2018-03-12 17:58:47 |
xantares |
bug |
|
|
added bug |
2018-03-13 07:06:33 |
Michael Hudson-Doyle |
bug watch added |
|
https://github.com/docker/for-linux/issues/208 |
|
2018-05-23 21:56:49 |
Andreas Hasenack |
bug task added |
|
libseccomp (Ubuntu) |
|
2018-06-05 17:00:31 |
Felix Abecassis |
bug watch added |
|
https://github.com/opencontainers/runtime-spec/issues/972 |
|
2018-12-03 09:45:46 |
Laurent Rineau |
bug |
|
|
added subscriber Laurent Rineau |
2018-12-25 17:48:56 |
Launchpad Janitor |
docker.io (Ubuntu): status |
New |
Confirmed |
|
2018-12-25 17:48:56 |
Launchpad Janitor |
libseccomp (Ubuntu): status |
New |
Confirmed |
|
2019-02-07 08:44:42 |
Lukáš Karas |
bug |
|
|
added subscriber Lukáš Karas |
2019-02-07 10:27:27 |
xantares |
attachment added |
|
libsecomp231-statx.patch https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1755250/+attachment/5236693/+files/libsecomp231-statx.patch |
|
2019-02-07 12:23:20 |
Ubuntu Foundations Team Bug Bot |
tags |
|
patch |
|
2019-02-07 12:23:26 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Review Team |
2019-02-08 08:24:52 |
Christian Ehrhardt |
nominated for series |
|
Ubuntu Cosmic |
|
2019-02-08 08:24:52 |
Christian Ehrhardt |
bug task added |
|
libseccomp (Ubuntu Cosmic) |
|
2019-02-08 08:24:52 |
Christian Ehrhardt |
bug task added |
|
docker.io (Ubuntu Cosmic) |
|
2019-02-08 08:24:52 |
Christian Ehrhardt |
nominated for series |
|
Ubuntu Bionic |
|
2019-02-08 08:24:52 |
Christian Ehrhardt |
bug task added |
|
libseccomp (Ubuntu Bionic) |
|
2019-02-08 08:24:52 |
Christian Ehrhardt |
bug task added |
|
docker.io (Ubuntu Bionic) |
|
2019-02-08 08:25:00 |
Christian Ehrhardt |
libseccomp (Ubuntu Cosmic): status |
New |
Fix Released |
|
2019-02-08 08:25:02 |
Christian Ehrhardt |
libseccomp (Ubuntu): status |
Confirmed |
Fix Released |
|
2019-02-08 08:25:04 |
Christian Ehrhardt |
libseccomp (Ubuntu Bionic): status |
New |
Triaged |
|
2019-02-08 08:25:07 |
Christian Ehrhardt |
docker.io (Ubuntu Cosmic): status |
New |
Invalid |
|
2019-02-08 08:25:08 |
Christian Ehrhardt |
docker.io (Ubuntu Bionic): status |
New |
Invalid |
|
2019-02-08 08:25:11 |
Christian Ehrhardt |
docker.io (Ubuntu): status |
Confirmed |
Invalid |
|
2019-02-08 08:55:46 |
Christian Ehrhardt |
description |
Hello maintainer,
The docker version 17.03 (bionic) in ubuntu doesn't allow the statx syscall which is needed to build qt >=5.10 applications:
https://github.com/docker/for-linux/issues/208#issuecomment-372400859
Could this fix be backported in the ubuntu package ?
https://github.com/moby/moby/pull/36417
regards,
xan. |
[Impact]
* Some newer workloads fail due to libseccomp as in Bionic lacking statx support
* This backports the syscall definitions for statx to Bionic to allow to manage those
[Test Case]
# Note: I took a KVM image of Bionic to not spoil my system with Docker config for this test too much
$ sudo apt install docker.io
$ sudo usermod -a -G docker ubuntu
$ cat > test-statx/Dockerfile << EOF
FROM ubuntu:18.04
RUN apt-get update && apt-get install -y wget gcc
WORKDIR /tmp
RUN wget -q https://raw.githubusercontent.com/torvalds/linux/master/samples/statx/test-statx.c
RUN gcc test-statx.c -o test-statx
RUN touch test-file
RUN chmod +x ./test-statx
RUN ./test-statx test-file
EOF
$ docker build test-statx
With the bug and current docker 18.06.1-0ubuntu1~18.04.1 in Bionic that yields
[...]
