On Wed, Jul 24, 2024 at 8:18 AM Robie Basak <robie.ba...@ubuntu.com> wrote: > There seems to be a second issue between systemd and lxd which > security.nesting=true doesn't seem to fix: > > https://github.com/canonical/lxd/issues/13807
I cannot reproduce this with Oracular or Jammy containers running on a Noble host. [1] However, also note that my containers are using ext4 for the rootfs. Are you using ZFS? If so, this sounds similar to [2], but we uploaded a workaround in systemd-sysusers for Noble (and it's present in upstream >= v256) and I thought the kernel got fixed, too. > > I've just heard that Oracular Raspi pre-install images have been broken > for a week for what appears to be the same reason. Is there a bug you can share? I have not seen details of this yet. > What do you think about kicking this systemd update back to > oracular-proposed until it is resolved properly, and/or uploading a > revert? I don't see sufficient evidence that this would help the situation. But then again, I am confused about the details of this bug on Oracular vs Jammy because your LXD issue is about Jammy, and I have not seen any details for the Oracular Raspi issue. > Or, even if it's not worth doing it this time, how about this idea in > principle, and/or arranging the necessary CI (where practical) to do it > next time? Given that so much of our own development is based on lxd > nowadays, would it be reasonable to consider any change in the archive > that breaks lxd to require blocking of migration, for the "always be > green" CI principle? > Note that in src:systemd we have the 'tests-in-lxd' autopkgtest which runs all the systemd autopkgtest (unless isolation requirements cannot be satisfied) under LXD. I often catch bugs thanks to this (e.g. that is how I noticed [3]). New tests can always be added. -Nick [1] https://dpaste.com/CA2UHK9HT [2] https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/2058179 [3] https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2046486 -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
