[Bug 1853852] Re: hard to reproduce issues in systemd autopkgtest against new libseccomp 2.4.2
Launchpad Bug Tracker
1853852 at bugs.launchpad.net
Wed Dec 18 12:58:33 UTC 2019
This bug was fixed in the package systemd - 244-3ubuntu1
---------------
systemd (244-3ubuntu1) focal; urgency=medium
[ Balint Reczey ]
* Merge to Ubuntu from Debian unstable
* Refresh patches:
- Dropped changes:
* d/t/control: mark udev test skippable.
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c3419bd2a30a78d05cca9c38e50c9726de7e7632
* test-execute: Filter /dev/.lxc in exec-dynamicuser-statedir.service.
File: debian/patches/test-execute-Filter-dev-.lxc-in-exec-dynamicuser-statedir.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=75af888d5552f706b86182a56f12ccc8e83ca04e
* Pass personality test even when i386 userland runs on amd64 kernel
File: debian/patches/debian/UBUNTU-test-Pass-personality-test-even-when-i386-userland-runs-o.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=42e0bfc426f19430f6768ef4922a9531a345765f
* Fix resolved fallback to TCP (LP: #1849658)
Author: Dan Streetman
File: debian/patches/resolved-set-stream-type-during-DnsStream-creation.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f1ee30b13c9d2d34968b09ce620f3bc24a1a78c7
- Remaining changes:
* Recommend networkd-dispatcher
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1e3b2c7e4757119da0d550b0b3c0a6626a176dc
* Enable EFI/bootctl on armhf.
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=043122f7d8a1487bfd357e815a6ece1ceea6e7d1
* debian/control: strengthen dependencies.
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1ecf0c372f5212129c85ae60fddf26b2271a1fe
* Add conflicts with upstart and systemd-shim
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=83ed7496afc7c27be026014d109855f7d0ad1176
* Specify Ubuntu's Vcs-Git
File: debian/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=fd832930ef280c9a4a9dda2440d5a46a6fdb6232
* Ubuntu/extra: ship dhclient-enter hook.
Files:
- debian/extra/dhclient-enter-resolved-hook
- debian/rules
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f3398a213f80b02bf3db0c1ce9e22d69f6d56764
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=258893bae8cbb12670e4807636fe8f7e9fb5407a
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0725c1169ddde4f41cacba7af3e546704e2206be
* udev-udeb: ship modprobe.d snippet to force scsi_mod.scan=sync in d-i.
Files:
- debian/extra/modprobe.d-udeb/scsi-mod-scan-sync.conf
- debian/udev-udeb.install
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=eb6d8a2b9504917abb7aa2c4035fdbb7b98227f7
* debian/extra/start-udev: Set scsi_mod scan=sync even if it's builtin to the kernel (we previously only set it in modprobe.d)
Files:
- debian/extra/start-udev
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6b72628f8de991e2c67ac4289fc74daf3abe7d14
* debian/extra/units/systemd-resolved.service.d/resolvconf.conf:
drop resolvconf.conf drop-in, resolved integration moved to resolvconf package.
* debian/extra/wrap_cl.py: add changelog formatter
Files:
- debian/extra/wrap_cl.py
- debian/gbp.conf
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=26e69bceab9cec8df64cdca18cd71e7c0874f8b3
* debian/gbp.conf: Set tag format to ubuntu/*
* debian/gbp.conf: Change debian-branch to ubuntu-eoan
* libnss-resolve: do not disable and stop systemd-resolved
File: debian/libnss-resolve.postrm
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=95577d14e84e19b614b83b2e24985d89e8c2dac0
* core: Revert strict mount namespacing/sandboxing, until LXD allows the needed mounts.
