snmpd fails to recognize Docker's overlay filesystem
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Net-SNMP |
Fix Released
|
Unknown
|
|||
net-snmp (Ubuntu) |
Fix Released
|
High
|
Bryce Harrington | ||
Lunar |
Fix Released
|
High
|
Bryce Harrington |
Bug Description
Ubuntu release: 22.04 (Jammy)
Package: https:/
The net-snmp project switched to a new implementation of the fsys hardware module at their 5.8 version. This was not mentioned in the release notes, because the decision was made earlier through the build system. The new version did not recognize the /etc/mtab entry of "overlay" as a supported filesystem, so monitoring / inside a Docker container fails after Bionic (5.7.3), likely in every Ubuntu since Focal (5.8).
The fix happened in this commit, already on their master: https:/
Since it is an added item in a static list, it would be easy to backport to Jammy's 5.9.1, or most other releases really. A refactor happened at some point that makes backporting before a certain version a bit more interesting, but still easy based on the suggestions in this similar issue: https:/
Steps to reproduce:
1. Extract the attached zip with a Dockerfile, a patch, and an snmpd.conf
2. Run "docker build -t repro . && docker run --rm -p 161:161/udp repro" to compile and start a Jammy container with a 5.9.1 snmpd inside.
3. Query the disk table from another terminal: "snmpwalk -v2c -c public 0.0.0.0:161 .1.3.6.
There should be no OID found. Repeat steps 2 and 3 after uncommenting the two lines in the Dockerfile that apply the patch. Now proper data should arrive about the root filesystem.
I would like to get an SRU with this patch for Jammy.
There should be no risk except for snmpd users. The patch is recent and not released, so it is not widely tested yet. It should only impact snmpd users with Docker containers, since it only expands the list of recognized filesystems with "overlay". This feature was broken since Focal, so I assume there aren't many such users.
Related branches
- git-ubuntu bot: Approve
- Bryce Harrington (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 1644 lines (+1375/-3)7 files modifieddebian/changelog (+1149/-0)
debian/control (+3/-2)
debian/patches/add-overlay-support.patch (+26/-0)
debian/patches/series (+2/-0)
debian/patches/snmptrapd-mysql-reconnection-after-hitting-wait_timeout.patch (+154/-0)
debian/rules (+5/-1)
debian/source.apport (+36/-0)
- git-ubuntu bot: Approve
- Andreas Hasenack: Approve
- Canonical Server packageset reviewers: Pending requested
- Canonical Server Core Reviewers: Pending requested
- Canonical Server Reporter: Pending requested
-
Diff: 58 lines (+36/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/add-overlay-support.patch (+28/-0)
debian/patches/series (+1/-0)
Changed in net-snmp (Ubuntu Focal): | |
assignee: | nobody → Bryce Harrington (bryce) |
Changed in net-snmp (Ubuntu Jammy): | |
assignee: | nobody → Bryce Harrington (bryce) |
Changed in net-snmp (Ubuntu Kinetic): | |
assignee: | nobody → Bryce Harrington (bryce) |
Changed in net-snmp (Ubuntu Lunar): | |
assignee: | nobody → Bryce Harrington (bryce) |
no longer affects: | net-snmp (Ubuntu Kinetic) |
no longer affects: | net-snmp (Ubuntu Jammy) |
no longer affects: | net-snmp (Ubuntu Focal) |
Changed in net-snmp (Ubuntu Lunar): | |
importance: | Undecided → High |
status: | New → Fix Committed |
Changed in netsnmp: | |
status: | Unknown → Fix Released |
Thanks for the steps to reproduce and link to the patch. It looks like this would affect kinetic and lunar as well, since the fix looks newer than the current 5.9.3 version included in those releases.