[Bug 2112272] Re: Apport refuses to generate core dumps inside containers

Benjamin Drung 2112272 at bugs.launchpad.net
Mon Jun 2 08:30:02 UTC 2025 

Thank you for taking the time to report this bug and contributing to
Ubuntu. This issue is a regression of the recent security update (bug
#2107472).

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/2112272

Title:
  Apport refuses to generate core dumps inside containers

Status in apport package in Ubuntu:
  In Progress

Bug description:
  lsb_release -rd
  Description:	Ubuntu 22.04.5 LTS
  Release:	22.04

  
  apport:
    Installed: 2.20.11-0ubuntu82
    Candidate: 2.20.11-0ubuntu82.7
    Version table:
       2.20.11-0ubuntu82.7 500
          500 http://us-west-1.ec2.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
          500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
   *** 2.20.11-0ubuntu82 500
          500 http://us-west-1.ec2.archive.ubuntu.com/ubuntu jammy/main amd64 Packages
          100 /var/lib/dpkg/status


  
  What happened: 

  Version 2.20.11-0ubuntu82.7 introduced a new function called
  consistency_checks that now refuses to generate core dumps and logging
  the message "executable was modified after program start, ignoring."

  However, this check fails in container environments because the binary
  resides inside container-specific directories, not directly on the
  host OS.

  "if not os.path.exists(os.readlink('exe', dir_fd=proc_pid_fd))"

  As a result, core dumps from containers are being discarded. Prior to
  this update, core dumps were generated correctly.

  
  What you expected to happen:

  When a process inside the container crashes, the apport running on the
  host OS should forward the core dump via a UNIX socket instead of
  exiting because the binary is not present on the host OS.

  
  Changes: 

  https://launchpadlibrarian.net/796123959/apport_2.20.11-0ubuntu82.6_2.20.11-0ubuntu82.7.diff.gz

  +process_start = get_process_starttime()
  +if not consistency_checks(options, process_start):
  +    sys.exit(0)
  +
   # Check if we received a valid global PID (kernel >= 3.12). If we do,
   # then compare it with the local PID. If they don't match, it's an
   # indication that the crash originated from another PID namespace.
  @@ -540,21 +617,24 @@
   if options.global_pid is not None:


  consistency_checks should be after checking if the crash originated
  from another PID namespace.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2112272/+subscriptions

More information about the foundations-bugs mailing list