[Bug 1732518] Re: Please re-enable container support in apport

[Tyler Hicks]

Do we have a strong reason to start handling crashes inside of "non-
full" containers on stable Ubuntu releases? I'm specifically talking
about when this conditional evaluates to True:

  elif not is_same_ns(host_pid, "pid") and is_same_ns(host_pid, "mnt"):

If there's no strong reason, can we only enable that in Bionic?

Also, did you test that with the the PoC in bug 1726372? I'm fairly
certain that it'll create a core dump in /tmp (/tmp/core) which is
new/undesired.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1732518

Title:
  Please re-enable container support in apport

Status in apport package in Ubuntu:
  Triaged
Status in apport source package in Xenial:
  Triaged
Status in apport source package in Zesty:
  Triaged
Status in apport source package in Artful:
  Triaged
Status in apport source package in Bionic:
  Triaged

Bug description:
  The latest security update for apport disabled container crash
  forwarding, this is a feature which users do rely on in production and
  while it may have been appropriate to turn it off to put a security
  update out, this needs to be re-enabled ASAP.

  I provided a patch which fixed the security issue before the security
  issue was publicly disclosed so pushing an SRU to all Ubuntu releases
  re-enabling this code should be pretty trivial.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1732518/+subscriptions