CONFIG_AUFS_XATTR is not set

Bug #1557776 reported by Fabien COMBERNOUS on 2016-03-15
56
This bug affects 13 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
High
Tim Gardner
Wily
Undecided
Unassigned
Xenial
High
Canonical Kernel Team
Yakkety
High
Tim Gardner

Bug Description

I am using ubuntu 15.10 with kernel linux-image-4.2.0-27-generic.
The setting CONFIG_AUFS_XATTR is not set.

With the previous ubuntu version 15.04 and linux-image-3.19.0-42-generic this setting was compiled as CONFIG_AUFS_XATTR=y

Without CONFIG_AUFS_XATTR docker users using the AUFS driver can not work with capabilities.

Yang Luo (hsluoyz) wrote :

Any updates on this issue?

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-lts-wily (Ubuntu):
status: New → Confirmed
Changed in linux-lts-wily (Ubuntu):
assignee: nobody → Canonical Kernel Team (canonical-kernel-team)
importance: Undecided → High
status: Confirmed → Triaged
Changed in linux (Ubuntu Wily):
status: New → Confirmed
Tim Gardner (timg-tpi) on 2016-04-21
affects: linux-lts-wily (Ubuntu Wily) → linux (Ubuntu Wily)
Tim Gardner (timg-tpi) on 2016-04-21
Changed in linux (Ubuntu Wily):
status: New → In Progress
Changed in linux (Ubuntu Xenial):
status: Triaged → In Progress
Changed in linux (Ubuntu Wily):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Kamal Mostafa (kamalmostafa) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-xenial
Fabien COMBERNOUS (fc.) wrote :

I installed linux-image-4.2.0-36-generic, version 4.2.0-36.41 from wily-proposed.
I got yet :
$> grep AUFS_X /boot/config-4.2.0-36-generic
# CONFIG_AUFS_XATTR is not set

Brad Figg (brad-figg) wrote :

@Fabien,

The comment was to verify it on xenial, the commit has not made it to Wily yet. I have just verified it's fixed in Xenial.

tags: added: verification-done-xenial
removed: verification-needed-xenial
martins (martins256) wrote :

@BradFigg,
on ubuntu 16.04 it isn't set to y:
grep AUFS_X /boot/config-4.4.0-21-generic
# CONFIG_AUFS_XATTR is not set

You can check whether the problem with docker still persists by running this:
docker run --rm -ti centos:7 yum install -y httpd

Right now it fails with:
error: unpacking of archive failed on file /usr/sbin/suexec: cpio: cap_set_file

Tim Gardner (timg-tpi) wrote :

martins - the fix for Xenial is in Ubuntu-4.4.0-22.38

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.4.0-22.39

---------------
linux (4.4.0-22.39) xenial; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1578721

  * LP: #1578705
    - bpf: fix double-fdput in replace_map_fd_with_map_ptr()

 -- Kamal Mostafa <email address hidden> Thu, 05 May 2016 09:30:58 -0700

Changed in linux (Ubuntu):
status: In Progress → Fix Released
Kamal Mostafa (kamalmostafa) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-wily' to 'verification-done-wily'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-wily
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.2.0-38.45

---------------
linux (4.2.0-38.45) wily; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

 -- Andy Whitcroft <email address hidden> Wed, 08 Jun 2016 22:10:39 +0100

Changed in linux (Ubuntu Wily):
status: Fix Committed → Fix Released
Brad Koehn (l-brad-y) wrote :

Any chance we'll see this in the 14.04 kernels (3.13)?

Tim Gardner (timg-tpi) wrote :

Brad - CONFIG_AUFS_XATTR does not exist in a 3.13 kernel.

Brad Koehn (l-brad-y) wrote :

Ah. Ok, thanks.

Huang YangWen (yangwen5301) wrote :

Are we able to change the kernel of 14.04 to support docker images? Cause upgrading to 16.04.1 ruins my fakeRaid with devicemapper set.

Xavier Aragon (xarax-lp) wrote :

In Ubuntu 16.10 the kernel configuration seems to have again

# CONFIG_AUFS_XATTR is not set

I'm wondering if this is intentional or by mistake. Observed from linux-image-4.8.0-21-generic_4.8.0-21.23_amd64.deb.

