Accepting request 902316 from Virtualization:containers

OBS-URL: https://build.opensuse.org/request/show/902316 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/lxd?expand=0&rev=34
2021-06-25 13:01:44 +00:00 · 2021-06-25 13:01:44 +00:00 · a4567d722b
commit a4567d722b
parent 1275e2e338 f36094bfb4
3 changed files with 45 additions and 0 deletions
--- a/boo1186786-0001-forkexec-handle-broken-close_range-backport-in-openS.patch
+++ b/boo1186786-0001-forkexec-handle-broken-close_range-backport-in-openS.patch
@ -0,0 +1,33 @@
+From a0c04ef1b99c94edb50084825365c2bab8dadb7c Mon Sep 17 00:00:00 2001
+From: Christian Brauner <christian.brauner@ubuntu.com>
+Date: Thu, 17 Jun 2021 12:45:25 +0200
+Subject: [PATCH] forkexec: handle broken close_range() backport in openSUSE
+ Leap 15.3
+
+Fixes: https://discuss.linuxcontainers.org/t/lxc-exec-results-in-error-failed-to-retrieve-pid-of-executing-child-process
+Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
+---
+ lxd/main_forkexec.go | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/lxd/main_forkexec.go b/lxd/main_forkexec.go
+index 7cc5e8d7130c..574f25eeb988 100644
+--- a/lxd/main_forkexec.go
+++ b/lxd/main_forkexec.go
+@@ -292,7 +292,12 @@ __attribute__ ((noinline)) static int __forkexec(void)
+ 
+ 	ret = close_range(EXEC_PIPE_FD + 1, UINT_MAX, CLOSE_RANGE_UNSHARE);
+ 	if (ret) {
+-		if (errno == ENOSYS)
+		// Fallback to close_inherited() when the syscall is not
+		// available or when CLOSE_RANGE_UNSHARE isn't supported.
+		// On a regular kernel CLOSE_RANGE_UNSHARE should always be
+		// available but openSUSE Leap 15.3 seems to have a partial
+		// backport without CLOSE_RANGE_UNSHARE support.
+		if (errno == ENOSYS || errno == EINVAL)
+ 			ret = close_inherited(fds_to_ignore, ARRAY_SIZE(fds_to_ignore));
+ 	}
+ 	if (ret)
+-- 
+2.32.0
+
--- a/lxd.changes
+++ b/lxd.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Fri Jun 25 09:59:23 UTC 2021 - Aleksa Sarai <asarai@suse.com>
+
+- Add backport for <https://github.com/lxc/lxd/pull/8908> which fixes a
+  Leap-specific kernel backport bug (close_range(2) was backported but not the
+  flags that it supported in the first version). boo#1186786
+  + boo1186786-0001-forkexec-handle-broken-close_range-backport-in-openS.patch
+
 -------------------------------------------------------------------
 Tue Jun  8 02:25:02 UTC 2021 - Aleksa Sarai <asarai@suse.com>

--- a/lxd.spec
+++ b/lxd.spec
@ -51,6 +51,8 @@ Source101:      %{name}-config.yml
 # Additional runtime configuration.
 Source200:      %{name}.sysctl
 Source201:      %{name}.dnsmasq
+# UPSTREAM-FIX: Backport of <https://github.com/lxc/lxd/pull/8908>. boo#1186786
+Patch1:         boo1186786-0001-forkexec-handle-broken-close_range-backport-in-openS.patch
 BuildRequires:  fdupes
 BuildRequires:  golang-packaging
 BuildRequires:  libacl-devel
@ -122,6 +124,8 @@ Bash command line completion support for %{name}.

 %prep
 %setup -q
+# boo#1186786
+%patch1 -p1

 # Create fake "go mod"-like import paths. This is going to be really fun to
 # maintain but it's unfortunately necessary because openSUSE doesn't have nice