SRU of LXC 2.0.7 (upstream bugfix release)

What is the test plan for this when the package lands in -proposed?

We have autopkgtest coverage for this, combined with manual testing of it prior to release and we also look very closely at bug reports we get upstream from users of distributions which are already shipping this release.

Same thing we've been doing for the past 8 point releases, so far with all issues found before it hit -updates.

Additionally, this package is in Zesty already and has been automatically pushed to thousands of users of the upstream LXC stable PPA and we monitor new bug reports for 2.0.7 very closely.

Oops, bad copy/paste in the first comment, LXCFS has only had 6 previous point releases.

Hello Stéphane, or anyone else affected,

Accepted lxc into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/lxc/2.0.7-0ubuntu1~16.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Stéphane, or anyone else affected,

Accepted lxc into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/lxc/2.0.7-0ubuntu1~16.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

All tests pass, haven't seen any bug report for existing users and haven't seen any problem while using this for a week myself. Mark as verification-done.

This bug was fixed in the package lxc - 2.0.7-0ubuntu1~16.04.1

---------------
lxc (2.0.7-0ubuntu1~16.04.1) xenial; urgency=medium

  * New upstream bugfix release (2.0.7) (LP: #1660844)
    - attach: Close lsm label file descriptor
    - attach: Non-functional changes
    - attach: Simplify lsm_openat()
    - caps: Add lxc_cap_is_set()
    - conf: attach: Save errno across call to close
    - conf: Clearly report to either use drop or keep
    - conf: criu: Add make_anonymous_mount_file()
    - conf: Fix suggest_default_idmap()
    - configure: Add --enable-gnutls option
    - configure: Check for memfd_create()
    - configure: Check whether gettid() is declared
    - configure: Do not allow variable length arrays
    - configure: Remove -Werror=vla
    - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev()
    - conf: Non-functional changes
    - conf: Remove thread-unsafe strsignal + improve log
    - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers
    - log: Add lxc_unix_epoch_to_utc()
    - log: Annotate lxc_unix_epoch_to_utc()
    - log: Drop all timezone conversion functions
    - log: Make sure that date is correctly formatted
    - log: Use lxc_unix_epoch_to_utc()
    - log: Use N/A if getpid() != gettid() when threaded
    - log: Use thread-safe localtime_r()
    - lvm: Suppress warnings about leaked files
    - lxccontainer: Log failure to send sig to init pid
    - monitor: Add more logging
    - monitor: Close mainloop on exit if we opened it
    - monitor: Improve log + set log level to DEBUG
    - monitor: Log which pipe fd is currently used
    - monitor: Make lxc-monitord async signal safe
    - monitor: Non-functional changes
    - python3-lxc: Fix api_test.py on s390x
    - start: Check for CAP_SETGID before setgroups()
    - start: Fix execute and improve setgroups() calls
    - state: Use async signal safe fun in lxc_wait()
    - templates: lxc-debian: Don't read from /usr/lib/systemd on the host
    - templates: lxc-debian: Fix getty service startup
    - templates: lxc-debian: Fix typo with dpkg --print-foreign-architectures
    - templates: lxc-debian: Handle ppc hostarch -> powerpc
    - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2
    - templates: lxc-opensuse: Remove libgcc_s1
    - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy
    - templates: lxc-opensuse: Set to be unconfined by AppArmor
    - templates: lxc-opensuse: Update for Leap 42.2
    - tests; Don't cause test failures on cleanup errors
    - tests: Skip unpriv tests on broken overlay module
    - tools: Improve logging
    - tools: lxc-start: Remove c->is_defined(c) check
    - tools: lxc-start: Set configfile after load_config
    - tools: Only check for O_RDONLY
    - tree-wide: Random macro cleanups
    - tree-wide: Remove any variable length arrays
    - tree-wide: Sic semper assertis!
    - utils: Add macro __LXC_NUMSTRLEN
    - utils: Add uid, gid, group convenience wrappers

  * Cherry-pick upstream bugfix:
    - 0002-Make-lxc-start-ephemeral-Python-3.2-compatible.patch

  * Resolve lintian warnings
    - Drop un-needed overrides
    - Fix typos in debian/control

...

The verification of the Stable Release Update for lxc has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package lxc - 2.0.7-0ubuntu1~16.10.1

---------------
lxc (2.0.7-0ubuntu1~16.10.1) yakkety; urgency=medium

  * New upstream bugfix release (2.0.7) (LP: #1660844)
    - attach: Close lsm label file descriptor
    - attach: Non-functional changes
    - attach: Simplify lsm_openat()
    - caps: Add lxc_cap_is_set()
    - conf: attach: Save errno across call to close
    - conf: Clearly report to either use drop or keep
    - conf: criu: Add make_anonymous_mount_file()
    - conf: Fix suggest_default_idmap()
    - configure: Add --enable-gnutls option
    - configure: Check for memfd_create()
    - configure: Check whether gettid() is declared
    - configure: Do not allow variable length arrays
    - configure: Remove -Werror=vla
    - configure: Use AC_HEADER_MAJOR to detect major()/minor()/makedev()
    - conf: Non-functional changes
    - conf: Remove thread-unsafe strsignal + improve log
    - init: Add cgroupfs-mount to Should-Start/Stop sysvinit LSB headers
    - log: Add lxc_unix_epoch_to_utc()
    - log: Annotate lxc_unix_epoch_to_utc()
    - log: Drop all timezone conversion functions
    - log: Make sure that date is correctly formatted
    - log: Use lxc_unix_epoch_to_utc()
    - log: Use N/A if getpid() != gettid() when threaded
    - log: Use thread-safe localtime_r()
    - lvm: Suppress warnings about leaked files
    - lxccontainer: Log failure to send sig to init pid
    - monitor: Add more logging
    - monitor: Close mainloop on exit if we opened it
    - monitor: Improve log + set log level to DEBUG
    - monitor: Log which pipe fd is currently used
    - monitor: Make lxc-monitord async signal safe
    - monitor: Non-functional changes
    - python3-lxc: Fix api_test.py on s390x
    - start: Check for CAP_SETGID before setgroups()
    - start: Fix execute and improve setgroups() calls
    - state: Use async signal safe fun in lxc_wait()
    - templates: lxc-debian: Don't read from /usr/lib/systemd on the host
    - templates: lxc-debian: Fix getty service startup
    - templates: lxc-debian: Fix typo with dpkg --print-foreign-architectures
    - templates: lxc-debian: Handle ppc hostarch -> powerpc
    - templates: lxc-opensuse: Change openSUSE default release to Leap 42.2
    - templates: lxc-opensuse: Remove libgcc_s1
    - templates: lxc-opensuse: Remove poweroff.target -> sigpwr.target copy
    - templates: lxc-opensuse: Set to be unconfined by AppArmor
    - templates: lxc-opensuse: Update for Leap 42.2
    - tests; Don't cause test failures on cleanup errors
    - tests: Skip unpriv tests on broken overlay module
    - tools: Improve logging
    - tools: lxc-start: Remove c->is_defined(c) check
    - tools: lxc-start: Set configfile after load_config
    - tools: Only check for O_RDONLY
    - tree-wide: Random macro cleanups
    - tree-wide: Remove any variable length arrays
    - tree-wide: Sic semper assertis!
    - utils: Add macro __LXC_NUMSTRLEN
    - utils: Add uid, gid, group convenience wrappers

  * Cherry-pick upstream bugfix:
    - 0002-Make-lxc-start-ephemeral-Python-3.2-compatible.patch

  * Resolve lintian warnings
    - Drop un-needed overrides
    - Fix typos in debian/control
...