Ubuntu
linux package

  1. Yakkety (16.10)
  2. Bug #1645037
  3. Activity log

Activity log for bug #1645037

Date Who What changed Old value New value Message
2016-11-26 20:38:36 Christian Brauner bug added bug
2016-11-26 20:38:36 Christian Brauner attachment added dmesg.log https://bugs.launchpad.net/bugs/1645037/+attachment/4783575/+files/dmesg.log
2016-11-26 20:39:56 Christian Brauner description This bug surfaced when starting ~50 LXC container with LXD in parallel multiple times: # Create the containers for c in c foo{1..50}; do lxc launch images:ubuntu/xenial $c; done # Exectute this loop multiple times until you observe errors. for c in c foo{1..50}; do lxc restart $c & done After this you can ps aux | grep apparmor and you should see output similar to: root 19774 0.0 0.0 12524 1116 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19775 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19776 0.0 0.0 13592 3224 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19778 0.0 0.0 13592 3384 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19780 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19782 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19783 0.0 0.0 13592 3388 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19784 0.0 0.0 13592 3252 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19794 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 root 19795 0.0 0.0 13592 3256 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 apparmor_parser remains stuck even after all LXC/LXD commands have exited. dmesg output yields lines like: [41902.815174] audit: type=1400 audit(1480191089.678:43): apparmor="STATUS" operation="profile_load" profile="unconfined" name="lxd-foo30_</var/lib/lxd>" pid=12545 comm="apparmor_parser" and cat /proc/12545/stack shows: This bug surfaced when starting ~50 LXC container with LXD in parallel multiple times: # Create the containers for c in c foo{1..50}; do lxc launch images:ubuntu/xenial $c; done # Exectute this loop multiple times until you observe errors. for c in c foo{1..50}; do lxc restart $c & done After this you can ps aux | grep apparmor and you should see output similar to: root 19774 0.0 0.0 12524 1116 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19775 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19776 0.0 0.0 13592 3224 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19778 0.0 0.0 13592 3384 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19780 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19782 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19783 0.0 0.0 13592 3388 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19784 0.0 0.0 13592 3252 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19794 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 root 19795 0.0 0.0 13592 3256 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 apparmor_parser remains stuck even after all LXC/LXD commands have exited. dmesg output yields lines like: [41902.815174] audit: type=1400 audit(1480191089.678:43): apparmor="STATUS" operation="profile_load" profile="unconfined" name="lxd-foo30_</var/lib/lxd>" pid=12545 comm="apparmor_parser" and cat /proc/12545/stack shows: [<ffffffff8c9b9378>] aa_remove_profiles+0x88/0x270 21:19  brauner  [<ffffffff8c9ac3e4>] profile_remove+0x144/0x2e0 21:19  brauner  [<ffffffff8c8319b8>] __vfs_write+0x18/0x40 21:19  brauner  [<ffffffff8c832108>] vfs_write+0xb8/0x1b0 21:19  brauner  [<ffffffff8c833565>] SyS_write+0x55/0xc0 21:19  brauner  [<ffffffff8ce952f6>] entry_SYSCALL_64_fastpath+0x1e/0xa8 21:19  brauner  [<ffffffffffffffff>] 0xffffffffffffffff This looks like a potential kernel bug. This bug surfaced when starting ~50 LXC container with LXD in parallel multiple times: # Create the containers for c in c foo{1..50}; do lxc launch images:ubuntu/xenial $c; done # Exectute this loop multiple times until you observe errors. for c in c foo{1..50}; do lxc restart $c & done After this you can ps aux | grep apparmor and you should see output similar to: root 19774 0.0 0.0 12524 1116 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19775 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19776 0.0 0.0 13592 3224 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo30 root 19778 0.0 0.0 13592 3384 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo26 root 19780 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19782 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19783 0.0 0.0 13592 3388 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo43 root 19784 0.0 0.0 13592 3252 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo34 root 19794 0.0 0.0 12524 1208 pts/1 