Web lists-archives.com

Re: Debian vs Linux namespaces, NMU lsb-base




On Sat, Mar 23, 2019 at 09:49:09PM +0800, Shengjing Zhu wrote:
> On Sat, Mar 23, 2019 at 8:41 PM Harald Dunkel wrote:
> >
> > Hi folks,
> >
> > AFAICS there are several packages that appear to be unaware of /
> > do not care about containers, e.g. opensmtpd, bind9, apt-cacher-ng,
> > probably everything using pidof or pidofproc from /lib/lsb/init-\
> > functions).
> >
> > I noticed that containerization and Linux namespaces are not number
> > one priority for Debian, but do you think this could be addressed
> > for Buster? Its pretty annoying if you try to maintain the Debian host
> > system, and a LXC container is affected instead.
> >
> >
> > Thanx in advance
> >
> > Harri
> >
> > https://bugs.debian.org/888569
 sysv startup script stumbles over smtpd running in a LXC container

> > https://bugs.debian.org/888743
 pidofproc returns PIDs in foreign chroots and containers

> > https://bugs.debian.org/858837
 lsb-base: pidofproc should limit itself to processes in host system if running on an LXC host

> > https://bugs.debian.org/924551
 startup script affects bind running inside a container


> If I read these bugs correctly, all are the same thing and it's the bug in lsb.
> And the straightforward fix mentioned in #888743 and #858837 is to use
> `pidof -c` instead of `pidof` in pidofproc function provided by
> lsb-base package.
> 
> I think there's no harm for this patch.

Quoting manual page `pidof`

|  -c   Only return process PIDs that are running with the same
|       root directory.  This option is ignored for  non-root
|       users,  as  they will  be unable to check the current
|       root directory of processes they do not own.


What would be the harm to the Buster release
if lsb-base got NMU
with https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=888743;filename=init-functions.diff;msg=37 ?


Groeten
Geert Stappers
-- 
Leven en laten leven