Your message dated Tue, 27 Apr 2021 02:08:03 +0200 with message-id <9986ac3d4fd7f0343f6d2f7cc8b730722725931a.camel@decadent.org.uk> and subject line Re: Bug#754193: linux-image-3.2.0-4-amd64: reboot(2) called from a PID namespace shuts down a host has caused the Debian Bug report #754193, regarding linux-image-3.2.0-4-amd64: reboot(2) called from a PID namespace shuts down a host to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 754193: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754193 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: linux-image-3.2.0-4-amd64: reboot(2) called from a PID namespace shuts down a host
- From: l.stelmach@samsung.com (Łukasz Stelmach)
- Date: Tue, 08 Jul 2014 16:33:40 +0200
- Message-id: <877g3nq5rv.fsf@samsung.com>
Package: src:linux Version: 3.2.60-1+deb7u1 Severity: normal Dear Maintainer, tl;dr: init in a container (PID namespace) can call reboot(2) and shutdown the host machine. Please refer to [1] for a detailed description of symptoms. After some investigation and thanks to help received from systemd developers I can tell the problems can be solved by applying [2] to the kernel. The patch is relatively old, it has been released only three months after 3.2.0 so I hope applying it wouldn't be a problem. [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754184 [2] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf3f8921 -- Package-specific info:** Version: Linux version 3.2.0-4-amd64 (debian-kernel@lists.debian.org) (gcc version 4.6.3 (Debian 4.6.3-14) ) #1 SMP Debian 3.2.60-1+deb7u1 ** Command line: initrd=/boot/initrd.img-3.2.0-4-amd64 root=UUID=f52fdabb-9a8b-4a87-b89e-dbb3aecbcb8b ro init=/lib/systemd/systemd BOOT_IMAGE=/boot/vmlinuz-3.2.0-4-amd64 ** Not tainted ** Kernel log: [ 17.308252] drm: registered panic notifier [ 17.308603] acpi device:01: registered as cooling_device8 [ 17.308776] input: Video Bus as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A08:00/LNXVIDEO:00/input/input5 [ 17.308808] ACPI: Video Device [GFX0] (multi-head: yes rom: no post: no) [ 17.308819] [drm] Initialized i915 1.6.0 20080730 for 0000:00:02.0 on minor 0 [ 17.308893] snd_hda_intel 0000:00:1b.0: irq 45 for MSI/MSI-X [ 17.308912] snd_hda_intel 0000:00:1b.0: setting latency timer to 64 [ 17.490934] systemd[1]: Started Various fixups to make systemd work better on Debian. [ 17.491140] systemd[1]: Mounted Lock Directory. [ 17.491232] systemd[1]: Mounted User Runtime Directory. [ 17.491304] systemd[1]: Starting Local File Systems. [ 17.491365] systemd[1]: Reached target Local File Systems. [ 17.491379] systemd[1]: Starting LSB: Restore resolv.conf if the system crashed.... [ 17.578239] systemd[1]: Starting LSB: ebtables ruleset management... [ 17.626663] usbcore: registered new interface driver usbserial [ 17.626671] USB Serial support registered for generic [ 17.626686] usbcore: registered new interface driver usbserial_generic [ 17.626687] usbserial: USB Serial Driver core [ 17.634148] USB Serial support registered for FTDI USB Serial Device [ 17.634191] ftdi_sio 2-1.1.2.4:1.0: FTDI USB Serial Device converter detected [ 17.634216] usb 2-1.1.2.4: Detected FT232RL [ 17.634217] usb 2-1.1.2.4: Number of endpoints 2 [ 17.634226] usb 2-1.1.2.4: Endpoint 1 MaxPacketSize 64 [ 17.634227] usb 2-1.1.2.4: Endpoint 2 MaxPacketSize 64 [ 17.634228] usb 2-1.1.2.4: Setting MaxPacketSize 64 [ 17.634708] usb 2-1.1.2.4: FTDI USB Serial Device converter now attached to ttyUSB0 [ 17.634715] usbcore: registered new interface driver ftdi_sio [ 17.634716] ftdi_sio: v1.6.0:USB FTDI Serial Converters Driver [ 17.658024] systemd[1]: Starting LSB: Nameserver information manager... [ 17.706006] systemd[1]: Starting Recreate Volatile Files and Directories... [ 17.777771] systemd[1]: Starting Remote File Systems. [ 17.777898] systemd[1]: Reached target Remote File Systems. [ 17.777928] systemd[1]: Starting LSB: Cleans up any mess left by 0dns-up... [ 