Step 8/8 : RUN ./test-statx test-file
---> Running in 6e60a82409e6
test-file: Operation not permitted
statx(test-file) = -1
The command '/bin/sh -c ./test-statx test-file' returned a non-zero code: 1
With the fix applied it would work and look like:
Step 8/8 : RUN ./test-statx test-file
---> Running in a83bc043e7bd
statx(test-file) = 0
results=fff
Size: 0 Blocks: 0 IO Block: 4096 regular file
Device: 00:32 Inode: 261994 Links: 1
Access: (0644/-rw-r--r--) Uid: 0 Gid: 0
Access: 2019-02-08 07:57:42.000000000+0000
Modify: 2019-02-08 07:57:42.000000000+0000
Change: 2019-02-08 07:57:43.076507007+0000
Birth: 2019-02-08 07:57:43.076507007+0000
Attributes: 0000000000000000 (........ ........ ........ ........ ........ ........ ....-... .---.-..)
Removing intermediate container a83bc043e7bd
---> d428d14cbc57
Successfully built d428d14cbc57
[Regression Potential]
* This "only" defines a new syscall number for all the architectures. It does not make any other changes, thereby it should be rather safe. If anything software could now manage statx through libseccomp and behavior that was formerly failing (like the reported docker case) would not succeed and due to that be a change in behavior - but I think it is a wanted change.
[Other Info]
* n/a
---
Hello maintainer,
The docker version 17.03 (bionic) in ubuntu doesn't allow the statx syscall which is needed to build qt >=5.10 applications:
https://github.com/docker/for-linux/issues/208#issuecomment-372400859
Could this fix be backported in the ubuntu package ?
https://github.com/moby/moby/pull/36417
regards,
xan. |
|
2019-02-08 09:01:07 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/ubuntu/+source/libseccomp/+git/libseccomp/+merge/362906 |
|
2019-02-08 09:13:47 |
Christian Ehrhardt |
bug |
|
|
added subscriber Ubuntu Server |
2019-02-08 09:13:54 |
Christian Ehrhardt |
tags |
patch |
patch server-next |
|
2019-02-08 09:14:00 |
Christian Ehrhardt |
libseccomp (Ubuntu Bionic): assignee |
|
Christian Ehrhardt (paelzer) |
|
2019-02-12 07:51:18 |
Christian Ehrhardt |
libseccomp (Ubuntu Bionic): status |
Triaged |
In Progress |
|
2019-02-27 20:35:25 |
Brian Murray |
libseccomp (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
2019-02-27 20:35:30 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2019-02-27 20:35:33 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
2019-02-27 20:35:39 |
Brian Murray |
tags |
patch server-next |
patch server-next verification-needed verification-needed-bionic |
|
2019-02-28 09:50:13 |
Christian Ehrhardt |
tags |
patch server-next verification-needed verification-needed-bionic |
patch server-next verification-done verification-done-bionic |
|
2019-03-07 10:08:04 |
Łukasz Zemczak |
libseccomp (Ubuntu Bionic): status |
Fix Committed |
Incomplete |
|
2019-03-07 11:26:49 |
Christian Ehrhardt |
libseccomp (Ubuntu Bionic): status |
Incomplete |
Fix Committed |
|
2019-03-11 18:33:13 |
Launchpad Janitor |
libseccomp (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
2019-03-11 18:33:22 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|