Confirm that /var/log/apport.log didn't log anything on the host and that /var/log/apport.log in the container shows a crash and there's a matching /var/crash file in the container
# Crash in a user namespace
Impact: regression test
unshare -U -r -f
sleep 1m &
kill -SIGSEGV $!
Confirm that this is processed as a normal crash in /var/log/apport.log and matching crash file
# Crash in a user namespace with a mount namespace and apport forwarding
Impact: regression test
# Normal crash on host
Impact: regression test
stgraber@ castiana: ~$ sleep 1m & castiana: ~$ kill -SIGSEGV $!
[1] 15516
stgraber@
Then make sure the crash was detected in /var/log/apport.log and shows up in /var/crash
# Crash in a proper container without apport
Impact: regression test
lxc launch ubuntu:18.04 c1 forward. socket
lxc exec c1 bash
systemctl stop apport-
rm /run/apport.socket
sleep 1m &
kill -SIGSEGV $!
Confirm that /var/log/apport.log shows "crashed in a container without apport support"
# Crash in a proper container with apport
Impact: regression test
lxc launch ubuntu:18.04 c2
lxc exec c1 bash
sleep 1m &
kill -SIGSEGV $!
Confirm that /var/log/apport.log didn't log anything on the host and that /var/log/apport.log in the container shows a crash and there's a matching /var/crash file in the container
# Crash in a user namespace
Impact: regression test
unshare -U -r -f
sleep 1m &
kill -SIGSEGV $!
Confirm that this is processed as a normal crash in /var/log/apport.log and matching crash file
# Crash in a user namespace with a mount namespace and apport forwarding
Impact: regression test
unshare -U -r -m -f
mount -t tmpfs tmpfs /run
nc -l -U /run/apport.socket &
NCPID=$!
sleep 1m &
kill -SIGSEGV $!
kill $NCPID
Confirm that "/var/log/ apport. log" shows "crashed in a separate mount namespace, ignoring"
# Crash in a user namespace with a pid namespace and a mount namespace and apport forwarding
Impact: security fix
unshare -U -r -m -p -f
mount -t tmpfs tmpfs /run
nc -l -U /run/apport.socket &
NCPID=$!
sleep 1m &
kill -SIGSEGV $!
kill $NCPID
Confirm that "/var/log/ apport. log" shows "crashed in a container with no access to the binary"