Tim Gardner (timg-tpi) on 2016-10-10
Changed in linux (Ubuntu Yakkety):
assignee: Canonical Kernel Team (canonical-kernel-team) → Tim Gardner (timg-tpi)
status: Fix Released → In Progress
Tim Gardner (timg-tpi) on 2016-10-11
Changed in linux (Ubuntu Yakkety):
status: In Progress → Fix Committed
Seth Forshee (sforshee) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-yakkety' to 'verification-done-yakkety'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-yakkety
Seth Forshee (sforshee) on 2016-11-07
tags: added: verification-done-yakkety
removed: verification-needed-yakkety
Seth Forshee (sforshee) wrote :

Verified that this option is set in the proposed xenial kernel.

Launchpad Janitor (janitor) wrote :
Download full text (3.4 KiB)

This bug was fixed in the package linux - 4.8.0-27.29

---------------
linux (4.8.0-27.29) yakkety; urgency=low

  [ Seth Forshee ]

  * Release Tracking Bug
    - LP: #1635377

  * proc_keys_show crash when reading /proc/keys (LP: #1634496)
    - SAUCE: KEYS: ensure xbuf is large enough to fix buffer overflow in
      proc_keys_show (LP: #1634496)

  * Revert "If zone is so small that watermarks are the same, stop zone balance"
    in yakkety (LP: #1632894)
    - Revert "UBUNTU: SAUCE: (no-up) If zone is so small that watermarks are the
      same, stop zone balance."

  * lts-yakkety 4.8 cannot mount lvm raid1 (LP: #1631298)
    - SAUCE: (no-up) dm raid: fix compat_features validation

  * kswapd0 100% CPU usage (LP: #1518457)
    - SAUCE: (no-up) If zone is so small that watermarks are the same, stop zone
      balance.

  * [Trusty->Yakkety] powerpc/64: Fix incorrect return value from
    __copy_tofrom_user (LP: #1632462)
    - SAUCE: (no-up) powerpc/64: Fix incorrect return value from
      __copy_tofrom_user

  * Ubuntu 16.10: Oops panic in move_page_tables/page_remove_rmap after running
    memory_stress_ng. (LP: #1628976)
    - SAUCE: (no-up) powerpc/pseries: Fix stack corruption in htpe code

  * Paths not failed properly when unmapping virtual FC ports in VIOS (using
    ibmvfc) (LP: #1632116)
    - scsi: ibmvfc: Fix I/O hang when port is not mapped

  * [Ubuntu16.10]KV4.8: kernel livepatch config options are not set
    (LP: #1626983)
    - [Config] Enable live patching on powerpc/ppc64el

  * CONFIG_AUFS_XATTR is not set (LP: #1557776)
    - [Config] CONFIG_AUFS_XATTR=y

  * Yakkety update to 4.8.1 stable release (LP: #1632445)
    - arm64: debug: avoid resetting stepping state machine when TIF_SINGLESTEP
    - Using BUG_ON() as an assert() is _never_ acceptable
    - usb: misc: legousbtower: Fix NULL pointer deference
    - Staging: fbtft: Fix bug in fbtft-core
    - usb: usbip: vudc: fix left shift overflow
    - USB: serial: cp210x: Add ID for a Juniper console
    - Revert "usbtmc: convert to devm_kzalloc"
    - ALSA: hda - Adding one more ALC255 pin definition for headset problem
    - ALSA: hda - Fix headset mic detection problem for several Dell laptops
    - ALSA: hda - Add the top speaker pin config for HP Spectre x360
    - Linux 4.8.1

  * PSL data cache should be flushed before resetting CAPI adapter
    (LP: #1632049)
    - cxl: Flush PSL cache before resetting the adapter

  * thunder nic: avoid link delays due to RX_PACKET_DIS (LP: #1630038)
    - net: thunderx: Don't set RX_PACKET_DIS while initializing

  * crypto/vmx/p8_ghash memory corruption (LP: #1630970)
    - crypto: ghash-generic - move common definitions to a new header file
    - crypto: vmx - Fix memory corruption caused by p8_ghash
    - crypto: vmx - Ensure ghash-generic is enabled

  * arm64: SPCR console not autodetected (LP: #1630311)
    - of/serial: move earlycon early_param handling to serial
    - [Config] CONFIG_ACPI_SPCR_TABLE=y
    - ACPI: parse SPCR and enable matching console
    - ARM64: ACPI: enable ACPI_SPCR_TABLE
    - serial: pl011: add console matching function

  * include/linux/security.h header syntax error with !CONFIG_SECURITYFS
...

Read more...

Changed in linux (Ubuntu Yakkety):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.8.0-30.32

---------------
linux (4.8.0-30.32) yakkety; urgency=low

  * CVE-2016-8655 (LP: #1646318)
    - packet: fix race condition in packet_set_ring

 -- Brad Figg <email address hidden> Thu, 01 Dec 2016 08:02:53 -0800

Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers