Ubuntu
lxc package

udev fails to update (oneric host, lucid container)

Bug #902190 reported by Gary Poster
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
lxc (Ubuntu)
Fix Released
Medium
Unassigned
Oneiric
Fix Released
Undecided
Unassigned

Bug Description

==================================================
SRU Justification:
1. Impact: container updates can fail as a result of failed mknods
2. Development fix: allow mknod in containers for all devices (but continue restricting use)
3. Stable fix: same as development fix
4. Test case: In a container, do 'mknod /tmp/ppp c 108 0'
5. Regression potential: a typo in the template update could break container creations. However the fix itself will not break containers. Security should not be impacted as the container will not be able to use the devices it creates.
==================================================
You will find when running “apt-get upgrade” (if you have Lucid updates enabled in /etc/apt/sources.list) that you get this error on upgrading udev:

mknod: `/lib/udev/devices/ppp': Operation not permitted

This problem is mentioned on https://help.ubuntu.com/community/LXC#Issues and described many places. Here are two.

http://www.emanuelis.eu/2010/09/15/mknod-lib-udev-devices-ppp-operation-not-permitted-when-updating-ubuntu-10-04-on-virtual-lxc-machine/
http://johnlewis.ie/lxc-firewall-logging-and-udev-upgrade-in-ubuntu/

This seems like an old, known problem, but I did not find a Launchpad bug, so I'm filing it. The change to /var/lib/lxc/server/config seemed to fix it for me (though then revealing bug 892892 next).

See original description
Serge Hallyn (serge-hallyn)
Changed in lxc (Ubuntu):
status: New → Confirmed
Serge Hallyn (serge-hallyn)
Changed in lxc (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Fix Released
Serge Hallyn (serge-hallyn)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in lxc (Ubuntu Oneiric):
status: New → Confirmed
Revision history for this message
Clint Byrum (clint-fewbar) wrote : Please test proposed package

Hello Gary, or anyone else affected,

Accepted lxc into oneiric-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in lxc (Ubuntu Oneiric):
status: Confirmed → Fix Committed
tags: added: verification-needed
Revision history for this message
Gary Poster (gary) wrote :

Hi. I'm trying to verify, but lxc-create no longer works for me, probably because of a careless mistake on my part (updating all proposed packages). I'll keep working on it.

Revision history for this message
Gary Poster (gary) wrote :

To be clear, lxc-create is still broken after I revert lxc to the current, non-proposed version.

Revision history for this message
Gary Poster (gary) wrote :

My lxc is working again (the solution was to clear out the lxc cache).

Unfortunately, it still does not work for me with a fresh lxc--running a lucid container inside an oneiric host. Perhaps the SRU was for running an oneiric container?

Symptoms: as before, during an update, I get this:

Setting up udev (151-12.3) ...
mknod: `/lib/udev/devices/ppp': Operation not permitted

Simply running mknod I get this:

$ sudo mknod /tmp/ppp c 108 0
mknod: `/tmp/ppp': Operation not permitted

Again, my workaround is this: at the bottom of "/var/lib/lxc/server/config" add this snippet:

# Mods to allow udev upgrade
lxc.cgroup.devices.allow = c 108:0 rwm
lxc.cgroup.devices.allow = b 7:0 rwm
lxc.cgroup.devices.allow = c 10:200 rwm

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Can you show the config file for the freshly created config file which does not allow mknod?

Revision history for this message
Gary Poster (gary) wrote :

My apologies, Serge and Clint. I can confirm that this proposed SRU fixes the problem for me, and I don't see any newly introduced problems.

Apparently I had not updated correctly: I was using 0.7.5 -0ubuntu8.2. I see the new config now that I create a new instance with lxc 0.7.5 -0ubuntu8.3.

Thank you.

Martin Pitt (pitti)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.7.5-0ubuntu8.3

---------------
lxc (0.7.5-0ubuntu8.3) oneiric-proposed; urgency=low

  * debian/patches/0010-ubuntu-template-allow-mknod.patch:
    Allow mknod for any device (LP: #902190)
 -- Serge Hallyn <email address hidden> Fri, 09 Dec 2011 16:07:12 -0600

Changed in lxc (Ubuntu Oneiric):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.