[Bug 1943049] Re: Docker ubuntu:impish: Problem executing scripts DPkg::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'

Florian Weimer 1943049 at bugs.launchpad.net
Thu Sep 9 11:30:47 UTC 2021 

Just to be clear, this is a container host bug which needs to be fixed.
glibc works fine on real Linux kernels with and without clone3 support.

There is *supposed* to be a generic fix for this in docker and runc, but
that broke temporarily upstream when support for other system calls
(with higher system call numbers than clone3) was added. As far as I
know, podman does not have the generic fix, so it currently needs to be
updated for each new system call individually. (None of this depends on
the system calls actually implemented in the host kernel, just to be
clear.)

>From a philosophical perspective, I also object to the notion that the
container hosts developers get to define the Linux system call
interface. That should be up to Linux maintainers in collaboration with
userspace developers.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1943049

Title:
  Docker ubuntu:impish: Problem executing scripts DPkg::Post-Invoke 'rm
  -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb
  /var/cache/apt/*.bin || true'

Status in cloud-images:
  Confirmed
Status in crun package in Ubuntu:
  New
Status in docker.io package in Ubuntu:
  New
Status in glibc package in Ubuntu:
  New
Status in libpod package in Ubuntu:
  New
Status in runc package in Ubuntu:
  New

Bug description:
  Sometime betweek August 28 and September 4 2021 the ubuntu:impish
  images published on dockerhub began erroring when executing the
  commands defined in /etc/apt/apt.conf.d/docker-clean.

  I have this reproducer, which is probably not as minimal as it can be
  but looks reliable:

  1. docker run -it --rm ubuntu:impish bash
  2. apt update
  3. apt install git
  4. apt -y remove git

  This results in:

  E: Problem executing scripts DPkg::Post-Invoke 'rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true'
  E: Sub-process returned an error code

  *Removing* a package is not strictly needed to trigger the failure,
  but it seems that *two* apt operations are needed to trigger it, so
  this reproducer found by athos-ribeiro also works:

  docker run -it --rm ubuntu:impish /bin/bash -c 'apt-get update; apt-
  get full-upgrade -y; apt-get install -y jq'

  This doesn't happen when using ubuntu:hirsute.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-images/+bug/1943049/+subscriptions

More information about the foundations-bugs mailing list