[Bug 1930686] Re: Do not include /dev device node filles in OCI rootfs tarballs

Launchpad Bug Tracker 1930686 at bugs.launchpad.net
Tue Jun 15 09:00:28 UTC 2021 

This bug was fixed in the package livecd-rootfs - 2.525.55

---------------
livecd-rootfs (2.525.55) bionic; urgency=medium

  [ Thomas Bechtold ]
  * Remove device node files in /dev from rootfs tarball for oci project
    builds (LP: #1930686)

 -- Michael Hudson-Doyle <michael.hudson at ubuntu.com>  Tue, 08 Jun 2021
08:02:19 +1200

** Changed in: livecd-rootfs (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1930686

Title:
  Do not include /dev device node filles in OCI rootfs tarballs

Status in livecd-rootfs package in Ubuntu:
  Fix Released
Status in livecd-rootfs source package in Bionic:
  Fix Released

Bug description:
  [Impact]

  Note: this only affects bionic - all other release don't have this
  problem.

  Currently, the official Ubuntu docker images are based on the core rootfs tarballs from https://partner-images.canonical.com/core/ .
  We want to switch to the newly created OCI tarballs from (https://partner-images.canonical.com/oci). See also LP:#1926732 for details about the OCI rootfs tarballs.

  While trying to switch the official ubuntu docker images on dockerhub
  to the newly created OCI rootfs tarballs, it poped up that for the
  bionic containers, there are device node entries in the rootfs (/dev
  files).

  The diff (see https://github.com/docker-library/official-
  images/pull/10287) looks like:

  --- a/ubuntu_bionic/ubuntu-bionic-core-cloudimg-amd64-root.tar.gz  'tar -t'
  +++ b/ubuntu_bionic/ubuntu-bionic-oci-amd64-root.tar.gz  'tar -t'
  @@ -86,6 +86,19 @@ bin/zmore
   bin/znew
   boot/
   dev/
  +dev/fd
  +dev/full
  +dev/null
  +dev/ptmx
  +dev/pts/
  +dev/random
  +dev/shm/
  +dev/stderr
  +dev/stdin
  +dev/stdout
  +dev/tty
  +dev/urandom
  +dev/zero

  This causes problems (see https://github.com/tianon/docker-brew-
  ubuntu-core/issues/62 ) and would be a regression when switching from
  the core rootfs tarballs to the oci rootfs tarball.

  Expected is that there are not /dev files in the rootfs tarball.

  [Test Plan]

  1) build ubuntu-oci project with launchpad
  2) do some basic tests with the rootfs tarball:
  cat << EOF > Dockerfile
  FROM scratch
  ADD hirsute-minimal-cloudimg-amd64-root.tar.gz /
  CMD ["/bin/bash"]
  EOF
  $ docker build .
  docker run -it $image-id uname -a
  3) check the tarball size (should not change significantly)
  4) check that there are not /dev files in the tarball

  [Where problems could occur]
  This change could break other livecd-rootfs projects which might lead to failed builds. But beside that, there is nothing I can think of that would be affected by this change. And it's very unlikely to break other livecd-rootfs builds.

  [Other Info]
  None

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1930686/+subscriptions

More information about the foundations-bugs mailing list