File: debian/patches/Revert-namespace-be-more-careful-when-handling-namespacin.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=030919ba5e4931d6ee576d0259fae67fe4ed9770
* Add "AssumedApparmorLabel=unconfined" to timedate1 dbus service file
File: debian/patches/debian/UBUNTU-Add-AssumedApparmorLabel-unconfined-to-timedate1-dbus.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5ad0879e10bbe3d641f940260b93c7eb2cf4624c
* Re-add support for /etc/writable for core18
File: debian/patches/debian/UBUNTU-Support-system-image-read-only-etc.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a5b5fca66c1127068e4ce0cc9ab497814211f4f7
* Improve autopkgtest success rate, by bumping up timeouts
File: debian/patches/debian/UBUNTU-bump-selftest-timeouts.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c05586d9da033bbfd6b6a74e10b87520843c7c48
* core: set /run size to 10%, like initramfs-tools does.
File: debian/patches/debian/UBUNTU-core-set-run-size-to-10-like-initramfs-tools-does.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fac2568fe716dc1a41bada78293dc6327a6df0d
* Ship systemd sysctl settings.
Files:
- debian/patches/debian/UBUNTU-drop-kernel.-settings-from-sysctl-defaults-shipped.patch
- debian/rules
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7cd041a6d0ef459e4b2a82d8ea5fa1ce05184dfb
* journald.service: set Nice=-1 to dodge watchdog on soft lockups.
File: debian/patches/debian/UBUNTU-journald.service-set-Nice-1-to-dodge-watchdog-on-soft-loc.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e0a9aeffac556492bf517ce2d23313ff7a277926
* networkd: if RA was implicit, do not await ndisc_configured.
File: debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2f749ff528d1b788aa4ca778e954c16b213ee629
* networkd: [Route] PreferredSource not working in *.network files.
Files:
- debian/patches/debian/UBUNTU-networkd-if-RA-was-implicit-do-not-await-ndisc_con.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4e2ee0b2ac1be2ae78952890a56a2d5398df518
* Disable LLMNR and MulticastDNS by default
Files:
- debian/patches/debian/UBUNTU-resolved-disable-global-LLMNR-and-MulticastDNS.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4ec428e83696a5cd0405b677a35e97681867629
* test-sleep: skip test_fiemap upon inapproriate ioctl for device.
File: debian/patches/debian/UBUNTU-test-sleep-skip-test_fiemap-upon-inapproriate-ioctl-.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6ebb5b9f6b77760a5470e8a780d69875b1db76f7
* test/test-functions: launch qemu-system with -vga none.
File: debian/patches/debian/UBUNTU-test-test-functions-launch-qemu-with-vga-none.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=90af1fa893cce5ed49999d16da0b793da6523394
* units: conditionalize more units to not start in containers.
Files:
- debian/patches/debian/UBUNTU-units-block-CAP_SYS_MODULE-units-in-containers-too.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3689afa1a782de8c19a757459b6360de1195ad55
* units: Disable journald Watchdog
File: debian/patches/debian/UBUNTU-units-disable-journald-watchdog.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=64d2b4f1d0d057073fba585f19823332e2a6eed5
* wait-online: do not wait, if no links are managed (neither configured, or failed).
File: debian/patches/debian/UBUNTU-wait-online-exit-if-no-links-are-managed.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=31f04c3fc769dacb3cf2a78240a1710a99a865b8
* Set UseDomains to true, by default, on Ubuntu.
File: debian/patches/debian/Ubuntu-UseDomains-by-default.patch
* Ignore failures to set Nice priority on services in containers.
File: debian/patches/debian/Ubuntu-core-in-execute-soft-fail-setting-Nice-priority-when.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5b8e457f8d883fc6f55d33d46b3474926a495d29
* units: set ConditionVirtualization=!private-users on journald audit socket.
File: debian/patches/debian/Ubuntu-units-set-ConditionVirtualization-private-users-on-j.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=03ed18a9940731bbf794ad320fabf337488835c6
* Workaround captive portals not responding to EDNS0 queries (DVE-2018-0001).
File: debian/patches/resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=87d3fe81b7281687ecf3c0b9a8356e90cc714d0b
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2974114ed9b89ea922a23893e8eff70d5cac77fe
* Disable dh_installinit generation of tmpfiles for the systemd package.