17.821560] systemd[1]: Starting LSB: Restore and store ALSA driver settings... [ 17.937240] systemd[1]: Starting LSB: VirtualBox Linux X11 Additions... [ 18.005039] systemd[1]: Starting LSB: screen sessions cleaning... [ 18.040925] systemd[1]: Starting LSB: Prepare console... [ 18.094444] hda_codec: ALC269: SKU not ready 0x411111f0 [ 18.096352] input: HDA Digital PCBeep as /devices/pci0000:00/0000:00:1b.0/input/input6 [ 18.124699] systemd[1]: Starting Trigger Flushing of Journal to Persistent Storage... [ 18.204499] systemd[1]: Started Load Random Seed. [ 18.260399] systemd[1]: Started LSB: Restore resolv.conf if the system crashed.. [ 18.328180] systemd[1]: Started LSB: ebtables ruleset management. [ 18.358599] HDMI status: Codec=3 Pin=6 Presence_Detect=0 ELD_Valid=0 [ 18.358798] input: HDA Intel PCH HDMI/DP,pcm=3 as /devices/pci0000:00/0000:00:1b.0/sound/card0/input7 [ 18.359190] input: HDA Intel PCH Headphone as /devices/pci0000:00/0000:00:1b.0/sound/card0/input8 [ 18.384081] systemd[1]: Started Recreate Volatile Files and Directories. [ 18.467758] systemd[1]: Started LSB: Cleans up any mess left by 0dns-up. [ 18.527560] systemd[1]: Started LSB: VirtualBox Linux X11 Additions. [ 19.026203] systemd[1]: Started LSB: Nameserver information manager. [ 19.157799] systemd[1]: Started LSB: screen sessions cleaning. [ 19.297399] systemd[1]: Started LSB: Prepare console. [ 19.297461] systemd[1]: Starting LSB: Raise network interfaces.... [ 19.428996] systemd[1]: Mounting Arbitrary Executable File Formats File System... [ 19.566560] systemd[1]: Starting Sound Card. [ 19.566613] systemd[1]: Reached target Sound Card. [ 19.899712] systemd[1]: Started LSB: Restore and store ALSA driver settings. [ 19.900000] systemd[1]: Mounted Arbitrary Executable File Formats File System. [ 19.943630] systemd[1]: Started Trigger Flushing of Journal to Persistent Storage. [ 20.039291] systemd[1]: Started LSB: Update mtab file.. [ 20.198637] systemd[1]: Found device ST3500413AS. [ 20.198694] systemd[1]: Activating swap /dev/disk/by-uuid/8fd21e0d-1027-4f44-94e2-4e81f5b11251... [ 20.331090] Adding 16776188k swap on /dev/sda3. Priority:-1 extents:1 across:16776188k [ 20.332552] systemd[1]: Activated swap /dev/disk/by-uuid/8fd21e0d-1027-4f44-94e2-4e81f5b11251. [ 20.332589] systemd[1]: Starting Swap. [ 20.332687] systemd[1]: Reached target Swap. [ 20.474185] Bridge firewalling registered [ 20.476974] device eth0 entered promiscuous mode [ 20.649667] e1000e 0000:00:19.0: irq 42 for MSI/MSI-X [ 20.753192] e1000e 0000:00:19.0: irq 42 for MSI/MSI-X [ 20.753933] ADDRCONF(NETDEV_UP): eth0: link is not ready [ 20.756670] ADDRCONF(NETDEV_UP): br0: link is not ready [ 24.098963] e1000e: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 24.099736] ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 24.099765] br0: port 1(eth0) entering forwarding state [ 24.099771] br0: port 1(eth0) entering forwarding state [ 24.100478] ADDRCONF(NETDEV_CHANGE): br0: link becomes ready [ 25.899581] RPC: Registered named UNIX socket transport module. [ 25.899582] RPC: Registered udp transport module. [ 25.899583] RPC: Registered tcp transport module. [ 25.899584] RPC: Registered tcp NFSv4.1 backchannel transport module. [ 25.973107] FS-Cache: Loaded [ 26.014399] FS-Cache: Netfs 'nfs' registered for caching [ 26.047618] Installing knfsd (copyright (C) 1996 okir@monad.swb.de). [ 27.251326] auditd (1618): /proc/1618/oom_adj is deprecated, please use /proc/1618/oom_score_adj instead. [ 28.737524] input: ACPI Virtual Keyboard Device as /devices/virtual/input/input9 [ 29.266928] NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory [ 29.318838] NFSD: starting 90-second grace period [ 31.287637] lp: driver loaded but no devices found [ 31.595018] ppdev: user-space parallel port driver [ 31.679484] parport0: PC-style at 0x378 (0x778) [PCSPP,TRISTATE] [ 31.805706] parport0: irq 7 detected [ 31.901560] lp0: using parport0 (polling). [ 