[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1057116: marked as done (bookworm-pu: package lxc/1:5.0.2-1+deb12u2)

Your message dated Sat, 09 Dec 2023 10:20:37 +0000
with message-id <83d3a3621a56b9af1e20d36ee9d390a46ab64a8a.camel@adam-barratt.org.uk>
and subject line Closing requests for updates included in 12.3 point release
has caused the Debian Bug report #1057116,
regarding bookworm-pu: package lxc/1:5.0.2-1+deb12u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1057116: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057116
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: pkg-lxc-devel@lists.alioth.debian.org, gibmat@debian.org
Control: affects -1 + src:lxc

[ Reason ]
The version of lxc in bookworm fails to create ephemeral copies of
containers. This is affecting Debian users, as two different bugs have
been reported in addition to an upstream bug report.

A fix was merged into the upstream repo earlier today, and I have
cherry-picked it into the packaging for unstable which I have just
uploaded. I would like to get this fix into bookworm, as it is a
regression compared to lxc in bullseye.

[ Impact ]
The version of lxc currently in bookworm cannot create ephemeral copies
of containers.

[ Tests ]
The changes have been reviewed and accepted by the upstream developers.
I have tested that creation of normal and ephemeral containers works as
expected in bookworm with this patch.

[ Risks ]
Minor/none -- the specific variable being checked was fixed to be a
more correct one that could never be NULL, which was the root cause of
the bug. This does technically change the behavior of lxc by fixing the
bug, but I don't think there is any risk of a regression in other lxc
behavior.

[ Checklist ]
  [*] *all* changes are documented in the d/changelog
  [*] I reviewed all changes and I approve them
  [*] attach debdiff against the package in (old)stable
  [*] the issue is verified as fixed in unstable

[ Changes ]
Cherry-pick and rebase upstream commit
0e932812ae2ac4dec58e413c0d95d581385b9756, which has been merged into
the upstream repo. There is also renaming of the `bdev_type` variable
to `__bdev_type` which was included in the upstream commit; I have left
that in, so the changes to bookworm packaging can be a direct cherry-
pick of the upstream fix.

[ Other info ]
The source debdiff is attached.

diff -Nru lxc-5.0.2/debian/changelog lxc-5.0.2/debian/changelog
--- lxc-5.0.2/debian/changelog	2023-09-22 16:35:52.000000000 +0000
+++ lxc-5.0.2/debian/changelog	2023-11-30 01:17:33.000000000 +0000
@@ -1,3 +1,9 @@
+lxc (1:5.0.2-1+deb12u2) bookworm; urgency=medium
+
+  * Cherry-pick upstream fix for creating ephemeral copies (See #1001713)
+
+ -- Mathias Gibbens <gibmat@debian.org>  Thu, 30 Nov 2023 01:17:33 +0000
+
 lxc (1:5.0.2-1+deb12u1) bookworm; urgency=medium
 