Files:
- debian/rules
- debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1fd144cbe31cc7a9383cc76f21f4b84c22a9dd1b
* Enable systemd-resolved by default
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=05adfa0902115f51c1196ad623165a75bb8b4313
* Create /etc/resolv.conf at postinst, pointing at the stub resolver.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ef4adf46bbbe2d22508b70b889d23da53b85039d
* Always setup /etc/resolv.conf on new installations.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=20bc8a37fa3c9620bed21a56a4eabd71db71d861
* Disable systemd-networkd-wait-online by default.
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=694473d812b50d2fefd6494d494ca02b91bc8785
* postinst: drop empty/stock /etc/rc.local
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=e7d071a26a79558771303b0b87f007e650eaebbe
* systemd.postinst: enable persistent journal
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f94f18d9dbc085b6a9ff33c141a6e542142f85b5
* debian/systemd.postinst: Skip daemon-reexec and try-restarts during shutdown
File: debian/systemd.postinst
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=51daab96ae79483b5e5fb62e1e0477c87ee11fd1
* Drop systemd.prerm safety check.
File: debian/systemd.prerm
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0244c4d56556317f14eecc2f51871969ef02ba7b
* boot-and-services: stderr is ok, for status command on the c1 container.
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=da14d34e7cc33c44ad67e64c9fd092f8cc1675f9
* adt: boot-and-services: assert any kernel syslog messages.
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=29dc34f7a6e5dc505f6212c17c42e4420b47ed16
* Wait for systemctl is-system-running state.
File: debian/tests/boot-smoke
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=776998f1f55c445b6e385cab69a4219c42d00838
* debian/tests: Enforce udev upgrade.
Files:
- debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f350b43ccc1aa31c745b4ccebbb4084d5cea41ff
* Only test that gdm3 comes up on amd64. Stalls on other arches.
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=97cb13685dfb353045c449ec5d6d1df60f661079
* debian/tests/systemd-fsckd: update assertions expectations for v237
File: debian/tests/systemd-fsckd
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d5becd9a416b55dcdb7b9a7aba60c4e3d304e6a6
* Skip systemd-fsckd on arm64, because of broken/lack of clean shutdown.
File: debian/tests/systemd-fsckd
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=bf5b501ac934497dbef5f64908ff37643dc7288e
* debian/tests: blacklist upstream test-24-unit-tests on ppc64le.
File: debian/tests/upstream
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8062b9a2712c390010d2948eaf764a1b52e68715
* Skip falling back to device name when net_get_name(device) fails.
File: debian/patches/Skip-falling-back-to-device-name-when-net_get_name-device.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c79fe0e2dc29834e0cd236ade6e4e44a6ffb74fa
* debian/test/boot-and-services: Skip AppArmor tests in arm containers.
File: debian/tests/boot-and-services
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=9d3b35df77aa939365563a4edaee54ebb7f559a3
* d/t/control: run udev tests only with isolation-machine.
File: debian/tests/control
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b4b4c9bf44f4b8d7f75a4204aff697f549c8aad7
* UBUNTU: drop setting fs.protected_regular and fs.protected_fifos
File: debian/patches/debian/UBUNTU-drop-kernel.-settings-from-sysctl-defaults-shipped.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6e583847b04c3f83a50f3bd6947dcae6a73d8388
* debian/rules: Set -Duser-path instead of patching the source for the same result
File: debian/rules
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=67d2ac5d806b55b0d178fca7e0af08cd9d12580c
* systemd-resolved: Default to Cache=no-negative
File: debian/patches/debian/UBUNTU-resolved-default-no-negative-caching.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b42658843a9496d6b6bb68ac159f2a9f0a8ba9db
[ Dan Streetman ]
* Remove tempfile used by dhclient-enter-resolved-hook
File: debian/extra/dhclient-enter-resolved-hook
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=00a0d3997f7f9664df5cc2d7f96622e8c641f3e5
[ Christian Ehrhardt ]
* drop d/p/test-expect-mmap-to-fail-in-seccomp-test-on-s390-and-s390.patch.
