This bug is awaiting verification that the linux-azure/6.2.0-1009.9
kernel in -proposed solves the problem. Please test the kernel and
update this bug with the results. If the problem is solved, change the
tag 'verification-needed-lunar' to 'verification-done-lunar'. If the
problem still exists, change the tag 'verification-needed-lunar' to
'verification-failed-lunar'.
If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.
See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!
** Tags added: kernel-spammed-lunar-linux-azure verification-needed-lunar
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2016908
Title:
udev fails to make prctl() syscall with apparmor=0 (as used by maas by
default)
Status in AppArmor:
Fix Committed
Status in MAAS:
Fix Committed
Status in maas-images:
Invalid
Status in apparmor package in Ubuntu:
Confirmed
Status in linux package in Ubuntu:
Fix Released
Status in systemd package in Ubuntu:
Invalid
Status in apparmor source package in Lunar:
Confirmed
Status in linux source package in Lunar:
Fix Released
Status in systemd source package in Lunar:
Invalid
Bug description:
I'm assuming the image being used for these deploys is 20230417 or
20230417.1 based on the fact that I saw a 6.2 kernel being used which
I don't believe was part of the 20230319 serial. I don't have access
to the maas server, so I can't directly check any log files.
MAAS Version: 3.3.2
Here's where the serial log indicates it can't download the squashfs. The full log is attached as scobee-lunar-no-squashfs.log (there are some other console message intermixed):
no search or nameservers found in /run/net-BOOTIF.conf /run/net-*.conf /run/net6
-*.conf
:: root=squash:http://10.229.32.21:5248/images/ubuntu/arm64/ga-23.04/lunar/candi
date/squa[ 206.804704] Btrfs loaded, crc32c=crc32c-generic, zoned=yes, fsverity
=yes
shfs
:: mount_squash downloading http://10.229.32.21:5248/images/ubuntu/arm64/ga-23.0
4/lunar/candidate/squashfs to /root.tmp.img
Connecting to 10.229.32.21:5248 (10.229.32.21:5248)
wget: can't connect to remote host (10.229.32.21): Network is unreachable
:: mount -t squashfs -o loop '/root.tmp.img' '/root.tmp'
mount: mounting /root.tmp.img on /root.tmp failed: No such file or directory
done.
Still gathering logs and info and will update as I go.
----
Kernel Bug / Apparmor
reproducer
$ wget https://images.maas.io/ephemeral-v3/candidate/lunar/amd64/20230419/ga-23.04/generic/boot-kernel
$ wget https://images.maas.io/ephemeral-v3/candidate/lunar/amd64/20230419/ga-23.04/generic/boot-initrd
$ qemu-system-x86_64 -nographic -m 2G -kernel ./boot-kernel -initrd ./boot-initrd -append 'console=ttyS0 break=modules apparmor=0'
#start the VM
....
Starting systemd-udevd version 252.5-2ubuntu3
Spawning shell within the initramfs
BusyBox v1.35.0 (Ubuntu 1:1.35.0-4ubuntu1) built-in shell (ash)
Enter 'help' for a list of built-in commands.
(initramfs) udevadm info --export-db
Failed to set death signal: Invalid argument
Observe that udevadm fails to setup death signal, with in systemd code
is this
https://github.com/systemd/systemd/blob/08c2f9c626e0f0052d505b1b7e52f335c0fbfa1d/src/basic/process-
util.c#L1252
if (flags & (FORK_DEATHSIG|FORK_DEATHSIG_SIGINT))
if (prctl(PR_SET_PDEATHSIG, (flags & FORK_DEATHSIG_SIGINT) ? SIGINT : SIGTERM) < 0) {
log_full_errno(prio, errno, "Failed to set death signal: %m");
_exit(EXIT_FAILURE);
}
workaround set kernel commandline to `apparmor=1`
----
MAAS bug
Why is maas setting `apparmor=0` ? Ubuntu shouldn't be used without apparmor. Even for deployment and commisioning.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/2016908/+subscriptions