apport-hackers team mailing list archive
-
apport-hackers team
-
Mailing list archive
-
Message #00152
[Merge] lp:~stgraber/apport/pidns-support into lp:apport
Stéphane Graber has proposed merging lp:~stgraber/apport/pidns-support into lp:apport.
Requested reviews:
Apport upstream developers (apport-hackers)
For more details, see:
https://code.launchpad.net/~stgraber/apport/pidns-support/+merge/200893
This adds support for PID namespaces in apport.
With that change, crashes originating from a container on a system running a >= 3.12 kernel will be automatically redirected to apport inside the container.
This is done through a new wrapper called apport-pidns-wrapper and a new feature I introduced in core_pattern upstream (%P).
This script will be called with an extended core pattern which includes %P (PID in the host namespace), if that one doesn't match with %p (PID in the calling namespace), the script will look for /proc/<pid in host ns>/root/usr/share/apport/apport and if it exists, call it through chroot.
On pre-3.12 systems, all crashes will simply be forwarded to apport on the host (as used to be the case).
If apport isn't installed in the calling namespace, the wrapper will simply exit 0 (instead of the current behaviour of either spamming apport.log with useless content and stacktraces or worse, getting apport to think a perfectly sane process just crashed).
On top of that change, the change below will be needed in the distribution packaging:
=== modified file 'debian/apport.install'
--- debian/apport.install 2013-08-19 14:25:01 +0000
+++ debian/apport.install 2014-01-08 19:20:40 +0000
@@ -1,6 +1,7 @@
etc
usr/share/apport/apport
usr/share/apport/apport-checkreports
+usr/share/apport/apport-pidns-wrapper
usr/share/apport/package_hook
usr/share/apport/kernel_crashdump
usr/share/apport/kernel_oops
=== modified file 'debian/apport.upstart'
--- debian/apport.upstart 2013-07-08 14:50:45 +0000
+++ debian/apport.upstart 2014-01-08 19:22:37 +0000
@@ -30,7 +30,7 @@
rm -f /var/lib/pm-utils/resume-hang.log
fi
- echo "|/usr/share/apport/apport %p %s %c" > /proc/sys/kernel/core_pattern
+ echo "|/usr/share/apport/apport-pidns-wrapper %p %s %c %P" > /proc/sys/kernel/core_pattern
echo 2 > /proc/sys/fs/suid_dumpable
end script
Let me know if you have any question.
--
https://code.launchpad.net/~stgraber/apport/pidns-support/+merge/200893
Your team Apport upstream developers is requested to review the proposed merge of lp:~stgraber/apport/pidns-support into lp:apport.
=== added file 'data/apport-pidns-wrapper'
--- data/apport-pidns-wrapper 1970-01-01 00:00:00 +0000
+++ data/apport-pidns-wrapper 2014-01-08 19:30:23 +0000
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+# The standard core_pattern is: %p %s %c %P
+# $1 => PID in originating namespace
+# $2 => Signal number
+# $3 => Core file ulimit
+# $4 => PID in host namespace
+
+# This script simply checks if the PID in the host namespace is passed.
+# If it is, then apport checks if the apport script is available in the
+# originating namespace. If it is, it's then called and passed the first 3
+# arguments.
+# In all other cases, the apport from the host namespace is called as usual.
+
+if [ -n "$4" ] && [ "$1" != "$4" ]; then
+ if [ -x /proc/$4/root/usr/share/apport/apport ]; then
+ exec chroot /proc/$4/root /usr/share/apport/apport $1 $2 $3
+ else
+ exit 0
+ fi
+else
+ exec /usr/share/apport/apport $1 $2 $3
+fi
=== modified file 'etc/init.d/apport'
--- etc/init.d/apport 2013-02-27 14:50:16 +0000
+++ etc/init.d/apport 2014-01-08 19:30:23 +0000
@@ -12,7 +12,7 @@
PATH=/bin
DESC="automatic crash report generation"
NAME=apport
-AGENT=/usr/share/apport/apport
+AGENT=/usr/share/apport/apport-pidns-wrapper
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
@@ -52,7 +52,7 @@
rm -f /var/lib/pm-utils/resume-hang.log
fi
- echo "|$AGENT %p %s %c" > /proc/sys/kernel/core_pattern
+ echo "|$AGENT %p %s %c %P" > /proc/sys/kernel/core_pattern
}
#