File: debian/patches/test-expect-mmap-to-fail-in-seccomp-test-on-s390-and-s390.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2edd57973b9342d46d5d4095d80dfe0969cd08e4
* d/p/lp-1853852-*: fix issues with muliplexed shmat calls (LP: #1853852)
Author: Christian Ehrhardt
Files:
- debian/patches/lp-1853852-seccomp-fix-multiplexed-system-calls.patch
- debian/patches/lp-1853852-seccomp-mmap-test-results-depend-on-kernel-libseccom.patch
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=382271662c60c339b0a404c7a1772fe5670516ef
* changelog: fix issues with muliplexed shmat calls (LP: #1853852)
File: debian/changelog
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7048d92d071e70e5b17989ae2e03c996c843df78
[ Dimitri John Ledkov ]
* config: tpm-pcrindex=12, on Ubuntu only.
In Ubuntu, we are trying to integrate measured boot with either bootctl or
grub, or sometimes both using chainloading. In those cases we may want to seal
against grub's PCRs, bootctl stub PCRs, or both at the same time. To achieve
that, we wouldn't like to decouple grub's & bootctl's PCR and make the latter
one use PCR #12.
Author: Dimitri John Ledkov
File: debian/rules
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2f8c22d44a619ce8fa17eb0cd7c7e2c601cdbbeb
-- Balint Reczey <rbalint at ubuntu.com> Fri, 13 Dec 2019 19:05:14 +0100
** Changed in: systemd (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1853852
Title:
hard to reproduce issues in systemd autopkgtest against new libseccomp
2.4.2
Status in libseccomp:
New
Status in libseccomp package in Ubuntu:
Invalid
Status in systemd package in Ubuntu:
Fix Released
Bug description:
Hi,
I'm mostly reporting this if to one of the people watching systemd more closely this is in any form a known issue or if there are any hints.
I recently merged libseccomp 2.4.2 and after a few initial cleanups that worked well.
But on propsoed-migration I hit systemd test issues.
I have read about issues with arm NR_open defines - I had the same in
chrony - but that is fixed in libseccomp and that isn't failing in
systemd.
i386 and s390x (only those) have failing tests
- http://autopkgtest.ubuntu.com/packages/s/systemd/focal/s390x
- http://autopkgtest.ubuntu.com/packages/s/systemd/focal/i386
Example:
https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-focal/focal/s390x/s/systemd/20191120_105726_aea23@/log.gz
Failnig subtests are:
root-unittests FAIL non-zero exit status 134
upstream FAIL non-zero exit status 1
And looking at the details of root-unittest I found: http://paste.ubuntu.com/p/N7q9PX3hFN/
====== test-seccomp =======
...
/* test_memory_deny_write_execute_mmap */
Operating on architecture: s390
Failed to add shmat() rule for architecture s390, skipping: Invalid argument
Operating on architecture: s390x
Failed to add shmat() rule for architecture s390x, skipping: Invalid argument
Assertion 'p == MAP_FAILED' failed at src/test/test-seccomp.c:493, function test_memory_deny_write_execute_mmap(). Aborting.
memoryseccomp-mmap terminated by signal ABRT.
Assertion 'wait_for_terminate_and_check("memoryseccomp-mmap", pid, WAIT_LOG) == EXIT_SUCCESS' failed at src/test/test-seccomp.c:507, function test_memory_deny_write_execute_mmap(). Aborting.
FAIL: test-seccomp (code: 134)
But when installing source of systemd and the new libseccomp in a
Focal VM with proposed enabled it works just fine. Actually I just
found that it does have a good RC but breaks so maybe it is debuggable
after all.
To manage notifications about this bug go to:
https://bugs.launchpad.net/libseccomp/+bug/1853852/+subscriptions
More information about the foundations-bugs
mailing list