| 2021-02-22 13:12:46 |
Florian Lohoff |
bug |
|
|
added bug |
| 2021-02-22 13:36:39 |
Julian Andres Klode |
apt (Ubuntu): status |
New |
Invalid |
|
| 2021-02-22 13:45:20 |
Julian Andres Klode |
apt (Ubuntu): status |
Invalid |
New |
|
| 2021-02-22 14:03:04 |
Julian Andres Klode |
affects |
apt (Ubuntu) |
glibc (Ubuntu) |
|
| 2021-02-22 14:03:04 |
Julian Andres Klode |
glibc (Ubuntu): importance |
Undecided |
Critical |
|
| 2021-02-22 14:03:17 |
Julian Andres Klode |
glibc (Ubuntu): status |
New |
Triaged |
|
| 2021-02-22 14:03:36 |
Julian Andres Klode |
tags |
|
rls-hh-incoming |
|
| 2021-02-22 14:07:07 |
Julian Andres Klode |
summary |
apt-key add fails in docker - Fails to run gnupg |
test -x fails inside shell scripts |
|
| 2021-02-22 14:07:32 |
Julian Andres Klode |
description |
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
glibc regression causes test -x to fail inside scripts inside docker/podman:
root@0df2ce5d7a46:/# echo 'test -x /usr/bin/gpg || echo Fail' > a
root@0df2ce5d7a46:/# sh a
Fail
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-02-22 14:07:51 |
Julian Andres Klode |
summary |
test -x fails inside shell scripts |
test -x fails inside shell scripts in containers |
|
| 2021-02-22 15:17:05 |
Julian Andres Klode |
description |
glibc regression causes test -x to fail inside scripts inside docker/podman:
root@0df2ce5d7a46:/# echo 'test -x /usr/bin/gpg || echo Fail' > a
root@0df2ce5d7a46:/# sh a
Fail
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
glibc regression causes test -x to fail inside scripts inside docker/podman:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-02-22 15:17:58 |
Julian Andres Klode |
description |
glibc regression causes test -x to fail inside scripts inside docker/podman:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh is fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-02-22 15:18:30 |
Julian Andres Klode |
description |
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh is fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-02-22 15:19:11 |
Julian Andres Klode |
description |
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-02-22 15:21:08 |
Julian Andres Klode |
description |
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-02-22 15:52:34 |
Julian Andres Klode |
bug task added |
|
libseccomp (Ubuntu) |
|
| 2021-02-22 15:52:39 |
Julian Andres Klode |
libseccomp (Ubuntu): status |
New |
Fix Committed |
|
| 2021-02-22 15:57:06 |
Julian Andres Klode |
libseccomp (Ubuntu): importance |
Undecided |
Critical |
|
| 2021-02-25 16:20:49 |
Matthieu Clemenceau |
tags |
rls-hh-incoming |
fr-1159 rls-hh-incoming |
|
| 2021-02-25 17:19:45 |
Brian Murray |
nominated for series |
|
Ubuntu Hirsute |
|
| 2021-02-25 17:19:45 |
Brian Murray |
bug task added |
|
glibc (Ubuntu Hirsute) |
|
| 2021-02-25 17:19:45 |
Brian Murray |
bug task added |
|
libseccomp (Ubuntu Hirsute) |
|
| 2021-02-25 17:20:04 |
Brian Murray |
tags |
fr-1159 rls-hh-incoming |
fr-1159 |
|
| 2021-02-26 09:22:05 |
Christian Ehrhardt |
bug |
|
|
added subscriber Alex Murray |
| 2021-02-26 12:39:34 |
Gregor Jasny |
bug |
|
|
added subscriber Gregor Jasny |
| 2021-02-27 06:39:58 |
Martin Pitt |
bug watch added |
|
https://bugzilla.redhat.com/show_bug.cgi?id=1900021 |
|
| 2021-02-27 06:40:11 |
Martin Pitt |
bug |
|
|
added subscriber Martin Pitt |
| 2021-03-02 09:07:37 |
Philip Roche |
bug |
|
|
added subscriber Philip Roche |
| 2021-03-02 17:06:22 |
Balint Reczey |
bug task added |
|
runc (Ubuntu) |
|
| 2021-03-02 17:28:22 |
Balint Reczey |
bug task added |
|
docker.io (Ubuntu) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
nominated for series |
|
Ubuntu Groovy |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
glibc (Ubuntu Groovy) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
libseccomp (Ubuntu Groovy) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
docker.io (Ubuntu Groovy) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
runc (Ubuntu Groovy) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
nominated for series |
|
Ubuntu Bionic |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
glibc (Ubuntu Bionic) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
