Your message dated Sun, 20 Aug 2023 22:13:28 +0200 with message-id <169256240853.35162.1325220396245934804@localhost> and subject line Re: mounting /proc silently fails and thus systemd-tmpfiles is skipped with unshared mount namespace on privileged docker (like salsaci) has caused the Debian Bug report #1031222, regarding mounting /proc silently fails and thus systemd-tmpfiles is skipped with unshared mount namespace on privileged docker (like salsaci) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1031222: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031222 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: mounting /proc silently fails and thus systemd-tmpfiles is skipped with unshared mount namespace on privileged docker (like salsaci)
- From: Johannes Schauer Marin Rodrigues <josch@debian.org>
- Date: Mon, 13 Feb 2023 14:05:24 +0100
- Message-id: <167629352449.310343.7895018173748292077.reportbug@localhost>
Package: debootstrap Version: 1.0.128+nmu2 Severity: normal Tags: patch Control: affects -1 + mmdebstrap Hi, steps to reproduce: runuser -u debci -- mmdebstrap --variant=custom --mode=unshare --setup-hook='container=lxc debootstrap unstable "$1"' - chroot.tar Run this inside a privileged docker container (like in a salsaci autopkgtest) and observe how the following files are missing from chroot.tar: /etc/mtab /root/.ssh /run/lock/subsys /var/cache/private /var/lib/private /var/lib/systemd/coredump /var/lib/systemd/pstore /var/log/README /var/log/private All of these would be created by systemd-tmpfiles. They are not created because (after setting SYSTEMD_LOG_LEVEL=debug): /proc/ is not mounted, but required for successful operation of systemd-tmpfiles. Please mount /proc/. Alternatively, consider using the --root= or --image= switches. This is because debootstrap runs "mount -t proc proc /proc". This does not work inside an unshared mount namespace inside privileged docker (like salsaci). See this other bug for a handy table about how to mount /proc: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030625#16 As shown in that table, this can be resolved by falling back to bind-mounting /proc if mounting it normally didn't work. I implemented that in this merge request: https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/91 Thanks! cheers, josch
--- End Message ---
--- Begin Message ---
- To: 1031222-done@bugs.debian.org
- Subject: Re: mounting /proc silently fails and thus systemd-tmpfiles is skipped with unshared mount namespace on privileged docker (like salsaci)
- From: Johannes Schauer Marin Rodrigues <josch@debian.org>
- Date: Sun, 20 Aug 2023 22:13:28 +0200
- Message-id: <169256240853.35162.1325220396245934804@localhost>
- In-reply-to: <167629352449.310343.7895018173748292077.reportbug@localhost>
- References: <167629352449.310343.7895018173748292077.reportbug@localhost>
Version: 1.0.128+nmu3 Quoting Johannes Schauer Marin Rodrigues (2023-02-13 14:05:24) > steps to reproduce: > > runuser -u debci -- mmdebstrap --variant=custom --mode=unshare --setup-hook='container=lxc debootstrap unstable "$1"' - chroot.tar > > Run this inside a privileged docker container (like in a salsaci autopkgtest) > and observe how the following files are missing from chroot.tar: > > /etc/mtab > /root/.ssh > /run/lock/subsys > /var/cache/private > /var/lib/private > /var/lib/systemd/coredump > /var/lib/systemd/pstore > /var/log/README > /var/log/private > > All of these would be created by systemd-tmpfiles. They are not created because > (after setting SYSTEMD_LOG_LEVEL=debug): > > /proc/ is not mounted, but required for successful operation of systemd-tmpfiles. Please mount /proc/. Alternatively, consider using the --root= or --image= switches. > > This is because debootstrap runs "mount -t proc proc /proc". This does not work > inside an unshared mount namespace inside privileged docker (like salsaci). See > this other bug for a handy table about how to mount /proc: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030625#16 > > As shown in that table, this can be resolved by falling back to bind-mounting > /proc if mounting it normally didn't work. I implemented that in this merge request: > > https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/91 the merge request was merged by Luca Boccassi (thank you!) and thus this bug can be closed. cheers, joschAttachment: signature.asc
Description: signature
--- End Message ---