[Bug 1943049] Re: Docker ubuntu:impish: Problem executing scripts DPkg::Post-Invoke 'rm -f /var/cache/apt/archives/.deb /var/cache/apt/archives/partial/.deb /var/cache/apt/*.bin || true'

Thu Nov 4 17:28:37 UTC 2021

This bug was fixed in the package docker.io - 20.10.7-0ubuntu5~18.04.2

---------------
docker.io (20.10.7-0ubuntu5~18.04.2) bionic; urgency=medium

  * d/t/control: make basic-smoke do not depend on debian-archive-keyring.
    In Bionic, when debian-archive-keyring is installed we are not able to
    debootstrap a Debian stable chroot. Removing this dependency make it
    work again.

docker.io (20.10.7-0ubuntu5~18.04.1) bionic; urgency=medium

  * Backport version 20.10.7-0ubuntu5 from Impish (LP: #1938908).
    - d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.

docker.io (20.10.7-0ubuntu5) impish; urgency=medium

  [ Sergio Durigan Junior ]
  * d/t/docker-in-lxd:
    Improve dep8 test.  Make it run a more complex test against an
    ubuntu:devel docker container, especially because glibc updates might
    break docker.io.  Improve test reliability when running autopkgtest
    locally.

  [ Steve Beattie ]
  * SECURITY UPDATE: insufficiently restricted directory permissions
    - d/p/CVE-2021-41091.patch: Lock down docker root dir perms.
    - CVE-2021-41091
  * SECURITY UPDATE: permissions modifications outside of install directory
    - d/p/CVE-2021-41089.patch: chrootarchive: don't create parent dirs
      outside of chroot.
    - CVE-2021-41089

docker.io (20.10.7-0ubuntu4) impish; urgency=medium

  * d/p/seccomp-add-support-for-clone3-syscall-in-default-policy.patch: Fix
    failure with new glibc clone3 syscall adding it to the default seccomp
    policy (LP: #1943049).

 -- Lucas Kanashiro <kanashiro at ubuntu.com>  Thu, 21 Oct 2021 16:55:00
-0300

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1943049

Title:
  Docker ubuntu:impish: Problem executing scripts DPkg::Post-Invoke 'rm
  -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb
  /var/cache/apt/*.bin || true'

Status in cloud-images:
  Confirmed
Status in containerd package in Ubuntu:
  Fix Released
Status in crun package in Ubuntu:
  Confirmed
Status in docker.io package in Ubuntu:
  Fix Released
Status in glibc package in Ubuntu:
  Confirmed
Status in golang-github-containers-common package in Ubuntu:
  Fix Released
Status in golang-github-opencontainers-specs package in Ubuntu:
  Fix Released
Status in libpod package in Ubuntu:
  Fix Released
Status in containerd source package in Bionic:
  Fix Released
Status in docker.io source package in Bionic:
  Fix Released
Status in containerd source package in Focal:
  Fix Released
Status in docker.io source package in Focal:
  Fix Released
Status in containerd source package in Hirsute:
  Fix Released
Status in docker.io source package in Hirsute:
  Fix Released
Status in containerd source package in Impish:
  Fix Released
Status in crun source package in Impish:
  Confirmed
Status in docker.io source package in Impish:
  Fix Released
Status in glibc source package in Impish:
  Confirmed
Status in golang-github-containers-common source package in Impish:
  Fix Released
Status in golang-github-opencontainers-specs source package in Impish:
  Fix Released
Status in libpod source package in Impish:
  Fix Released

Bug description:
  Sometime betweek August 28 and September 4 2021 the ubuntu:impish
  images published on dockerhub began erroring when executing the
  commands defined in /etc/apt/apt.conf.d/docker-clean.

  I have this reproducer, which is probably not as minimal as it can be
  but looks reliable:

  1. docker run -it --rm ubuntu:impish bash
  2. apt update
  3. apt install git
  4. apt -y remove git

  This results in:

  E: Problem executing scripts DPkg::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'
  E: Sub-process returned an error code

  *Removing* a package is not strictly needed to trigger the failure,
  but it seems that *two* apt operations are needed to trigger it, so
  this reproducer found by athos-ribeiro also works:

  docker run -it --rm ubuntu:impish /bin/bash -c 'apt-get update; apt-
  get full-upgrade -y; apt-get install -y jq'

  This doesn't happen when using ubuntu:hirsute.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-images/+bug/1943049/+subscriptions

[Bug 1943049] Re: Docker ubuntu:impish: Problem executing scripts DPkg::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'

[Bug 1943049] Re: Docker ubuntu:impish: Problem executing scripts DPkg::Post-Invoke 'rm -f /var/cache/apt/archives/.deb /var/cache/apt/archives/partial/.deb /var/cache/apt/*.bin || true'