libseccomp (Ubuntu Bionic) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
docker.io (Ubuntu Bionic) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
runc (Ubuntu Bionic) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
nominated for series |
|
Ubuntu Xenial |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
glibc (Ubuntu Xenial) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
libseccomp (Ubuntu Xenial) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
docker.io (Ubuntu Xenial) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
runc (Ubuntu Xenial) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
nominated for series |
|
Ubuntu Focal |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
glibc (Ubuntu Focal) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
libseccomp (Ubuntu Focal) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
docker.io (Ubuntu Focal) |
|
| 2021-03-04 17:29:21 |
Balint Reczey |
bug task added |
|
runc (Ubuntu Focal) |
|
| 2021-03-04 17:36:25 |
Balint Reczey |
docker.io (Ubuntu Hirsute): importance |
Undecided |
Critical |
|
| 2021-03-04 17:36:41 |
Balint Reczey |
glibc (Ubuntu Hirsute): status |
Triaged |
Opinion |
|
| 2021-03-05 13:32:34 |
Tino Didriksen |
bug |
|
|
added subscriber Tino Didriksen |
| 2021-03-08 11:45:35 |
Christian Ehrhardt |
bug |
|
|
added subscriber Ubuntu Server |
| 2021-03-08 11:45:55 |
Christian Ehrhardt |
tags |
fr-1159 |
fr-1159 server-next |
|
| 2021-03-10 13:07:58 |
Paride Legovini |
bug |
|
|
added subscriber Paride Legovini |
| 2021-03-10 15:24:16 |
Balint Reczey |
bug task added |
|
systemd (Ubuntu) |
|
| 2021-03-10 15:28:33 |
Balint Reczey |
systemd (Ubuntu Hirsute): status |
New |
Fix Released |
|
| 2021-03-10 20:51:53 |
Dan Streetman |
description |
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for x/b/f/g
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-03-10 20:56:33 |
Dan Streetman |
description |
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for x/b/f/g
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for x/b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-03-10 20:56:44 |
Dan Streetman |
systemd (Ubuntu Groovy): status |
New |
Fix Released |
|
| 2021-03-10 21:28:29 |
Dan Streetman |
description |
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for x/b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
alternately using docker, this Dockerfile can be used with 'docker build -t foo .' (taken from example in original description)
$ cat Dockerfile
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN bash -c "test -x /bin/bash && echo ok || echo fail"
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-03-10 21:38:41 |
Dan Streetman |
description |
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
alternately using docker, this Dockerfile can be used with 'docker build -t foo .' (taken from example in original description)
$ cat Dockerfile
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN bash -c "test -x /bin/bash && echo ok || echo fail"
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
(SRU template for systemd)
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
alternately using docker, this Dockerfile can be used with 'docker build -t foo .' (taken from example in original description)
$ cat Dockerfile
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN bash -c "test -x /bin/bash && echo ok || echo fail"
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-03-10 21:38:52 |
Dan Streetman |
description |
(SRU template for systemd)
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
alternately using docker, this Dockerfile can be used with 'docker build -t foo .' (taken from example in original description)
$ cat Dockerfile
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN bash -c "test -x /bin/bash && echo ok || echo fail"
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
(SRU template for systemd)
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-03-10 22:14:24 |
Dan Streetman |
description |
(SRU template for systemd)
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
(SRU template for systemd)
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[other info]
