Bug#1076137: bullseye-pu: package containerd/1.4.13~ds1-1~deb11u4

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1076137: bullseye-pu: package containerd/1.4.13~ds1-1~deb11u4
From: Ritesh Kumar <ritesh-kumar@siemens.com>
Date: Thu, 11 Jul 2024 05:45:32 -0400
Message-id: <[🔎] 172069113275.936227.15466075826912479855.reportbug@godavari>
Reply-to: Ritesh Kumar <ritesh-kumar@siemens.com>, 1076137@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: ritesh-kumar@siemens.com

(Please provide enough information to help the release team
to judge the request efficiently. E.g. by filling in the
sections below.)

[ Reason ]
(Explain what the reason for the (old-)stable update is. I.e.
what is the bug, when was it introduced, is this a regression
with respect to the previous (old-)stable.)

When we start a container using Docker usually through a systemd service or via the command line and user does not handle
the termination of the running container, the containerd-shim process hangs during poweroff/reboot sequence. 
==> systemd-shutdown[1]: Waiting for process: 2011 (containerd-shim)
Although this behavior seems normal from my perspective because it forces the user to take action and make a graceful shutdown.
The right way to stop the containers gracefully was via the systemd service by using ExecStop directive primarily(sends the SIGTERM signal from systemd service to docker which in turn sends to containerd that handles the container shutdown),  TimeoutStopSec and KillSignal=SIGTERM.

[ Impact ]
(What is the impact for the user if the update isn't approved?)
The containerd-shim process hangs during poweroff/reboot sequence.
systemd-shutdown[1]: Waiting for process: 2011 (containerd-shim)

[ Tests ]
(What automated or manual tests cover the affected code?)
Steps to reproduce:
1. the easiest to reproduce is from the command line # docker pull --platform linux/arm64 alpine
2. # docker run -d --name container-test alpine tail -f /dev/null
3. # docker ps
CONTAINER ID   IMAGE     COMMAND               CREATED         STATUS         PORTS     NAMES
57e1c1658c20   alpine    "tail -f /dev/null"   8 seconds ago   Up 5 seconds             container-test
4. # systemctl reboot

For more details Check here:- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073148

[ Risks ]
(Discussion of the risks involved. E.g. code is trivial or
complex, alternatives available.)
I don't think this could be major risk as this we need to backport from upstream containerd repo.
Upstream discussion: https://github.com/containerd/containerd/issues/5502
Upstream patch: https://github.com/containerd/containerd/pull/5828

[ Checklist ]
  [*] *all* changes are documented in the d/changelog
  [*] I reviewed all changes and I approve them
  [ ] attach debdiff against the package in (old)stable
  [ ] the issue is verified as fixed in unstable

[ Changes ]
(Explain *all* the changes)
Here I have pushed the changes please have a look and decide whether we need to add or not.
https://salsa.debian.org/go-team/packages/containerd/-/merge_requests/3

[ Other info ]
(Anything else the release team should know.)
Please have a look for the bug created by Siemens.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1073148

Reply to:

Prev by Date: Bug#1051232: bookworm-pu: package 7zip/23.01+dfsg-3~deb12u1
Next by Date: Bug#1072036: release.debian.org: Transition for gsl-2.8 / libgsl28
Previous by thread: Bug#1076095: marked as done (transition: libpqxx)
Next by thread: Bug#1072036: release.debian.org: Transition for gsl-2.8 / libgsl28
Index(es):
- Date
- Thread