[pkg-lxc-devel] Bug#1050256: [pkg-apparmor] Bug#1050256: autopkgtest fails on debci
intrigeri
intrigeri at debian.org
Sun Sep 17 07:31:37 BST 2023
Control: reassign -1 src:linux
Control: retitle -1 AppArmor breaks locking non-fs Unix sockets
Control: affects -1 src:apparmor src:lxc src:systemd src:pdns src:policykit-1
Control: found -1 6.1.38-1
Control: found -1 6.1.38-2
Control: notfound -1 6.3.1-1~exp1
Hi Debian Kernel Team,
In the last month or so, a number of people from various Debian teams
and other distributions have been tracking down a regression that
affects systems upgraded to Bookworm: services that use certain
systemd facilities such as PrivateNetwork=yes fail to start in LXC/LXD
containers. Among other things, this breaks the autopkgtests of many
packages, such as systemd, on ci.debian.net (#1050256). This was
tracked down to a kernel regression, for which a fix landed in Linux
6.2:
1cf26c3d2c4c apparmor: fix apparmor mediating locking non-fs unix sockets
Work is ongoing to backport the fix to linux-stable/linux-6.1.y.
I'm Cc'ing John and Mathias who have been working on this.
FYI, ideally this would be fixed in the upcoming Bookworm
point-release (12.2, early October).
Current workarounds:
- ci.debian.net was upgraded to the bookworm-backports kernel
- various packages maintainers have added workarounds such as disabling
PrivateNetwork=yes for autopkgtests
Cheers,
--
intrigeri
More information about the Pkg-lxc-devel
mailing list