[Touch-packages] [Bug 1554365] Re: UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 2886: ordinal not in range(128)

This is the traceback from the logs in 16.04: apt.systemd.daily[957]: Traceback (most recent call last): apt.systemd.daily[957]: File "/usr/bin/unattended-upgrade", line 1473, in apt.systemd.daily[957]: main(options) apt.systemd.daily[957]: File "/usr/bin/unattended-upgrade", line 1411,

[Touch-packages] [Bug 1554365] Re: UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 2886: ordinal not in range(128)

This still exists in 16.04 and is hitting uns every day. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unattended-upgrades in Ubuntu. https://bugs.launchpad.net/bugs/1554365 Title: UnicodeDecodeError: 'ascii' codec can't

[Touch-packages] [Bug 1503382] Re: unable to install python3.4 dev on fresh ubuntu cloud image

Affects me too, but forced downgrading destroys python libraries it seems: virtualenv -p /usr/bin/python3 env Running virtualenv with interpreter /usr/bin/python3 Using base prefix '/usr' New python executable in env/bin/python3 Also creating executable in env/bin/python Installing setuptools, pip

[Touch-packages] [Bug 1476662] Re: lxc-start symlink vulnerabilities may allow guest to read host filesystem, interfere with apparmor

Regression fix fixes it on 14.04 LTS. Confirmed. Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1476662 Title: lxc-start symlink vulnerabilities may allow guest to rea

[Touch-packages] [Bug 1476662] Re: lxc-start symlink vulnerabilities may allow guest to read host filesystem, interfere with apparmor

@roman-fiedler Might point to the same, but we already have relative mount targets: lxc.mount.entry = proc /var/lib/our_containers/123/rootfs/proc proc nosuid,nodev,noexec 0 0 So that won't help as suggested in the mail. -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1476662] Re: lxc-start symlink vulnerabilities may allow guest to read host filesystem, interfere with apparmor

@roman-fiedler We're using absolute mount targets here, so that might help. Will try this out. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1476662 Title: lxc-start symlink

[Touch-packages] [Bug 1476662] Re: lxc-start symlink vulnerabilities may allow guest to read host filesystem, interfere with apparmor

The problem lies in the ubuntu patch http://archive.ubuntu.com/ubuntu/pool/main/l/lxc/lxc_1.0.7-0ubuntu0.5.debian.tar.gz where this code + size_t start = croot ? strlen(croot) : 0; + if (strcmp(ws + start, target + start) != 0) { + ERROR("Mount onto %s resulted in %s\n"

[Touch-packages] [Bug 1476662] Re: lxc-start symlink vulnerabilities may allow guest to read host filesystem, interfere with apparmor

We're getting lxc-start: utils.c: safe_mount: 1409 Mount of 'proc' onto '/usr/lib/x86_64-linux-gnu/lxc//proc' was onto a symlink! on all containers since we upgraded to 1.0.7-0ubuntu0.5 and they don't start. No container has /proc as a symlink. Plese tell me what information is required from me.