S+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 root 19795 0.0 0.0 13592 3256 pts/1 D+ 20:14 0:00 apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache /var/lib/lxd/security/apparmor/profiles/lxd-foo25 apparmor_parser remains stuck even after all LXC/LXD commands have exited. dmesg output yields lines like: [41902.815174] audit: type=1400 audit(1480191089.678:43): apparmor="STATUS" operation="profile_load" profile="unconfined" name="lxd-foo30_</var/lib/lxd>" pid=12545 comm="apparmor_parser" and cat /proc/12545/stack shows: [<ffffffff8c9b9378>] aa_remove_profiles+0x88/0x270 21:19  brauner  [<ffffffff8c9ac3e4>] profile_remove+0x144/0x2e0 21:19  brauner  [<ffffffff8c8319b8>] __vfs_write+0x18/0x40 21:19  brauner  [<ffffffff8c832108>] vfs_write+0xb8/0x1b0 21:19  brauner  [<ffffffff8c833565>] SyS_write+0x55/0xc0 21:19  brauner  [<ffffffff8ce952f6>] entry_SYSCALL_64_fastpath+0x1e/0xa8 21:19  brauner  [<ffffffffffffffff>] 0xffffffffffffffff This looks like a potential kernel bug.
2016-11-26 20:46:28 Stéphane Graber affects apparmor apparmor (Ubuntu)
2016-11-26 20:46:39 Stéphane Graber bug task added linux (Ubuntu)
2016-11-26 20:46:55 Stéphane Graber nominated for series Ubuntu Zesty
2016-11-26 20:46:55 Stéphane Graber bug task added apparmor (Ubuntu Zesty)
2016-11-26 20:46:55 Stéphane Graber bug task added linux (Ubuntu Zesty)
2016-11-26 20:46:55 Stéphane Graber nominated for series Ubuntu Yakkety
2016-11-26 20:46:55 Stéphane Graber bug task added apparmor (Ubuntu Yakkety)
2016-11-26 20:46:55 Stéphane Graber bug task added linux (Ubuntu Yakkety)
2016-11-26 20:46:55 Stéphane Graber nominated for series Ubuntu Xenial
2016-11-26 20:46:55 Stéphane Graber bug task added apparmor (Ubuntu Xenial)
2016-11-26 20:46:55 Stéphane Graber bug task added linux (Ubuntu Xenial)
2016-11-26 20:47:04 Stéphane Graber linux (Ubuntu Xenial): status New Triaged
2016-11-26 20:47:06 Stéphane Graber linux (Ubuntu Yakkety): status New Triaged
2016-11-26 20:47:09 Stéphane Graber linux (Ubuntu Zesty): status New Triaged
2016-11-26 20:47:17 Stéphane Graber bug task deleted apparmor (Ubuntu Xenial)
2016-11-26 20:47:19 Stéphane Graber bug task deleted apparmor (Ubuntu Yakkety)
2016-11-26 20:47:23 Stéphane Graber bug task deleted apparmor (Ubuntu Zesty)
2016-11-26 20:47:27 Stéphane Graber apparmor (Ubuntu): status New Triaged
2016-11-26 20:47:34 Stéphane Graber apparmor (Ubuntu): assignee John Johansen (jjohansen)
2016-11-27 06:32:48 Stéphane Graber bug added subscriber Ubuntu containers team
2016-12-01 10:20:51 John Johansen linux (Ubuntu Xenial): assignee John Johansen (jjohansen)
2016-12-01 10:20:56 John Johansen linux (Ubuntu Yakkety): assignee John Johansen (jjohansen)
2016-12-01 10:21:01 John Johansen linux (Ubuntu Zesty): assignee John Johansen (jjohansen)
2016-12-01 10:21:07 John Johansen linux (Ubuntu Zesty): status Triaged In Progress
2016-12-01 10:21:13 John Johansen linux (Ubuntu Yakkety): status Triaged In Progress
2016-12-01 10:21:19 John Johansen linux (Ubuntu Xenial): status Triaged In Progress
2017-02-14 12:58:23 Thadeu Lima de Souza Cascardo linux (Ubuntu Xenial): status In Progress Fix Committed
2017-02-14 13:00:43 Thadeu Lima de Souza Cascardo linux (Ubuntu Yakkety): status In Progress Fix Committed
2017-02-21 03:06:26 Launchpad Janitor linux (Ubuntu Zesty): status In Progress Fix Released
2017-02-21 03:06:26 Launchpad Janitor cve linked 2016-1575
2017-02-21 03:06:26 Launchpad Janitor cve linked 2016-1576
2017-02-27 17:14:43 Brad Figg tags verification-needed-xenial
2017-02-27 17:16:31 Brad Figg tags verification-needed-xenial verification-needed-xenial verification-needed-yakkety
2017-03-02 08:46:11 Launchpad Janitor linux (Ubuntu Yakkety): status Fix Committed Fix Released
2017-03-02 08:47:54 Launchpad Janitor linux (Ubuntu Xenial): status Fix Committed Fix Released
2017-03-28 09:27:55 Stefan Bader linux (Ubuntu Xenial): status Fix Released Triaged
2017-03-28 09:28:04 Stefan Bader linux (Ubuntu Yakkety): status Fix Released Triaged
2017-03-29 23:13:19 Launchpad Janitor linux (Ubuntu Yakkety): status Triaged Fix Released
2017-03-29 23:13:19 Launchpad Janitor cve linked 2017-7184
2017-03-30 09:17:25 Stefan Bader linux (Ubuntu Yakkety): status Fix Released Triaged
2017-03-30 15:30:20 Steve Beattie cve unlinked 2017-7184
2017-03-30 15:30:40 Steve Beattie cve unlinked 2016-1575
2017-03-30 15:30:59 Steve Beattie cve unlinked 2016-1576
2017-04-17 11:03:10 Dominique Poulain bug added subscriber Dominique Poulain
2017-07-26 15:57:02 Andy Whitcroft linux (Ubuntu Yakkety): status Triaged Won't Fix
2020-06-01 16:21:18 Stéphane Graber bug task deleted apparmor (Ubuntu)
2020-06-01 16:21:34 Stéphane Graber bug task deleted linux (Ubuntu Xenial)