adding seccomp rule for socket() fails on i386 since kernel 4.3
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libseccomp (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
linux (Ubuntu) |
Invalid
|
Medium
|
Andy Whitcroft | ||
systemd (Ubuntu) |
Invalid
|
Medium
|
Unassigned |
Bug Description
Four days ago, on Dec 10, http://
=======
FAIL: test_boot (__main_
-------
Traceback (most recent call last):
File "/tmp/adt-
self.
AssertionError: b'fake container started' not found in b'Spawning container c1 on /tmp/tmpl04y_
This is reproducible in xenial-release, i. e. it already slipped through -proposed.
This can be reproduced easily on a xenial i386 VM:
sudo apt-get install busybox-static
mkdir -p /tmp/c/sbin /tmp/c/etc /tmp/c/bin/
cp /bin/busybox /tmp/c/bin/
ln -s ../bin/busybox /tmp/c/sbin/init
ln -s busybox /tmp/c/bin/sh
cp /etc/os-release /tmp/c/etc
sudo systemd-nspawn -b -D /tmp/c
This should normally boot a busybox container; you'll get a few error messages as there's no SysV init stuff there, but it should start and pressing enter should get you into a shell. But on i386 it fails with
$ sudo systemd-nspawn -b -D /tmp/c
Spawning container c on /tmp/c.
Press ^] three times within 1s to kill container.
Failed to create directory /tmp/c/
Failed to create directory /tmp/c/
Failed to add audit seccomp rule: Bad address
which is what the test case fails on too.
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
tags: | added: bot-stop-nagging |
Changed in libseccomp (Ubuntu): | |
status: | New → Triaged |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in libseccomp (Ubuntu): | |
status: | Triaged → In Progress |
Changed in systemd (Ubuntu): | |
status: | Triaged → Invalid |
Changed in libseccomp (Ubuntu): | |
importance: | Undecided → High |
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
assignee: | nobody → Andy Whitcroft (apw) |
Changed in libseccomp (Ubuntu): | |
assignee: | nobody → Andy Whitcroft (apw) |
Downgrading to https:/ /launchpad. net/ubuntu/ +source/ systemd/ 228-2ubuntu1/ +build/ 8333265/ +files/ systemd- container_ 228-2ubuntu1_ i386.deb fixes this again.