this needs fixing in libseccomp as well
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-03-11 11:22:22 |
Balint Reczey |
glibc (Ubuntu Xenial): status |
New |
Invalid |
|
| 2021-03-11 11:22:37 |
Balint Reczey |
glibc (Ubuntu Bionic): status |
New |
Invalid |
|
| 2021-03-11 11:22:52 |
Balint Reczey |
glibc (Ubuntu Focal): status |
New |
Invalid |
|
| 2021-03-11 11:23:05 |
Balint Reczey |
glibc (Ubuntu Groovy): status |
New |
Invalid |
|
| 2021-03-11 12:46:59 |
Simon Déziel |
bug |
|
|
added subscriber Simon Déziel |
| 2021-03-14 13:49:37 |
Oded Arbel |
bug |
|
|
added subscriber Oded Arbel |
| 2021-03-16 23:11:44 |
Launchpad Janitor |
runc (Ubuntu Hirsute): status |
New |
Fix Released |
|
| 2021-03-18 22:38:25 |
Sergio Durigan Junior |
bug |
|
|
added subscriber Sergio Durigan Junior |
| 2021-03-19 00:04:49 |
Łukasz Zemczak |
runc (Ubuntu Groovy): status |
New |
Fix Committed |
|
| 2021-03-19 00:04:53 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2021-03-19 00:04:55 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
| 2021-03-19 00:05:01 |
Łukasz Zemczak |
tags |
fr-1159 server-next |
fr-1159 server-next verification-needed verification-needed-groovy |
|
| 2021-03-19 00:06:54 |
Łukasz Zemczak |
runc (Ubuntu Focal): status |
New |
Fix Committed |
|
| 2021-03-19 00:07:04 |
Łukasz Zemczak |
tags |
fr-1159 server-next verification-needed verification-needed-groovy |
fr-1159 server-next verification-needed verification-needed-focal verification-needed-groovy |
|
| 2021-03-19 00:10:02 |
Łukasz Zemczak |
runc (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2021-03-19 00:10:15 |
Łukasz Zemczak |
tags |
fr-1159 server-next verification-needed verification-needed-focal verification-needed-groovy |
fr-1159 server-next verification-needed verification-needed-bionic verification-needed-focal verification-needed-groovy |
|
| 2021-03-19 17:36:57 |
Mathew Hodson |
bug |
|
|
added subscriber Mathew Hodson |
| 2021-03-19 17:37:04 |
Mathew Hodson |
bug task deleted |
glibc (Ubuntu Hirsute) |
|
|
| 2021-03-19 17:37:17 |
Mathew Hodson |
bug task deleted |
glibc (Ubuntu Groovy) |
|
|
| 2021-03-19 17:37:26 |
Mathew Hodson |
bug task deleted |
glibc (Ubuntu Focal) |
|
|
| 2021-03-19 17:37:35 |
Mathew Hodson |
bug task deleted |
glibc (Ubuntu Bionic) |
|
|
| 2021-03-19 17:37:43 |
Mathew Hodson |
bug task deleted |
glibc (Ubuntu Xenial) |
|
|
| 2021-03-19 17:37:51 |
Mathew Hodson |
bug task deleted |
glibc (Ubuntu) |
|
|
| 2021-03-20 18:39:46 |
Balint Reczey |
bug |
|
|
added subscriber Balint Reczey |
| 2021-03-20 18:40:28 |
Balint Reczey |
bug task added |
|
glibc (Ubuntu) |
|
| 2021-03-20 18:40:48 |
Balint Reczey |
glibc (Ubuntu): status |
New |
Opinion |
|
| 2021-03-26 18:13:12 |
Stiverton |
bug |
|
|
added subscriber Stiverton |
| 2021-03-29 09:18:02 |
Łukasz Zemczak |
systemd (Ubuntu Focal): status |
New |
Fix Committed |
|
| 2021-03-29 10:06:19 |
Łukasz Zemczak |
systemd (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2021-03-29 14:27:41 |
Balint Reczey |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984573 |
|
| 2021-03-29 14:27:41 |
Balint Reczey |
bug task added |
|
docker.io (Debian) |
|
| 2021-03-29 14:27:52 |
Balint Reczey |
bug task deleted |
docker.io (Debian) |
|
|
| 2021-03-29 14:28:08 |
Balint Reczey |
bug task added |
|
systemd (Debian) |
|
| 2021-03-29 18:19:07 |
Bug Watch Updater |
systemd (Debian): status |
Unknown |
Fix Released |
|
| 2021-04-01 18:42:41 |
Dan Streetman |
tags |
fr-1159 server-next verification-needed verification-needed-bionic verification-needed-focal verification-needed-groovy |
fr-1159 server-next verification-done-focal verification-needed verification-needed-bionic verification-needed-groovy |
|
| 2021-04-01 19:01:32 |
Dan Streetman |
tags |
fr-1159 server-next verification-done-focal verification-needed verification-needed-bionic verification-needed-groovy |
fr-1159 server-next verification-done-bionic verification-done-focal verification-needed verification-needed-groovy |
|
| 2021-04-01 19:03:35 |
Dan Streetman |
systemd (Ubuntu Xenial): status |
New |
Invalid |
|
| 2021-04-06 19:51:44 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2021-04-06 19:51:38 |
