Ubuntu
apport package

starts/stops in containers

Bug #1267728 reported by Martin Pitt
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apport (Ubuntu)
Fix Released
Medium
Martin Pitt
Precise
Invalid
Medium
Martin Pitt
Trusty
Fix Released
Medium
Martin Pitt

Bug Description

As soon as you start/stop a container, or install/remove apport in the container, apport's init.d/upstart script change the global /proc/sys/kernel/core_pattern and thus influence all other containers and the host.

Only the host should set core_pattern, and with https://code.launchpad.net/~stgraber/apport/pidns-support/+merge/200893 crashes in a container are now properly forwarded to the container's apport.

FIX: http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu/trusty/apport/ubuntu/revision/2274

SRU TEST CASE (stop):
- Check that apport is currently enabled:
  $ cat /proc/sys/kernel/core_pattern
  |/usr/share/apport/apport %p %s %c

- Start a container (that has apport installed):
  $ sudo lxc-start-ephemeral -o precise

- Stop the container:
  $ sudo poweroff # within the container

- Apport is now disabled globally:
  $ cat /proc/sys/kernel/core_pattern
  core

  With the fixed apport, /proc/sys/kernel/core_pattern should never be touched by the container.

SRU TEST CASE (start):
- Stop apport globally:
  $ sudo stop apport
  $ cat /proc/sys/kernel/core_pattern
   core

- Start a container (that has apport installed):
  $ sudo lxc-start-ephemeral -o precise

- Apport is now globally enabled:
  $ cat /proc/sys/kernel/core_pattern
  |/usr/share/apport/apport %p %s %c

  With the fixed apport, /proc/sys/kernel/core_pattern should never be touched by the container.

SRU TEST CASE (regression test):

- Starting/stopping apport manually should still work. After booting, apport should be enabled:
  $ cat /proc/sys/kernel/core_pattern
  |/usr/share/apport/apport %p %s %c
  $ sudo stop apport
  $ cat /proc/sys/kernel/core_pattern
   core
  $ sudo start apport
  $ cat /proc/sys/kernel/core_pattern
  |/usr/share/apport/apport %p %s %c

REGRESSION POTENTIAL: In releases < trusty, apport would not work in containers at all, as the kernel calls the host's apport; before https://code.launchpad.net/~stgraber/apport/pidns-support/+merge/200893, Apport did not forward crashes that happened in a container to the container's apport, so for precise there is no regresssion potential.

See original description
Revision history for this message
Martin Pitt (pitti) wrote :

Fixed upstream in http://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/2748, but that's only the init.d script which we don't use in Ubuntu.

Changed in apport (Ubuntu Trusty):
importance: Undecided → Medium
Changed in apport (Ubuntu Precise):
importance: Undecided → Medium
Changed in apport (Ubuntu Trusty):
assignee: nobody → Martin Pitt (pitti)
Changed in apport (Ubuntu Precise):
assignee: nobody → Martin Pitt (pitti)
Martin Pitt (pitti)
description: updated
description: updated
Martin Pitt (pitti)
Changed in apport (Ubuntu Trusty):
assignee: Martin Pitt (pitti) → nobody
status: New → Fix Committed
assignee: nobody → Martin Pitt (pitti)
description: updated
Changed in apport (Ubuntu Precise):
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.13.1-0ubuntu1

---------------
apport (2.13.1-0ubuntu1) trusty; urgency=medium

  * New upstream release:
    - Fix report.test_get_timestamp test for running in other time zones.
    - Fix erroneous "gdb-multiarch not installed" warnings in ui tests.
    - Fix ui.test_run_crash_older_session test for running as root.
    - Fix ui.test_run_crash_older_session for different file system file
      orders.
 -- Martin Pitt <email address hidden> Fri, 10 Jan 2014 10:58:54 +0100

Changed in apport (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Martin Pitt (pitti) wrote :

Turns out that containers aren't supposed to be able to set core_pattern, that is just a bug in the current trusty 3.13 kernel. So no SRU necessary.

Changed in apport (Ubuntu Precise):
status: In Progress → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.