Ubuntu
cgmanager package

cgm all should work on unbound cgroups

Bug #1317687 reported by Serge Hallyn
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cgmanager (Ubuntu)
Fix Released
High
Unassigned
Trusty
Fix Released
High
Unassigned

Bug Description

===================================================
Impact: unprivileged users may not be able to start containers
Test case: log into a system without libpam-logind installed, so that you are in cgroup /.
 sudo cgm create all c1
 sudo chown all c1 $(id -u) $(id -g)
 cgm movepid all c1 $$
 lxc-create -t download -n c1 -- -d ubuntu -r trusty -a amd64
 lxc-start -n c1
This should succeed, but will fail with warnings about the name=systemd cgroup.
===================================================

If a user does 'cgm movepid all xxx $$', they likely want to be moved into cgroup xxx for the name=systemd controller as well.

See original description
Serge Hallyn (serge-hallyn)
Changed in cgmanager (Ubuntu):
importance: Undecided → High
status: New → Triaged
Changed in cgmanager (Ubuntu Trusty):
importance: Undecided → High
status: New → Confirmed
Serge Hallyn (serge-hallyn)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cgmanager - 0.26-0ubuntu2

---------------
cgmanager (0.26-0ubuntu2) utopic; urgency=low

  * 0001-cgm-make-all-also-reference-name-systemd.patch: make cgm all
    also act on the name=systemd container (LP: #1317687)
 -- Serge Hallyn <email address hidden> Thu, 08 May 2014 17:58:29 -0500

Changed in cgmanager (Ubuntu):
status: Triaged → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Serge, or anyone else affected,

Accepted cgmanager into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/cgmanager/0.24-0ubuntu6 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in cgmanager (Ubuntu Trusty):
status: Confirmed → Fix Committed
tags: added: verification-needed
Serge Hallyn (serge-hallyn)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cgmanager - 0.24-0ubuntu6

---------------
cgmanager (0.24-0ubuntu6) trusty-proposed; urgency=low

  * 0002-exit-on-startup-error: Don't proceed to accept client connections
    if we failed to connect to the server. (LP: #1317693)
  * 0003-proxy-wait-2-seconds-for-server-reply: do not wait indefinately
    for replies from the cgmanager, as it may have crashed. (LP: #1317623)
  * 0004-Implement-getpidcgroupabs.patch: Provide a way for clients to
    query absolute paths which can be used with MovePidAbs (LP: #1315052)
  * 0005-get_controller_path-use-the-is_same_controller-helpe.patch: Fix
    handling of name=systemd so that containers can be properly entered
    into the proper cgroup. (LP: #1315521)
  * 0006-cgm-make-all-also-reference-name-systemd.patch: make cgm all
    also act on the name=systemd container (LP: #1317687)
 -- Serge Hallyn <email address hidden> Thu, 08 May 2014 18:02:50 -0500

Changed in cgmanager (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Scott Kitterman (kitterman) wrote : Update Released

The verification of the Stable Release Update for cgmanager has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.