namespaces on the same physical

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-10 Thread James Page
sudo ip netns exec test ip addr -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc container corrupts all network namespaces on the same

[Touch-packages] [Bug 1401148] Re: Re/starting an lxc container corrupts all network namespaces on the same physical host

2014-12-10 Thread Dean Henrichsmeyer
** Tags added: landscape -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1401148 Title: Re/starting an lxc container corrupts all network namespaces on the same physical