Launchpad Janitor |
systemd (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
| 2021-04-08 12:16:05 |
Lucas Kanashiro |
tags |
fr-1159 server-next verification-done-bionic verification-done-focal verification-needed verification-needed-groovy |
fr-1159 server-next verification-done verification-done-bionic verification-done-focal verification-done-groovy |
|
| 2021-04-15 10:01:19 |
Launchpad Janitor |
systemd (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2021-04-17 11:51:49 |
Pedro Pinto |
bug |
|
|
added subscriber Pedro Pinto |
| 2021-04-19 13:27:29 |
Launchpad Janitor |
runc (Ubuntu Groovy): status |
Fix Committed |
Fix Released |
|
| 2021-04-19 13:28:06 |
Launchpad Janitor |
runc (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
| 2021-04-19 13:28:33 |
Launchpad Janitor |
runc (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2021-04-20 11:30:14 |
bugproxy |
tags |
fr-1159 server-next verification-done verification-done-bionic verification-done-focal verification-done-groovy |
architecture-s39064 bugnameltc-192453 fr-1159 server-next severity-high targetmilestone-inin2104 |
|
| 2021-04-21 05:14:57 |
Frank Heimes |
bug task added |
|
ubuntu-z-systems |
|
| 2021-04-21 05:15:42 |
Frank Heimes |
tags |
architecture-s39064 bugnameltc-192453 fr-1159 server-next severity-high targetmilestone-inin2104 |
architecture-s39064 bugnameltc-192453 fr-1159 reverse-proxy-bugzilla server-next severity-high targetmilestone-inin2104 |
|
| 2021-05-14 14:32:17 |
Dan Streetman |
description |
(SRU template for systemd)
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[other info]
this needs fixing in libseccomp as well
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
(SRU template for systemd)
[impact]
bash (and some other shells) builtin test command -x operation fails
[test case]
on any affected host system, start nspawn container, e.g.:
$ sudo apt install systemd-container
$ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
$ mkdir h
$ cd h
$ sudo tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
$ sudo systemd-nspawn
Then from a bash shell, verify if test -x works:
root@h:~# ls -l /usr/bin/gpg
-rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
root@h:~# test -x /usr/bin/gpg || echo "fail"
fail
[regression potential]
any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls.
[scope]
this is needed for b/f
this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h
this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g
in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x.
[other info]
this needs fixing in libseccomp as well
[original description]
glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine:
root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
Fail
root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
root@0df2ce5d7a46:/#
root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
Fail
The -f flag works, as does /usr/bin/test:
# bash -c "test -f /usr/bin/gpg || echo Fail"
# bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail"
#
[Original bug report]
root@84b750e443f8:/# lsb_release -rd
Description: Ubuntu Hirsute Hippo (development branch)
Release: 21.04
root@84b750e443f8:/# dpkg -l gnupg apt
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-==========================================
ii apt 2.1.20 amd64 commandline package manager
ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement
Hi,
for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20.
The build fails with:
0E: gnupg, gnupg2 and unupg1 do not seem to be installed, but one of them is required for this operation
The simple Dockerfile to reproduce the error - "docker build -t foo ."
FROM amd64/ubuntu:hirsute
MAINTAINER Florian Lohoff <f@zz.de>
USER root
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get -y install curl gnupg apt \
&& curl https://syncthing.net/release-key.txt | apt-key add -
Breaking it down it this seems to be an issue that there is new functionality in apt/apt-key e.g. security hardening that docker prohibits in its containers. Running this manually works only in an --privileged container.
So adding keys in unpriviledged container or possibly kubernetes will not work anymore.