   * Cherry-pick upstream "fix nftables syntax for IPv6 NAT" (Closes: #1049976)
diff -Nru lxc-5.0.2/debian/patches/0101-cherry-pick-fix-ephemeral-copies.patch lxc-5.0.2/debian/patches/0101-cherry-pick-fix-ephemeral-copies.patch
--- lxc-5.0.2/debian/patches/0101-cherry-pick-fix-ephemeral-copies.patch	1970-01-01 00:00:00.000000000 +0000
+++ lxc-5.0.2/debian/patches/0101-cherry-pick-fix-ephemeral-copies.patch	2023-11-30 01:17:33.000000000 +0000
@@ -0,0 +1,155 @@
+From 0e932812ae2ac4dec58e413c0d95d581385b9756 Mon Sep 17 00:00:00 2001
+From: Christian Brauner <brauner@kernel.org>
+Date: Wed, 29 Nov 2023 15:57:04 +0100
+Subject: [PATCH] conf: fix ephemeral copies
+
+Don't rely on rootfs->bdev_type because that may be NULL. Use storage->type
+instead which can't be NULL.
+
+Co-Developed-by: Mathias Gibbens <gibmat@debian.org>
+Signed-off-by: Mathias Gibbens <gibmat@debian.org>
+Reported-by: Mathias Gibbens <gibmat@debian.org>
+Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
+---
+ src/lxc/conf.c            | 21 ++++++++++++---------
+ src/lxc/conf.h            |  4 ++--
+ src/lxc/confile.c         |  4 ++--
+ src/lxc/storage/storage.c |  4 ++--
+ src/lxc/storage/storage.h |  2 +-
+ 5 files changed, 19 insertions(+), 16 deletions(-)
+
+diff --git a/src/lxc/conf.c b/src/lxc/conf.c
+index 9158713..e338ed7 100644
+--- a/src/lxc/conf.c
++++ b/src/lxc/conf.c
+@@ -536,16 +536,21 @@ int lxc_rootfs_init(struct lxc_conf *conf, bool userns)
+ 	struct stat st;
+ 	struct statfs stfs;
+ 	struct lxc_rootfs *rootfs = &conf->rootfs;
++	const char *type;
+ 
+ 	ret = lxc_storage_prepare(conf);
+ 	if (ret)
+ 		return syserror_set(-EINVAL, "Failed to prepare rootfs storage");
++	type = rootfs->storage->type;
++
++	if (!type)
++		return syserror_set(-EINVAL, "Storage type neither set nor automatically detected");
+ 
+ 	if (!is_empty_string(rootfs->mnt_opts.userns_path)) {
+ 		if (!rootfs->path)
+ 			return syserror_set(-EINVAL, "Idmapped rootfs currently only supported with separate rootfs for container");
+ 
+-		if (rootfs->bdev_type && !strequal(rootfs->bdev_type, "dir"))
++		if (type && !strequal(type, "dir"))
+ 			return syserror_set(-EINVAL, "Idmapped rootfs currently only supports the \"dir\" storage driver");
+ 	}
+ 
+@@ -555,14 +560,12 @@ int lxc_rootfs_init(struct lxc_conf *conf, bool userns)
+ 	if (userns)
+ 		return log_trace(0, "Not pinning because container runs in user namespace");
+ 
+-	if (rootfs->bdev_type) {
+-		if (strequal(rootfs->bdev_type, "overlay") ||
+-		    strequal(rootfs->bdev_type, "overlayfs"))
+-			return log_trace_errno(0, EINVAL, "Not pinning on stacking filesystem");
++	if (strequal(type, "overlay") ||
++	    strequal(type, "overlayfs"))
++		return log_trace_errno(0, EINVAL, "Not pinning on stacking filesystem");
+ 
+-		if (strequal(rootfs->bdev_type, "zfs"))
+-			return log_trace_errno(0, EINVAL, "Not pinning on ZFS filesystem");
+-	}
++	if (strequal(type, "zfs"))
++		return log_trace_errno(0, EINVAL, "Not pinning on ZFS filesystem");
+ 
+ 	dfd_path = open_at(-EBADF, rootfs->path, PROTECT_OPATH_FILE, 0, 0);
+ 	if (dfd_path < 0)
+@@ -4829,8 +4832,8 @@ void lxc_conf_free(struct lxc_conf *conf)
+ 	if (current_config == conf)
+ 		current_config = NULL;
+ 	lxc_terminal_conf_free(&conf->console);
++	free(conf->rootfs.__bdev_type);
+ 	free(conf->rootfs.mount);
+-	free(conf->rootfs.bdev_type);
+ 	free(conf->rootfs.path);
+ 	put_lxc_rootfs(&conf->rootfs, true);
+ 	free(conf->logfile);
+diff --git a/src/lxc/conf.h b/src/lxc/conf.h
+index 82cb66a..ee07ac7 100644
+--- a/src/lxc/conf.h
++++ b/src/lxc/conf.h
+@@ -233,7 +233,7 @@ struct lxc_mount_options {
+  * @path         : the rootfs source (directory or device)
