touch-packages team mailing list archive

Thread
Date

[Bug 1429140] Re: lxc-net upstart script fails on nonexistent iptables rules

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1429140@xxxxxxxxxxxxxxxxxx>
Date: Mon, 30 Nov 2015 17:23:05 -0000
Reply-to: Bug 1429140 <1429140@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package lxc - 1.0.8-0ubuntu0.3

---------------
lxc (1.0.8-0ubuntu0.3) trusty; urgency=medium

  * Cherry-pick from upstream:
    - Fix preserve_ns to work on < 3.8 kernels. (LP: #1516971)

lxc (1.0.8-0ubuntu0.2) trusty; urgency=medium

  * Cherry-pick from upstream:
    - Fix ubuntu-cloud template to detect compression algorithm instead
      of hardcoding xz. Also update list of supported releases and use trusty
      as the fallback release. (LP: #1515463)
  * Update lxc-tests description to make it clear that this package is
    meant to be used by developers and by automated testing.

lxc (1.0.8-0ubuntu0.1) trusty; urgency=medium

  * New upstream bugfix release. (MRE tracking bug: LP: #1514623)
    (LP: #1429140)
    - Changelog at: https://linuxcontainers.org/lxc/news/
  * Drop proxy detection from the autopkgtest exercise script.
  * Add patch:
    - 0001-Trusty-Swap-out-the-CVE-2015-1335-fix-with-the-trust.patch
      This is a patch by Serge Hallyn to cope with the trusty 3.13 kernel.
      It updates the upstream CVE fix to the version which trusty ended
      up with after the few round of fixes.

 -- Stéphane Graber <stgraber@xxxxxxxxxx>  Wed, 18 Nov 2015 13:42:07
-0500

** Changed in: lxc (Ubuntu Trusty)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1335

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1429140

Title:
  lxc-net upstart script fails on nonexistent iptables rules

Status in lxc package in Ubuntu:
  Fix Released
Status in lxc source package in Trusty:
  Fix Released

Bug description:
  Hello,

  On Trusty, the stop of lxc-net fails if the iptables rules are not
  present.

  I added “exec >> /tmp/lxc-net.log 2>&1” at the beginning of pre-start
  and post-stop and get:

      iptables: Bad rule (does a matching rule exist in that chain?).

  On Precise, a “|| true” was added to avoid errors.

  I attach a patch to disable exit on failing iptables call.

  Regards.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1429140/+subscriptions

References

[Bug 1429140] [NEW] lxc-net upstart script fails on nonexistent iptables rules
From: Daniel Dehennin, 2015-03-06