Flo |
|
| 2021-05-24 20:50:22 |
iav |
bug |
|
|
added subscriber iav |
| 2021-06-03 10:52:40 |
Tommy A. Olsen |
bug |
|
|
added subscriber Tommy A. Olsen |
| 2021-06-12 19:36:33 |
Balint Reczey |
removed subscriber Balint Reczey |
|
|
|
| 2021-07-28 23:17:55 |
Brian Murray |
docker.io (Ubuntu Groovy): status |
New |
Won't Fix |
|
| 2021-07-28 23:18:01 |
Brian Murray |
libseccomp (Ubuntu Groovy): status |
New |
Won't Fix |
|
| 2021-09-15 15:09:48 |
Christian Ehrhardt |
docker.io (Ubuntu): status |
New |
Invalid |
|
| 2021-09-15 15:10:09 |
Christian Ehrhardt |
tags |
architecture-s39064 bugnameltc-192453 fr-1159 reverse-proxy-bugzilla server-next severity-high targetmilestone-inin2104 |
architecture-s39064 bugnameltc-192453 fr-1159 reverse-proxy-bugzilla severity-high targetmilestone-inin2104 |
|
| 2021-09-22 15:23:11 |
Sergio Durigan Junior |
docker.io (Ubuntu Xenial): status |
New |
Won't Fix |
|
| 2021-09-22 15:23:15 |
Lucas Kanashiro |
runc (Ubuntu Xenial): status |
New |
Invalid |
|
| 2021-09-22 15:23:24 |
Sergio Durigan Junior |
docker.io (Ubuntu Bionic): status |
New |
Fix Released |
|
| 2021-09-22 15:23:37 |
Sergio Durigan Junior |
docker.io (Ubuntu Focal): status |
New |
Fix Released |
|
| 2021-09-22 15:23:48 |
Sergio Durigan Junior |
docker.io (Ubuntu Hirsute): status |
New |
Fix Released |
|
| 2021-09-22 15:24:33 |
Sergio Durigan Junior |
docker.io (Ubuntu Bionic): status |
Fix Released |
Invalid |
|
| 2021-09-22 15:24:45 |
Sergio Durigan Junior |
docker.io (Ubuntu Xenial): status |
Won't Fix |
Invalid |
|
| 2021-09-22 15:24:56 |
Sergio Durigan Junior |
docker.io (Ubuntu Focal): status |
Fix Released |
Invalid |
|
| 2021-09-22 15:25:08 |
Sergio Durigan Junior |
docker.io (Ubuntu Hirsute): status |
Fix Released |
Invalid |
|
| 2021-09-22 15:28:09 |
Sergio Durigan Junior |
libseccomp (Ubuntu Xenial): status |
New |
Fix Released |
|
| 2021-09-22 15:28:24 |
Sergio Durigan Junior |
libseccomp (Ubuntu Bionic): status |
New |
Fix Released |
|
| 2021-09-22 15:28:36 |
Sergio Durigan Junior |
libseccomp (Ubuntu Focal): status |
New |
Fix Released |
|
| 2021-09-22 15:54:33 |
Sergio Durigan Junior |
libseccomp (Ubuntu Hirsute): status |
Fix Committed |
Fix Released |
|
| 2021-09-22 15:54:47 |
Sergio Durigan Junior |
libseccomp (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2021-09-22 15:55:28 |
Sergio Durigan Junior |
ubuntu-z-systems: status |
New |
Invalid |
|
| 2021-09-30 16:55:43 |
Mathew Hodson |
bug task deleted |
docker.io (Ubuntu) |
|
|
| 2021-09-30 16:55:54 |
Mathew Hodson |
bug task deleted |
docker.io (Ubuntu Xenial) |
|
|
| 2021-09-30 16:56:04 |
Mathew Hodson |
bug task deleted |
docker.io (Ubuntu Bionic) |
|
|
| 2021-09-30 16:56:12 |
Mathew Hodson |
bug task deleted |
docker.io (Ubuntu Focal) |
|
|
| 2021-09-30 16:56:20 |
Mathew Hodson |
bug task deleted |
docker.io (Ubuntu Groovy) |
|
|
| 2021-09-30 16:56:29 |
Mathew Hodson |
bug task deleted |
docker.io (Ubuntu Hirsute) |
|
|
| 2021-09-30 16:56:50 |
Mathew Hodson |
affects |
ubuntu-z-systems |
ubuntu-translations |
|
| 2021-09-30 16:57:01 |
Mathew Hodson |
bug task deleted |
ubuntu-translations |
|
|
| 2021-09-30 17:20:24 |
Mathew Hodson |
bug task deleted |
glibc (Ubuntu) |
|
|
| 2021-09-30 17:27:08 |
Mathew Hodson |
systemd (Ubuntu Xenial): status |
Invalid |
Won't Fix |
|
| 2021-09-30 17:29:00 |
Mathew Hodson |
runc (Ubuntu Xenial): status |
Invalid |
Won't Fix |
|
| 2021-09-30 17:29:19 |
Mathew Hodson |
removed subscriber Mathew Hodson |
|
|
|
| 2021-09-30 17:29:34 |
Mathew Hodson |
bug watch removed |
https://bugzilla.redhat.com/show_bug.cgi?id=1900021 |
|
|
| 2021-09-30 17:33:12 |
Mathew Hodson |
libseccomp (Ubuntu Groovy): status |
Won't Fix |
Fix Released |
|
