Not detecting arachsys containers is a high impact bug. My production servers running on Ubuntu 16.04 can no longer be updated anymore as apt is stuck on applying the makedev package which of course always fails.
I understand it is cumbersome to add all possible container types to the script. Maybe the makedev script needs to be more specific when it should run. Giving the remark in the package: This package is not necessary for most modern Linux systems, where the udev subsystem provides a more dynamic mechanism for device file management. This means if udev is installed and don't run the script. Andre -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to makedev in Ubuntu. https://bugs.launchpad.net/bugs/1675163 Title: Don't attempt to create devices in LXC containers Status in makedev package in Ubuntu: Fix Released Status in makedev source package in Precise: Fix Released Status in makedev source package in Trusty: Fix Released Status in makedev source package in Xenial: Fix Released Status in makedev source package in Yakkety: Fix Released Status in makedev source package in Zesty: Fix Released Bug description: Right now the "makedev" postinst script will attempt to create a number of devices in /dev, failing the package upgrade should any of those mknod calls fail. LXC containers, especially unprivileged ones do not allow the use of mknod, making it impossible to upgrade makedev in those containers and preventing Ubuntu release upgrades. The fix is quite simple, detect that we are running in an LXC container and skip the rest of the postinst script as is done in a number of other cases. = SRU == Rationale This issue prevents release to release upgrades in unprivileged LXC containers when makedev is part of the upgraded set. This is currently visible when upgrading from Ubuntu 12.04 to Ubuntu 14.04. == Testcase Install the new package in an unprivileged container. With LXD, simply use "lxc launch ubuntu:<series> test" to create the container. Prior to this fix, the upgrade will fail on some mknod errors, after it, it'll go on after printing a message indicating that LXC was detected. == Regression potential The detection logic is based on PID 1's environment containing a container=lxc entry. If a non-LXC system somehow had that set, it'd lead to the makedev upgrade no longer creating extra devices. This is unlikely to really matter though since the system is clearly already functioning properly at that point. Similarly, some privileged LXC containers can be configured in a way where mknod is possible, this update will still disable the postinst for those cases as short of attempting every mknod ahead of time, there is no reliable way to detect any seccomp or apparmor policy in play. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/makedev/+bug/1675163/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
