[Bug 1942276] Re: glibc 2.34 upgrade will break some essential services

Michael Hudson-Doyle 1942276 at bugs.launchpad.net
Thu Sep 2 00:41:42 UTC 2021 

So my previous comment isn't quite right.

For one thing, I *don't* think this affects DynamicUser=, only User= and
Group=. And  https://sourceware.org/legacy-ml/libc-
help/2016-12/msg00006.html says that nss modules are supposed to be ABI
compatible between releases but it appears that for whatever reason,
nss_files from 2.34 is not compatible with glibc 2.33. Now to look into
why that might be.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1942276

Title:
  glibc 2.34 upgrade will break some essential services

Status in docker.io package in Ubuntu:
  New
Status in glibc package in Ubuntu:
  New

Bug description:
  Try this:

  $ lxc launch ubuntu-daily:impish test-docker
  $ lxc shell test-docker
  # cat <<EOF >/etc/apt/sources.list.d/ubuntu-$(lsb_release -cs)-proposed.list
  deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs)-proposed restricted main multiverse universe
  EOF
  # apt update
  # apt install libc-bin -y
  ...
  (debconf query asking which services should be restarted.  Just select Ok)
  ...
  Restarting services...
   systemctl restart accounts-daemon.service console-getty.service cron.service packagekit.service polkit.service rsyslog.service snapd.service ssh.service systemd-journald.service systemd-networkd.service systemd-resolved.service systemd-udevd.service udisks2.service
  Job for systemd-networkd.service failed.
  See "systemctl status systemd-networkd.service" and "journalctl -xeu systemd-networkd.service" for details.
  Job for systemd-resolved.service failed because the control process exited with error code.
  See "systemctl status systemd-resolved.service" and "journalctl -xeu systemd-resolved.service" for details.
  Service restarts being deferred:
   /etc/needrestart/restart.d/dbus.service
   systemctl restart networkd-dispatcher.service
   systemctl restart systemd-logind.service
   systemctl restart unattended-upgrades.service
  # ping ubuntu.com
  ping: ubuntu.com: Temporary failure in name resolution
  # systemctl status systemd-networkd
  × systemd-networkd.service - Network Service
       Loaded: loaded (/lib/systemd/system/systemd-networkd.service; enabled; vendor preset: enabled)
       Active: failed (Result: exit-code) since Wed 2021-09-01 20:41:03 UTC; 36s ago
  TriggeredBy: × systemd-networkd.socket
         Docs: man:systemd-networkd.service(8)
      Process: 2411 ExecStart=/lib/systemd/systemd-networkd (code=exited, status=217/USER)
     Main PID: 2411 (code=exited, status=217/USER)

  Sep 01 20:41:03 test-docker systemd[1]: systemd-networkd.service: Scheduled restart job, restart counter is at 5.
  Sep 01 20:41:03 test-docker systemd[1]: Stopped Network Service.
  Sep 01 20:41:03 test-docker systemd[1]: systemd-networkd.service: Start request repeated too quickly.
  Sep 01 20:41:03 test-docker systemd[1]: systemd-networkd.service: Failed with result 'exit-code'.
  Sep 01 20:41:03 test-docker systemd[1]: Failed to start Network Service.

  
  The same can be reproduced inside a VM.  If the user reboots the system, it becomes usable again.

  [ Original Description ]

  This bug is blocking docker.io on update-excuses.

  I noticed that docker.io version 20.10.7-0ubuntu2 (currently in
  impish-proposed) is failing to start when installed inside an Impish
  LXD container.  You can reproduce the bug by doing:

  $ lxc launch ubuntu-daily:impish test-docker -c security.nesting=true
  $ lxc shell test-docker
  # cat <<EOF >/etc/apt/sources.list.d/ubuntu-$(lsb_release -cs)-proposed.list
  deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs)-proposed restricted main multiverse universe
  EOF
  # apt update
  # apt install docker.io -y
  ...
  Setting up docker.io (20.10.7-0ubuntu2) ...
  Adding group `docker' (GID 120) ...
  Done.
  Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
  Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
  A dependency job for docker.service failed. See 'journalctl -xe' for details.
  invoke-rc.d: initscript docker, action "start" failed.
  ○ docker.service - Docker Application Container Engine
       Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
       Active: inactive (dead)
  TriggeredBy: × docker.socket
         Docs: https://docs.docker.com

  Sep 01 01:52:47 test-docker systemd[1]: Dependency failed for Docker Application Container Engine.
  Sep 01 01:52:47 test-docker systemd[1]: docker.service: Job docker.service/start failed with result 'dependency'.
  ...

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1942276/+subscriptions

More information about the foundations-bugs mailing list