LXC-unshare network namespace segfaulting

Bug #1011603 reported by Ahmed Kamal on 2012-06-11
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lxc (Ubuntu)
Medium
Serge Hallyn
Precise
Undecided
Unassigned
Quantal
Medium
Serge Hallyn

Bug Description

============ SRU justification ============
Impact: lxc-unshare segfaults when run with no command
Development fix: exit with a failure message if no command is givne.
Stable fix: same as development fix
Test case:
 sudo lxc-unshare -s MOUNT
 dmesg | tail
 without the fix, the command will silently return, while dmesg
 will show a segfault. With the fix, lxc-unshare will warn that
 a command is required.
Regression potential:
 None.

================================

root@ubuntu:~# lxc-unshare -s NETWORK
root@ubuntu:~# tail -1 /var/log/syslog
Jun 11 14:54:07 ubuntu kernel: [ 9386.305870] lxc-unshare[21539]: segfault at 0 ip 00007f0fc03aea52 sp 00007fff63819f00 error 4 in libc-2.15.so[7f0fc02f0000+1b3000]

and is not creating a new network namespace

Changed in lxc (Ubuntu):
status: New → Confirmed
importance: Undecided → High
importance: High → Medium
Serge Hallyn (serge-hallyn) wrote :

Thanks for reporting this bug.

The problem is (I believe) that lxc-unshare isn't properly handling the case where no arguments are specified. As a workaround, do

lxc-unshare -s NETWORK /bin/bash

and you'll get a root prompt in the new namespace.

tags: added: bitesize
Changed in lxc (Ubuntu):
status: Confirmed → Triaged
Changed in lxc (Ubuntu Quantal):
assignee: nobody → Serge Hallyn (serge-hallyn)
status: Triaged → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.8.0~rc1-4ubuntu13

---------------
lxc (0.8.0~rc1-4ubuntu13) quantal; urgency=low

  * 0086-lxc-unshare-zero-args: fix lxc-unshare segfaulting when no command
    is given (LP: #1011603)
  * 0087-lxc-ls-dash: fix lxc-ls for containers whose names start with a
    dash (LP: #1006332)
  * 0088-ubuntu-template-flock: don't fail when flock is busy, just wait,
    so concurrent lxc-creates don't break. (LP: #1007483)
  * 0089-lxc-netstat-exec: fix lxc-netstat errors (LP: #1011739)
 -- Serge Hallyn <email address hidden> Mon, 11 Jun 2012 15:46:25 +0000

Changed in lxc (Ubuntu Quantal):
status: In Progress → Fix Released
description: updated

Hello Ahmed, or anyone else affected,

Accepted lxc into precise-proposed. The package will build now and be available in a few hours. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in lxc (Ubuntu Precise):
status: New → Fix Committed
tags: added: verification-needed
Stéphane Graber (stgraber) wrote :

No more segfault and getting the error message, that's a pass.

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.7.5-3ubuntu59

---------------
lxc (0.7.5-3ubuntu59) precise-proposed; urgency=low

  [ Serge Hallyn ]
  * 0085-pivot-dir: use a directory other than /mnt to put the pivot_root
    old dir into (LP: #986385)
  * 0086-lxc-unshare-zero-args: fix lxc-unshare segfaulting when no command
    is given (LP: #1011603)
  * 0087-lxc-ls-dash: fix lxc-ls for containers whose names start with a
    dash (LP: #1006332)
  * 0088-ubuntu-template-flock: don't fail when flock is busy, just wait,
    so concurrent lxc-creates don't break. (LP: #1007483)
  * debian/rules, debian/lxc.apport: install apport hook (LP: #1011644)

  [ Stéphane Graber ]
  * Ship /etc/dnsmasq.d/lxc to configure an eventual system wide
    dnsmasq daemon not to listen on the LXC bridge interface. (LP: #928524)
 -- Serge Hallyn <email address hidden> Mon, 11 Jun 2012 19:56:30 -0500

Changed in lxc (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers