[Bug 1964445] [NEW] Incorrectly identifies processes inside LXD container on jammy/cgroupsv2
Trent Lloyd
1964445 at bugs.launchpad.net
Thu Mar 10 07:31:49 UTC 2022
Public bug reported:
Processes inside of LXD containers are incorrectly identified as needing
a restart on jammy. The cause is that needrestart does not correctly
parse cgroups v2.
Since needrestart is installed in a default install, this is problematic
as it prompts you to restart and actually restarts the host version of a
container's processes unnecessarily.
I have sent an upstream pull request to fix this here, it's a simple fix to the regex:
https://github.com/liske/needrestart/pull/238
Upstream also already has a fix to the same for Docker:
https://github.com/liske/needrestart/pull/234
We should patch both of these into Jammy before release. I can send this
patch upstream to Debian also however as they do not currently use
cgroups v2 by default it is not directly affected in a default
configuration (but would be affected if you enable them). Since we are
also close to release this may also need to be expedited.
= Test Case =
- Install Jammy Server with needrestart installed (the server iso installs it by default, cloud/vm/lxd images do not)
- Launch an LXD focal container
- (slightly harder) inside the focal container, upgrade a commonly used library such as libc6. To do this you may need to first downgrade libc6, restart avahi-daemon, upgrade it again.
- Run "needrestart" on the host and see that the container's avahi-daemon is recognised to restart (but it will restart the hosts process, and the next invocation will prompt to restart again)
** Affects: needrestart (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to needrestart in Ubuntu.
https://bugs.launchpad.net/bugs/1964445
Title:
Incorrectly identifies processes inside LXD container on
jammy/cgroupsv2
Status in needrestart package in Ubuntu:
New
Bug description:
Processes inside of LXD containers are incorrectly identified as
needing a restart on jammy. The cause is that needrestart does not
correctly parse cgroups v2.
Since needrestart is installed in a default install, this is
problematic as it prompts you to restart and actually restarts the
host version of a container's processes unnecessarily.
I have sent an upstream pull request to fix this here, it's a simple fix to the regex:
https://github.com/liske/needrestart/pull/238
Upstream also already has a fix to the same for Docker:
https://github.com/liske/needrestart/pull/234
We should patch both of these into Jammy before release. I can send
this patch upstream to Debian also however as they do not currently
use cgroups v2 by default it is not directly affected in a default
configuration (but would be affected if you enable them). Since we are
also close to release this may also need to be expedited.
= Test Case =
- Install Jammy Server with needrestart installed (the server iso installs it by default, cloud/vm/lxd images do not)
- Launch an LXD focal container
- (slightly harder) inside the focal container, upgrade a commonly used library such as libc6. To do this you may need to first downgrade libc6, restart avahi-daemon, upgrade it again.
- Run "needrestart" on the host and see that the container's avahi-daemon is recognised to restart (but it will restart the hosts process, and the next invocation will prompt to restart again)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/needrestart/+bug/1964445/+subscriptions
More information about the foundations-bugs
mailing list