+  * @mount        : where it is mounted
+  * @buf		 : static buffer to construct paths
+- * @bev_type     : optional backing store type
++ * @__bev_type     : optional backing store type
+  * @managed      : whether it is managed by LXC
+  * @dfd_mnt	 : fd for @mount
+  * @dfd_dev : fd for /dev of the container
+@@ -251,7 +251,7 @@ struct lxc_rootfs {
+ 	int dfd_dev;
+ 
+ 	char buf[PATH_MAX];
+-	char *bdev_type;
++	char *__bdev_type;
+ 	bool managed;
+ 	struct lxc_mount_options mnt_opts;
+ 	struct lxc_storage *storage;
+diff --git a/src/lxc/confile.c b/src/lxc/confile.c
+index 7966d32..c52c866 100644
+--- a/src/lxc/confile.c
++++ b/src/lxc/confile.c
+@@ -2795,14 +2795,14 @@ static int set_config_rootfs_path(const char *key, const char *value,
+ 		return ret_errno(ENOMEM);
+ 
+ 	/* Split <storage type>:<container path> into <storage type> and
+-	 * <container path>. Set "rootfs.bdev_type" to <storage type> and
++	 * <container path>. Set "rootfs.__bdev_type" to <storage type> and
+ 	 * "rootfs.path" to <container path>.
+ 	 */
+ 	tmp = strchr(dup, ':');
+ 	if (tmp) {
+ 		*tmp = '\0';
+ 
+-		ret = set_config_path_item(&lxc_conf->rootfs.bdev_type, dup);
++		ret = set_config_path_item(&lxc_conf->rootfs.__bdev_type, dup);
+ 		if (ret < 0)
+ 			return ret_errno(ENOMEM);
+ 
+diff --git a/src/lxc/storage/storage.c b/src/lxc/storage/storage.c
+index c840c68..097540a 100644
+--- a/src/lxc/storage/storage.c
++++ b/src/lxc/storage/storage.c
+@@ -215,7 +215,7 @@ static const struct lxc_storage_type *storage_query(struct lxc_conf *conf)
+ 	size_t i;
+ 	const struct lxc_storage_type *bdev;
+ 	const char *path = conf->rootfs.path;
+-	const char *type = conf->rootfs.bdev_type;
++	const char *type = conf->rootfs.__bdev_type;
+ 
+ 	bdev = get_storage_by_name(path, type);
+ 	if (bdev)
+@@ -641,7 +641,7 @@ struct lxc_storage *storage_init(struct lxc_conf *conf)
+ bool storage_is_dir(struct lxc_conf *conf)
+ {
+ 	struct lxc_storage *orig;
+-	char *type = conf->rootfs.bdev_type;
++	const char *type = conf->rootfs.__bdev_type;
+ 	bool bret = false;
+ 
+ 	if (type)
+diff --git a/src/lxc/storage/storage.h b/src/lxc/storage/storage.h
+index 001a39c..02d6a7f 100644
+--- a/src/lxc/storage/storage.h
++++ b/src/lxc/storage/storage.h
+@@ -98,7 +98,7 @@ struct lxc_storage {
+  *                  trust the config file. If the config file key
+  *                  lxc.rootfs.path is set to <storage type>:<container path>
+  *                  the confile parser will have split this into <storage type>
+- *                  and <container path> and set the <bdev_type> member in the
++ *                  and <container path> and set the <__bdev_type> member in the
+  *                  lxc_rootfs struct to <storage type> and the <path> member
+  *                  will be set to a clean <container path> without the <storage
+  *                  type> prefix. This is the new, clean way of handling storage
diff -Nru lxc-5.0.2/debian/patches/series lxc-5.0.2/debian/patches/series
--- lxc-5.0.2/debian/patches/series	2023-09-22 16:35:52.000000000 +0000
+++ lxc-5.0.2/debian/patches/series	2023-11-30 01:17:33.000000000 +0000
@@ -2,3 +2,4 @@
 0005-lxc.service-Starts-after-remote-fs.target.patch
 0004-nesting-Extend-mount-permissions-in-apparmor-to-allo.patch
 0100-fix-nftables-ipv6.patch
+0101-cherry-pick-fix-ephemeral-copies.patch

Attachment: signature.asc
Description: This is a digitally signed message part


--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 12.3

Hi,

Each of the updates discussed in these requests was included in this
morning's 12.3 bookworm point release.

Regards,

Adam

--- End Message ---
Reply to: