Bug#973313: lintian: Salsa CI jobs fail for many sources hosted there
On Tue, Nov 2, 2021 at 10:04 PM Colin Watson <cjwatson@debian.org> wrote:
>
> On Tue, Nov 02, 2021 at 05:21:12PM +0800, xiao sheng wen(肖盛文) wrote:
> > 在 2021/11/2 上午10:01, Colin Watson 写道:
> > > Interestingly, a bullseye VM does *not* exhibit the same issue, which
> > > suggests that it may be possible to track down a change to the kernel,
> > > AppArmor userspace, or Docker that fixed this (I'm guessing as to
> > > plausible packages). I haven't tried that yet since it's 2am here, but
> > > maybe somebody else can run with this.
> >
> > It's new version Docker in bullseye that fixed this.
> >
> > In bullseye, Docker has a docker-default profile for AppArmor[1], but
> > this profile don't exist in buster.
>
> Ah yes, thanks for finding that. So I guess the plausible choices
> (without having checked feasibility) are:
>
> * cherry-pick the docker-default profile into buster's docker.io
> package as a stable update
> * backport the docker.io package wholesale from bullseye to
> buster-backports
> * ask Salsa admins to upgrade our runners to bullseye
>
> Does anyone have opinions on this? I've CCed the docker.io package
> maintainers in case they have any preferences.
>
For the docker.io package part, I'm not aware that salsa infra is
using this package.
The shared runners are created by docker-machine and the base vm is
also provisioned by docker-machine, which doesn't install the
docker.io package.
--
Shengjing Zhu
Reply to: