This bug was fixed in the package lxc - 3.0.3-0ubuntu1~18.04.1 --------------- lxc (3.0.3-0ubuntu1~18.04.1) bionic; urgency=medium * New upstream bugfix release (LP: #1804755): - CONTRIBUTING: Update reference to kernel coding style - CONTRIBUTING: Link to latest online kernel docs - CONTRIBUTING: Direct readers to CODING_STYLE.md - CODING_STYLE: Mention kernel style in introduction - CONTRIBUTING: Add 'be' to fix grammar - CODING_STLYE: Simplify explanation for use of 'extern' - CODING_STLYE: Remove sections implied by 'kernel style' - CODING_STYLE: Fix non-uniform heading level - CODING_STYLE: Update section header format - cmd: Use parenthesis around complex macro - cmd: Use 'void' instead of empty parameter list - cmd: Do not use braces for single statement block - cmd: Fix whitespace issues - cmd: Use 'const' for static string constant. - cmd: Remove unnecessary whitespace in string - cmd: Put trailing */ on a separate line - cmd: Remove typo'd semicolon - cmd: Do not use comparison to NULL - lxc_init: s/SYSDEBUG()/SYSERROR()/g in remove_self - tools: lxc-attach: add default log priority & cleanups - tools: lxc-cgroup: add default log priority & cleanups - tools: lxc-checkpoint: add default log priority & cleanups - tools: lxc-console: add default log priority & cleanups - tools: lxc-create: add default log priority & cleanups - tools: lxc-destroy: add default log priority & cleanups - tools: lxc-device: add default log priority & cleanups - tools: lxc-execute: add default log priority & cleanups - tools: lxc-start: add default log priority & cleanups - tools: lxc-stop: add default log priority & cleanups - tools: lxc-freeze: add default log priority & cleanups - tools: lxc-unfreeze: add default log priority & cleanups - storage_utils: move duplicated function from tools - tools: fix lxc-execute command parsing - lseek - integer overflow - cmd: lxc-user-nic: change log macro & cleanups - cmd: lxc-usernsexec reorder includes - cmd: move declarations to macro.h - cmd: use utils.{c,h} helpers in lxc-usernsexec - cmd: simplify lxc-usernsexec - cmd: use safe number parsers in lxc-usernsexec - macro: add missing headers - macro: add macvlan properties - tools: Indicate container startup failure - storage: exit() => _exit(). when exec is failed - tools: lxc-wait: add default log priority & cleanups - conf: fix path/lxcpath mixups in tty setup - cmd: use goto for cleanup in lxc-usernsexec - cmd: Do not reassign variable before it is used - cmd: Reduce scope of 'count' variable - cmd: Fix format issues found by clang-format - list: fix indent - utils: split into {file,string}_utils.{c,h} - pam_cgfs: build from the same sources as liblxc - conf: fix devpts mounting when fully unprivileged - macro: s/rexit()/_exit()/g - attach: move struct declaration to top - macro: move macros from attach.c - Makefile: don't allow undefined symbols - autotools: check if compiler is new enough - log: handle strerror_r() versions - autotools: add --{disable,enable}-thread-safety - log: fail build on ENFORCE_THREAD_SAFETY error - {file,string}_utils: remove NO_LOG - initutils: remove useless comment - string_utils: remove unnecessary include - string_utils: remove unused headers - string_utils: add remove_trailing_slashes() - Makefile: remove last pam_cgfs special-casing - conf: add missing headers - Fix typo - ifaddrs: add safe implementation of getifaddrs() - Makefile: conditionalize ifaddrs.h inclusion - execute: skip lxc-init logging when unprivileged - execute: pass /proc/self/fd/ - tests: cleanup get_item.c - build: fix musl - configure: reorder header checks - compiler: add compiler.h header - commands: return -1 on lxc_cmd_get_init_pid() err - tests: add basic.c - tests: cleanup Makefile - commands: ensure -1 is sent on EPIPE for init pid - macro: add LXC_AUDS_ADDR_LEN - macro: move LXC_CMD_DATA_MAX from commands.h - macro: add PTR_TO_INT() and INT_TO_PTR() - macro: add INTTYPE_TO_STRLEN() - caps: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - cgfsng: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - confile: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - log: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - lsm: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - macro: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - lxccontainer: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - monitor: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - network: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - string_utils: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - utils: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - tools: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - conf: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - tests: s/LXC_NUMSTRLEN64/INTTYPE_TO_STRLEN()/ - macro: final INTTYPE_TO_STRLEN() related