Bug#1033147: accountsservice: autopkgtest fails when using a bookworm kernel

Simon McVittie smcv at debian.org
Wed Aug 7 15:34:40 BST 2024


On Mon, 05 Aug 2024 at 00:43:06 +0100, Simon McVittie wrote:
> A sid lxc container in a bookworm VM (built with a-b-lxc from bookworm)
> doesn't currently start up at all for me

I reported that separately, as #1078165.

After resolving that by using autopkgtest(-virt-lxc) from
bookworm-backports, I cannot reproduce the accountsservice test failure
(in a sid lxc container on bookworm, built with a-b-lxc from bookworm).

accountsservice's relationship with policykit-1, combined with the timing
of Paul's bug report, makes me think that this could be #1050256
"AppArmor breaks locking non-fs Unix sockets" and its symptom #1042880
"systemd: service with PrivateNetwork=yes fails inside lxc container on
bookworm".

We now have at least two workarounds for those: as per
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050256#264>, systemd
falls back from PrivateNetwork=yes to PrivateNetwork=no if necessary;
and policykit-1 is also patched to turn off PrivateNetwork=yes (which
can probably be reverted, now that systemd has a workaround).
So I think that theory is consistent with why sid's accountsservice now
passes its autopkgtest when run in lxc on bookworm.

The test failure I saw under a-v-podman is concerning, but probably
ought to be a separate bug report - and probably non-RC, since Debian's
production infrastructure is currently based on a-v-lxc (and ideally
a-v-qemu) only?

    smcv



More information about the Pkg-freedesktop-maintainers mailing list