33.873772] ip_tables: (C) 2000-2006 Netfilter Core Team [ 34.880699] br0: no IPv6 routers present [ 35.113439] nf_conntrack version 0.5.0 (16384 buckets, 65536 max) [ 35.406615] ADDRCONF(NETDEV_UP): virbr0: link is not ready [ 36.604928] Ebtables v2.0 registered [ 36.653106] ip6_tables: (C) 2000-2006 Netfilter Core Team [ 39.108610] br0: port 1(eth0) entering forwarding state ** Model information sys_vendor: Dell Inc. product_name: OptiPlex 990 product_version: 01 chassis_vendor: Dell Inc. chassis_version: bios_vendor: Dell Inc. bios_version: A10 board_vendor: Dell Inc. board_name: 06D7TR board_version: A00 ** Loaded modules: ip6table_filter ip6_tables ebtable_nat ebtables ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT xt_CHECKSUM iptable_mangle xt_tcpudp iptable_filter ip_tables x_tables parport_pc ppdev lp parport uinput nfsd nfs nfs_acl auth_rpcgss fscache lockd sunrpc bridge stp binfmt_misc snd_hda_codec_hdmi snd_hda_codec_realtek ftdi_sio usbserial coretemp crc32c_intel snd_hda_intel snd_hda_codec snd_hwdep ghash_clmulni_intel snd_pcm_oss snd_mixer_oss snd_pcm evdev snd_page_alloc aesni_intel snd_seq_midi snd_seq_midi_event acpi_cpufreq snd_rawmidi i915 aes_x86_64 drm_kms_helper aes_generic mperf snd_seq drm dcdbas snd_seq_device snd_timer snd cryptd i2c_algo_bit i2c_core container processor video button shpchp thermal_sys soundcore psmouse serio_raw kvm_intel kvm loop autofs4 ext4 crc16 jbd2 mbcache usbhid hid btrfs crc32c libcrc32c zlib_deflate dm_mod sg sr_mod sd_mod cdrom crc_t10dif ahci libahci libata ehci_hcd scsi_mod usbcore e1000e usb_common ** PCI devices: 00:00.0 Host bridge [0600]: Intel Corporation 2nd Generation Core Processor Family DRAM Controller [8086:0100] (rev 09) Subsystem: Dell Device [1028:047e] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort+ >SERR- <PERR- INTx- Latency: 0 Capabilities: <access denied> Kernel driver in use: agpgart-intel 00:02.0 VGA compatible controller [0300]: Intel Corporation 2nd Generation Core Processor Family Integrated Graphics Controller [8086:0102] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Dell Device [1028:047e] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 44 Region 0: Memory at e0c00000 (64-bit, non-prefetchable) [size=4M] Region 2: Memory at d0000000 (64-bit, prefetchable) [size=256M] Region 4: I/O ports at 3000 [size=64] Expansion ROM at <unassigned> [disabled] Capabilities: <access denied> Kernel driver in use: i915 00:16.0 Communication controller [0780]: Intel Corporation 6 Series/C200 Series Chipset Family MEI Controller #1 [8086:1c3a] (rev 04) Subsystem: Dell Device [1028:047e] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 11 Region 0: Memory at e1ab0000 (64-bit, non-prefetchable) [size=16] Capabilities: <access denied> 00:16.3 Serial controller [0700]: Intel Corporation 6 Series/C200 Series Chipset Family KT Controller [8086:1c3d] (rev 04) (prog-if 02 [16550]) Subsystem: Dell Device [1028:047e] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin B routed to IRQ 17 Region 0: I/O ports at 30e0 [size=8] Region 1: Memory at e1a90000 (32-bit, non-prefetchable) [size=4K] Capabilities: <access denied> Kernel driver in use: serial 00:19.0 Ethernet controller [0200]: Intel Corporation 82579LM Gigabit Network Connection [8086:1502] (rev 04) Subsystem: Dell Device [1028:047e] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 42 Region 0: Memory at e1a00000 (32-bit, non-prefetchable) [size=128K] Region 1: Memory at e1a80000 (32-bit, non-prefetchable) [size=4K] Region 2: I/O ports at 3080 [size=32] Capabilities: <access denied> Kernel driver in use: e1000e 00:1a.0 USB controller [0c03]: Intel Corporation 6 Series/C200 Series Chipset Family USB Enhanced Host Controller #2 [8086:1c2d] (rev 04) (prog-if 20 [EHCI]) Subsystem: Dell Device [1028:047e] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 16 Region 0: Memory at e1a70000 (32-bit, non-prefetchable) [size=1K] Capabilities: <access denied> Kernel driver in use: ehci_hcd 00:1b.0 Audio device [0403]: Intel Corporation 6 Series/C200 Series Chipset Family High Definition Audio Controller [8086:1c20] (rev 04) Subsystem: Dell Device [1028:047e] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0, Cache Line Size: 64 bytes Interrupt: pin A routed to IRQ 45 Region 0: Memory at e1a60000 (64-bit, non-prefetchable) [size=16K] Capabilities: <access denied> Kernel driver in use: snd_hda_intel 00:1c.0 PCI bridge [0604]: Intel Corporation 6 Series/C200 Series Chipset Family PCI Express Root Port 1 [8086:1c10] (rev b4) (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0, Cache Line Size: 64 bytes Bus: primary=00, secondary=01, subordinate=01, sec-latency=0 Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort+ <SERR- <PERR- BridgeCtl: Parity- SERR- NoISA- VGA- MAbort- >Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: <access denied> Kernel driver in use: pcieport 00:1c.2 PCI bridge [0604]: Intel Corporation 6 Series/C200 Series Chipset Family PCI Express Root Port 3 [8086:1c14] (rev b4) (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0, Cache Line Size: 64 bytes Bus: primary=00, secondary=02, subordinate=02, sec-latency=0 I/O behind bridge: 00002000-00002fff Memory behind bridge: e1000000-e19fffff Prefetchable memory behind bridge: 00000000e0000000-00000000e09fffff Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- <SERR- <PERR- BridgeCtl: Parity- SERR- NoISA- VGA- MAbort- >Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: <access denied> Kernel driver in use: pcieport 00:1d.0 USB controller [0c03]: Intel Corporation 6 Series/C200 Series Chipset Family USB Enhanced Host Controller #1 [8086:1c26] (rev 04) (prog-if 20 [EHCI]) Subsystem: Dell Device [1028:047e] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin A routed to IRQ 17 Region 0: Memory at e1a50000 (32-bit, non-prefetchable) [size=1K] Capabilities: <access denied> Kernel driver in use: ehci_hcd 00:1e.0 PCI bridge [0604]: Intel Corporation 82801 PCI Bridge [8086:244e] (rev a4) (prog-if 01 [Subtractive decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Bus: primary=00, secondary=03, subordinate=03, sec-latency=0 Secondary status: 66MHz- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort+ <SERR- <PERR- BridgeCtl: Parity- SERR- NoISA- VGA- MAbort- >Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: <access denied> 00:1f.0 ISA bridge [0601]: Intel Corporation Q67 Express Chipset Family LPC Controller [8086:1c4e] (rev 04) Subsystem: Dell Device [1028:047e] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Capabilities: <access denied> 00:1f.2 SATA controller [0106]: Intel Corporation 6 Series/C200 Series Chipset Family SATA AHCI Controller [8086:1c02] (rev 04) (prog-if 01 [AHCI 1.0]) Subsystem: Dell Device [1028:047e] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 0 Interrupt: pin C routed to IRQ 43 Region 0: I/O ports at 30d0 [size=8] Region 1: I/O ports at 30c0 [size=4] Region 2: I/O ports at 30b0 [size=8] Region 3: I/O ports at 30a0 [size=4] Region 4: I/O ports at 3060 [size=32] Region 5: Memory at e1a40000 (32-bit, non-prefetchable) [size=2K] Capabilities: <access denied> Kernel driver in use: ahci 00:1f.3 SMBus [0c05]: Intel Corporation 6 Series/C200 Series Chipset Family SMBus Controller [8086:1c22] (rev 04) Subsystem: Dell Device [1028:047e] Control: I/O+ Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Interrupt: pin C routed to IRQ 11 Region 0: Memory at e1a30000 (64-bit, non-prefetchable) [size=256] Region 4: I/O ports at 3040 [size=32] ** USB devices: Bus 002 Device 004: ID 046d:c312 Logitech, Inc. DeLuxe 250 Keyboard Bus 002 Device 006: ID 0403:6001 Future Technology Devices International, Ltd FT232 USB-Serial (UART) IC Bus 002 Device 005: ID 05e3:0608 Genesys Logic, Inc. USB-2.0 4-Port HUB Bus 002 Device 003: ID 05e3:0608 Genesys Logic, Inc. USB-2.0 4-Port HUB Bus 002 