Ubuntu
lxc package

LXC-unshare network namespace segfaulting

Bug #1011603 reported by Ahmed Kamal
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lxc (Ubuntu)
Fix Released
Medium
Serge Hallyn
Precise
Fix Released
Undecided
Unassigned
Quantal
Fix Released
Medium
Serge Hallyn

Bug Description

============ SRU justification ============
Impact: lxc-unshare segfaults when run with no command
Development fix: exit with a failure message if no command is givne.
Stable fix: same as development fix
Test case:
 sudo lxc-unshare -s MOUNT
 dmesg | tail
 without the fix, the command will silently return, while dmesg
 will show a segfault. With the fix, lxc-unshare will warn that
 a command is required.
Regression potential:
 None.

================================

root@ubuntu:~# lxc-unshare -s NETWORK
root@ubuntu:~# tail -1 /var/log/syslog
Jun 11 14:54:07 ubuntu kernel: [ 9386.305870] lxc-unshare[21539]: segfault at 0 ip 00007f0fc03aea52 sp 00007fff63819f00 error 4 in libc-2.15.so[7f0fc02f0000+1b3000]

and is not creating a new network namespace

See original description
Serge Hallyn (serge-hallyn)
Changed in lxc (Ubuntu):
status: New → Confirmed
importance: Undecided → High
importance: High → Medium
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Thanks for reporting this bug.

The problem is (I believe) that lxc-unshare isn't properly handling the case where no arguments are specified. As a workaround, do

lxc-unshare -s NETWORK /bin/bash

and you'll get a root prompt in the new namespace.

tags: added: bitesize
Changed in lxc (Ubuntu):
status: Confirmed → Triaged
Serge Hallyn (serge-hallyn)
Changed in lxc (Ubuntu Quantal):
assignee: nobody → Serge Hallyn (serge-hallyn)
status: Triaged → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.8.0~rc1-4ubuntu13

---------------
lxc (0.8.0~rc1-4ubuntu13) quantal; urgency=low

  * 0086-lxc-unshare-zero-args: fix lxc-unshare segfaulting when no command
    is given (LP: #1011603)
  * 0087-lxc-ls-dash: fix lxc-ls for containers whose names start with a
    dash (LP: #1006332)
  * 0088-ubuntu-template-flock: don't fail when flock is busy, just wait,
    so concurrent lxc-creates don't break. (LP: #1007483)
  * 0089-lxc-netstat-exec: fix lxc-netstat errors (LP: #1011739)
 -- Serge Hallyn <email address hidden> Mon, 11 Jun 2012 15:46:25 +0000

Changed in lxc (Ubuntu Quantal):
status: In Progress → Fix Released
Serge Hallyn (serge-hallyn)
description: updated
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Ahmed, or anyone else affected,

Accepted lxc into precise-proposed. The package will build now and be available in a few hours. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in lxc (Ubuntu Precise):
status: New → Fix Committed
tags: added: verification-needed
Revision history for this message
Stéphane Graber (stgraber) wrote :

No more segfault and getting the error message, that's a pass.

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.7.5-3ubuntu59

---------------
lxc (0.7.5-3ubuntu59) precise-proposed; urgency=low

  [ Serge Hallyn ]
  * 0085-pivot-dir: use a directory other than /mnt to put the pivot_root
    old dir into (LP: #986385)
  * 0086-lxc-unshare-zero-args: fix lxc-unshare segfaulting when no command
    is given (LP: #1011603)
  * 0087-lxc-ls-dash: fix lxc-ls for containers whose names start with a
    dash (LP: #1006332)
  * 0088-ubuntu-template-flock: don't fail when flock is busy, just wait,
    so concurrent lxc-creates don't break. (LP: #1007483)
  * debian/rules, debian/lxc.apport: install apport hook (LP: #1011644)

  [ Stéphane Graber ]
  * Ship /etc/dnsmasq.d/lxc to configure an eventual system wide
    dnsmasq daemon not to listen on the LXC bridge interface. (LP: #928524)
 -- Serge Hallyn <email address hidden> Mon, 11 Jun 2012 19:56:30 -0500

Changed in lxc (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.