[Bug 2007856] [NEW] snmpd fails to recognize Docker's overlay filesystem
István Papp
2007856 at bugs.launchpad.net
Mon Feb 20 14:02:33 UTC 2023
Public bug reported:
Ubuntu release: 22.04 (Jammy)
Package: https://packages.ubuntu.com/jammy/snmpd
The net-snmp project switched to a new implementation of the fsys
hardware module at their 5.8 version. This was not mentioned in the
release notes, because the decision was made earlier through the build
system. The new version did not recognize the /etc/mtab entry of
"overlay" as a supported filesystem, so monitoring / inside a Docker
container fails after Bionic (5.7.3), likely in every Ubuntu since Focal
(5.8).
The fix happened in this commit, already on their master: https://github.com/net-snmp/net-snmp/commit/798f206561b7de4bc54453c01ffd21de8ae59c87
Since it is an added item in a static list, it would be easy to backport to Jammy's 5.9.1, or most other releases really. A refactor happened at some point that makes backporting before a certain version a bit more interesting, but still easy based on the suggestions in this similar issue: https://github.com/net-snmp/net-snmp/issues/268
Steps to reproduce:
1. Extract the attached zip with a Dockerfile, a patch, and an snmpd.conf
2. Run "docker build -t repro . && docker run --rm -p 161:161/udp repro" to compile and start a Jammy container with a 5.9.1 snmpd inside.
3. Query the disk table from another terminal: "snmpwalk -v2c -c public 0.0.0.0:161 .1.3.6.1.4.1.2021.9"
There should be no OID found. Repeat steps 2 and 3 after uncommenting
the two lines in the Dockerfile that apply the patch. Now proper data
should arrive about the root filesystem.
I would like to get an SRU with this patch for Jammy.
There should be no risk except for snmpd users. The patch is recent and
not released, so it is not widely tested yet. It should only impact
snmpd users with Docker containers, since it only expands the list of
recognized filesystems with "overlay". This feature was broken since
Focal, so I assume there aren't many such users.
** Affects: net-snmp (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "Files for reproduction and verification"
https://bugs.launchpad.net/bugs/2007856/+attachment/5648641/+files/repro.zip
** Package changed: unattended-upgrades (Ubuntu) => net-snmp (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/2007856
Title:
snmpd fails to recognize Docker's overlay filesystem
Status in net-snmp package in Ubuntu:
New
Bug description:
Ubuntu release: 22.04 (Jammy)
Package: https://packages.ubuntu.com/jammy/snmpd
The net-snmp project switched to a new implementation of the fsys
hardware module at their 5.8 version. This was not mentioned in the
release notes, because the decision was made earlier through the build
system. The new version did not recognize the /etc/mtab entry of
"overlay" as a supported filesystem, so monitoring / inside a Docker
container fails after Bionic (5.7.3), likely in every Ubuntu since
Focal (5.8).
The fix happened in this commit, already on their master: https://github.com/net-snmp/net-snmp/commit/798f206561b7de4bc54453c01ffd21de8ae59c87
Since it is an added item in a static list, it would be easy to backport to Jammy's 5.9.1, or most other releases really. A refactor happened at some point that makes backporting before a certain version a bit more interesting, but still easy based on the suggestions in this similar issue: https://github.com/net-snmp/net-snmp/issues/268
Steps to reproduce:
1. Extract the attached zip with a Dockerfile, a patch, and an snmpd.conf
2. Run "docker build -t repro . && docker run --rm -p 161:161/udp repro" to compile and start a Jammy container with a 5.9.1 snmpd inside.
3. Query the disk table from another terminal: "snmpwalk -v2c -c public 0.0.0.0:161 .1.3.6.1.4.1.2021.9"
There should be no OID found. Repeat steps 2 and 3 after uncommenting
the two lines in the Dockerfile that apply the patch. Now proper data
should arrive about the root filesystem.
I would like to get an SRU with this patch for Jammy.
There should be no risk except for snmpd users. The patch is recent
and not released, so it is not widely tested yet. It should only
impact snmpd users with Docker containers, since it only expands the
list of recognized filesystems with "overlay". This feature was broken
since Focal, so I assume there aren't many such users.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/2007856/+subscriptions
More information about the foundations-bugs
mailing list