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 001 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub*** Please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these lines *** -- System Information: Debian Release: 7.5 APT prefers stable-updates APT policy: (990, 'stable-updates'), (900, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: armel Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages linux-image-3.2.0-4-amd64 depends on: ii debconf [debconf-2.0] 1.5.49 ii initramfs-tools [linux-initramfs-tool] 0.115~bpo70+1 ii kmod 9-3 ii linux-base 3.5 ii module-init-tools 9-3 Versions of packages linux-image-3.2.0-4-amd64 recommends: pn firmware-linux-free <none> Versions of packages linux-image-3.2.0-4-amd64 suggests: pn debian-kernel-handbook <none> ii extlinux 2:4.05+dfsg-6+deb7u1 pn linux-doc-3.2 <none> Versions of packages linux-image-3.2.0-4-amd64 is related to: pn firmware-atheros <none> pn firmware-bnx2 <none> pn firmware-bnx2x <none> pn firmware-brcm80211 <none> pn firmware-intelwimax <none> pn firmware-ipw2x00 <none> pn firmware-ivtv <none> pn firmware-iwlwifi <none> pn firmware-libertas <none> pn firmware-linux <none> pn firmware-linux-nonfree <none> pn firmware-myricom <none> pn firmware-netxen <none> pn firmware-qlogic <none> pn firmware-ralink <none> pn firmware-realtek <none> pn xen-hypervisor <none> -- debconf information: linux-image-3.2.0-4-amd64/postinst/depmod-error-initrd-3.2.0-4-amd64: false linux-image-3.2.0-4-amd64/prerm/removing-running-kernel-3.2.0-4-amd64: true linux-image-3.2.0-4-amd64/postinst/ignoring-ramdisk: linux-image-3.2.0-4-amd64/postinst/missing-firmware-3.2.0-4-amd64: -- Łukasz Stelmach Samsung R&D Institute Poland Samsung ElectronicsAttachment: pgp72oMRBvQwg.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: Salvatore Bonaccorso <carnil@debian.org>, 754193-done@bugs.debian.org
- Cc: Łukasz Stelmach <l.stelmach@samsung.com>
- Subject: Re: Bug#754193: linux-image-3.2.0-4-amd64: reboot(2) called from a PID namespace shuts down a host
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Tue, 27 Apr 2021 02:08:03 +0200
- Message-id: <9986ac3d4fd7f0343f6d2f7cc8b730722725931a.camel@decadent.org.uk>
- In-reply-to: <[🔎] YIUUyXU3Di5dwcl3@eldamar.lan>
- References: <877g3nq5rv.fsf@samsung.com> <1404837048.26540.12.camel@deadeye.wl.decadent.org.uk> <[🔎] YIUUyXU3Di5dwcl3@eldamar.lan>
Version: 3.4.4-1~experimental.1 On Sun, 2021-04-25 at 09:05 +0200, Salvatore Bonaccorso wrote: > Hi, > > On Tue, Jul 08, 2014 at 05:30:48PM +0100, Ben Hutchings wrote: > > On Tue, 2014-07-08 at 16:33 +0200, Łukasz Stelmach wrote: > > > Package: src:linux > > > Version: 3.2.60-1+deb7u1 > > > Severity: normal > > > > > > Dear Maintainer, > > > > > > tl;dr: init in a container (PID namespace) can call reboot(2) and > > > shutdown the host machine. > > > > Yes, and you need real user namespaces (as introduced in Linux 3.7) > > to > > prevent this. > > > > > Please refer to [1] for a detailed description of symptoms. > > > > > > After some investigation and thanks to help received from systemd > > > developers I can tell the problems can be solved by applying [2] > > > to the > > > kernel. The patch is relatively old, it has been released only > > > three > > > months after 3.2.0 so I hope applying it wouldn't be a problem. > > [...] > > > > This change seems to make containers work better, but it does not > > improve security. I'm not sure whether this is sufficient > > justification > > for a stable update. Please can you ask the stable release team > > (debian-release@lists.debian.org) to consider this. > > I'm still inclinded to close this bug now, would you agree? Yes, it is long since fixed in all supported releases. Closing this with the first version that has the fix. Ben. -- Ben Hutchings Klipstein's 4th Law of Prototyping and Production: A fail-safe circuit will destroy others.Attachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---