cleanups - macro: coding style fixes - Makefile: correctly add ifaddrs to noinst_HEADERS - start: remove duplicate macros - caps: move macros to macro header - string_utils: use UINT64_MAX macro - tree-wide: use sizeof on static arrays - Revert "tree-wide: use sizeof on static arrays" - commands: pass around intmax_t - commands: assign before converting to pointer - macro: calculate buffer lengths correctly - Revert "Revert "tree-wide: use sizeof on static arrays"" - macro: move MS_* macros - caps: fix illegal access to array bound - utils: defensive programming - nl: remove duplicated define - syntax error: mismatch brace - commands: better error message - file_utils: add lxc_recv_nointr() - commands: switch to setting errno and returning -1 - log: do not clobber errno - log: save errno on strerror_r() - tree-wide: s/recv()/lxc_recv_nointr()/g - file_utils: add lxc_send_nointr() - tree-wide: s/send()/lxc_send_nointr()/g - nl: save errno on lxc_netns_set_nsid() - log: log_append_logfile() add new error path - lxccontainer: fix dereferenced pointer - lxc: fix build with --disable-werror - utils: improve get_ns_uid() and add get_ns_gid() - utils: improve lxc_switch_uid_gid() - log: support dlog - attach: handle id switching smarter - start: avoid unnecessary syscalls - utils: make lxc_setgroups() return bool - utils: make lxc_switch_uid_gid() return bool - lxccontainer: use correct pid_t type - conf: remove extra MS_BIND with sysfs:mixed - network: use correct type in lxc_netns_set_nsid() - network: add lxc_netns_get_nsid() - remove unused variables - file_utils: remove unused function - network: minor tweaks - add compile flags for dlog - log: add common functions - log: add additional info of dlog - attach: don't shutdown ipc socket in child - security: fix too wide or inconsistent non-owner permissions - attach: report standard shell exit codes - af_unix: add function to remove duplicated codes for set sockaddr - lxccontainer: remove locks from set_cgroup_item() - lxccontainer: remove locks from get_cgroup_item() - apparmor: account for specified rootfs path (closes #2617) - conf: realpath() uses null as second parameter to prevent buffer overflow - start: s/backgrounded/daemonize/g - cgfsng: mark ops with \_\_cgfsng_ops\_\_ attribute - autotools: add -Wimplicit-fallthrough - cgroup: rename container specific cgroup functions - cgroups: s/fullcgpath/container_full_path/g - cgroups: add missing string.h include - cgroups: s/base_cgroup/container_base_path/g - autotools: fix wrong AX_CHECK_COMPILE_FLAG test - compiler: s/\_\_fallthrough\_\_/\_\_fallthrough/g - compiler: s/\_\_noreturn\_\_/\_\_noreturn/g - cgfsng: s/\_\_cgfsng_ops\_\_/\_\_cgfsng_ops/g - macro: add STRLITERALLEN() and STRARRAYLEN() - tree-wide: replace sizeof() with SIZEOF2STRLEN() - compiler: \_\_attribute\_\_((noreturn)) on bionic - autotools: support -Wcast-align - autotools: support -Wstrict-prototypes - network: add netns_getifaddrs() implementation - tree_wide: switch to netns_getifaddrs() - netns_ifaddrs: mark casts as safe - autotools: fix lxc_user_nic build - stop: Only freeze if freezer is available - doc: tweak documentation a little - cgfsng: set errno to ENOENT on get_hierarchy() - cgfsng: s/cgfsng_destroy/cgfsng_payload_destroy/g - cgfsng: s/25/INTTYPE_TO_STRLEN(pid_t)/g - compiler: fix \_\_noreturn on bionic - compiler: add \_\_hot attribute - netns_ifaddrs: fix missing include - autools: prevent dlog build on stable branch - tree-wide: fix includes to fix bionic builds - template: oci template supports for char user info - btrfs: fix btrfs containers - oci-template: Add logic for no /etc/passwd, group - configure: fix -Wimplicit-fallthrough check - utils: add lxc_setup_keyring() - autotools: support -z relro and -z now - netns_ifaddrs: handle IFLA_STATS{64} correctly - syscall_wrappers: add pivot_root() - raw_syscalls: add lxc_raw_execveat() - raw_syscalls: add lxc_raw_clone{_cb}() - raw_syscalls: add lxc_raw_getpid() - autotools: fix lxc init build - autotools: fix lxc-monitord build - autotools: fix lxc-user-nic build - autotools: fix lxc-usernsexec build - tests: add missing build dependencies - netns_ifaddrs: only use struct rtnl_link_stats64 - cgroups: remove unnecessary line - netns_iaddrs: remove unused functions - parse: prefault config file with MAP_POPULATE - cgfsng: avoid tiny race window - utils: fix lxc_set_death_signal() - cgfsng: handle v1 cpuset hierarchy first - syscall_wrappers: move memfd_create() - syscall_wrappers: move setns() - syscall_wrappers: move sethostname() - syscall_wrappers: move unshare() - syscall_wrappers: move signalfd() - raw_syscalls: move lxc_raw_gettid() - tools: lxc-start: remove unused argument - tools: lxc-unshare: remove unnecessary initialization - parse: remove access() check - parse: report errors when failing config parsing - macro: add PATH_MAX - cmd: s/MAXPATHLEN/PATH_MAX/g - conf: s/MAXPATHLEN/PATH_MAX/g - confile: s/MAXPATHLEN/PATH_MAX/g - log: s/MAXPATHLEN/PATH_MAX/g - lxccontainer: s/MAXPATHLEN/PATH_MAX/g - macro: s/MAXPATHLEN/PATH_MAX/g - network: s/MAXPATHLEN/PATH_MAX/g - pam: s/MAXPATHLEN/PATH_MAX/g - start: s/MAXPATHLEN/PATH_MAX/g - terminal: s/MAXPATHLEN/PATH_MAX/g - utils: s/MAXPATHLEN/PATH_MAX/g - storage: s/MAXPATHLEN/PATH_MAX/g - tools: s/MAXPATHLEN/PATH_MAX/g - attach: reset signal mask - start: change log level - file_utils: fix too wide or inconsistent non-owner permissions - attach: fix missing pthread.h include - macro: add NETLINK_DUMP_STRICT_CHK - macro: add SOL_NETLINK - netns_ifaddrs: check for NETLINK_DUMP_STRICT_CHK - parse: do not mask failed parse - test: test invalid config keys - confile: remove unused variable - parse: fix uninitialized pointer access - fix rpm packaging error for static library - fix post section script error for rpm install - conf: log prlimit setup - conf: verify_start_hooks() after lxc.mount.entry - checkpoint: fix running do_dump() - monitor: log cleanups - monitor: checking name too long to make monitor sock name - commands_utils: improve code redundancy to make abstract unix socket name - monitor: fix coding standard - autools: use -fno-strict-aliasing - checkconfig: Handle missing kernel version - lxc-init: log to /dev/console - autotools: fix --disable-commands builds - string_utils: fix global buffer overflow issue - include: simplify strlcpy() - raw_syscalls: ensure function always returns value - confile: fix append_unexp_config_line() - parse: protect against config updates during parse - parse: fix uninitialized value - tree-wide: coding style fixes - start: simplify - autotools: compiler based hardening - coverity: update .travis.yml - coverity: update .travis.yml - coverity: update .travis.yml - coverity: update .travis.yml - coverity: update .travis.yml - confile: do not overwrite global variable - commands: simplify - cgfsng: move increment out of branch - monitord: do not hide global variable - tools/lxc_copy: do not hide global variable - tools/lxc_top: do not hide global variable - tools/lxc_info: do not hide global variable - state: remove tautological check - conf: remove tautological check - conf: use O_CLOEXEC in lxc_pivot_root() - conf: remove tautological check - lxccontainer: remove check from goto target - start: prevent values smaller 0 - tools/lxc_stop: use correct check - cmd/lxc_init: do not hide global variable - coverity: #1440391 - coverity: #1440389 - coverity: #1426130 - storage_utils: add error handling - storage_utils: cleanups - storage_utils: use _exit() instead of exit() in child process - parse: cleanups - dlog: inherit dlog fds - spelling: allocate - spelling: ambiguous - spelling: answer - spelling: architecture - spelling: array - spelling: asynchronous - spelling: backingstorage - spelling: capabilities - spelling: character - spelling: checkpoint - spelling: comma - spelling: command - spelling: committer - spelling: configuration - spelling: constant - spelling: container - spelling: control - spelling: convenience - spelling: could - spelling: describing - spelling: device - spelling: exiting - spelling: explicitly - spelling: feature - spelling: github - spelling: hierarchy - spelling: hoops - spelling: ifindices - spelling: implementations - spelling: inherited - spelling: initialize - spelling: javascript - spelling: keepdata - spelling: libraries - spelling: loglevel - spelling: namespace - spelling: otherwise - spelling: output - spelling: overlayfs - spelling: overridden - spelling: override - spelling: passphrase - spelling: perhaps - spelling: pertains - spelling: portion - spelling: potentially - spelling: returns - spelling: root - spelling: securityfs - spelling: snapshotting - spelling: specified - spelling: specify - spelling: subtracting - spelling: successfully - spelling: syscall - spelling: timeout - spelling: unsigned - spelling: userns - spelling: without - lxcmntent: coding rules - string_utils: coding rules - log: fix too wide or inconsistent non-owner permissions - coverity: move to separate branch - include: correctly include macro.h - Fix spacing error in namespace.c - caps: replace read with lxc_read_nointr - log: replace write with lxc_write_nointr - dlog: move match_dlog_fds() - conf: s/ty/tty/g - pam_cgfs: remove redundancy file utils - cgfs: remove redundancy utils - pam_cgfs: remove dependency from cap & log - utils: fix coding styles - utils: add errno logs for exception case - Adds -qq flags to lvcreate commands - utils: make keyring allocation failure non-fatal - autotools: fix lxc-{create,copy} build - cgfsng: remove freezer requirement - start: don't call cgroup_exit() twice * Bump standards to 4.2.0 - Update lintian overrides -- Stéphane Graber