[Bug 2146543] [NEW] 259.5-0ubuntu1 in container triggers non fatal errors on upgrade - measurements

Christian Ehrhardt Fri, 27 Mar 2026 04:20:46 -0700

Public bug reported:

https://launchpad.net/ubuntu/+source/systemd/259.5-0ubuntu1 recently migrated,
I see no bug reported and nothing in proposed about what I've seen on upgrade.


On upgrade I see (in red)

Setting up systemd (259.5-0ubuntu1) ...
...
fchownat() of /sys/kernel/security/tpm0/binary_bios_measurements failed: 
Permission denied
fchownat() of /sys/kernel/security/ima/binary_runtime_measurements failed: 
Permission denied
...

The two fchownat are red and the paths exist:

root@r-hwe:~# ll /sys/kernel/security/tpm0/binary_bios_measurements 
/sys/kernel/security/ima/binary_runtime_measurements
lr--r--r-- 1 nobody nogroup 0 Feb  3 12:25 
/sys/kernel/security/ima/binary_runtime_measurements@ -> 
binary_runtime_measurements_sha1
-r--r----- 1 nobody nogroup 0 Feb  3 12:25 
/sys/kernel/security/tpm0/binary_bios_measurements

Theory: this is a RR container on NN and hence the kernel might not have
that, but even then I'm unsure if fchownat would be happy through the
namespace isolation.

I guess the question is if this could be more graceful and less panic-
red in a container?


This could be in a library - I see the very same later again
Setting up tpm-udev (4.1.3-6) ...
fchownat() of /sys/kernel/security/tpm0/binary_bios_measurements failed: 
Permission denied
fchownat() of /sys/kernel/security/ima/binary_runtime_measurements failed: 
Permission denied

** Affects: systemd (Ubuntu)
     Importance: Low
         Status: New

** Affects: tpm-udev (Ubuntu)
     Importance: Low
         Status: New

** Also affects: tpm-udev (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: systemd (Ubuntu)
   Importance: Undecided => Low

** Changed in: tpm-udev (Ubuntu)
   Importance: Undecided => Low

** Summary changed:

- 259.5-0ubuntu1 triggers non fatal errors on upgrade - measurements
+ 259.5-0ubuntu1 in container triggers non fatal errors on upgrade - 
measurements

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2146543

Title:
  259.5-0ubuntu1 in container triggers non fatal errors on upgrade -
  measurements

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2146543/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2146543] [NEW] 259.5-0ubuntu1 in container triggers non fatal errors on upgrade - measurements

Reply via email to