touch-packages team mailing list archive

[Martin Pitt <martin.pitt@xxxxxxxxxx>]

Public bug reported:

Test case
-------------
- Under Ubuntu 15.04 (or 15.10), set up an unprivileged container as in https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/
- Boot it. You'll get a lot of errors like

  [FAILED] Failed to start Journal Service.
  systemd-journald-audit.socket failed to listen on sockets: Operation not permitted
  [FAILED] Failed to listen on Journal Audit Socket.

- The same happens with systemd-nspawn -b.

As a result, the journal isn't working at all.

With a fixed systemd package, systemd in the container should realize
that it cannot listen to the audit socket (as the kernel doesn't allow
that -- the audit subsystem isn't fit for namespaces right now), and
"sudo journalctl" should show the journal and systemd-journald.service
should be running.

** Affects: systemd (Ubuntu)
     Importance: Medium
     Assignee: Martin Pitt (pitti)
         Status: In Progress

** Affects: systemd (Ubuntu Vivid)
     Importance: Undecided
         Status: New

** Affects: systemd (Ubuntu Wily)
     Importance: Medium
     Assignee: Martin Pitt (pitti)
         Status: In Progress


** Tags: systemd-boot

** Also affects: systemd (Ubuntu Vivid)
   Importance: Undecided
       Status: New

** Also affects: systemd (Ubuntu Wily)
   Importance: Undecided
       Status: New

** Changed in: systemd (Ubuntu Wily)
       Status: New => In Progress

** Changed in: systemd (Ubuntu Wily)
   Importance: Undecided => Medium

** Changed in: systemd (Ubuntu Wily)
     Assignee: (unassigned) => Martin Pitt (pitti)

** Tags added: systemd-boot

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1457054

Title:
  journal is broken in unprivileged LXC and nspawn containers

Status in systemd package in Ubuntu:
  In Progress
Status in systemd source package in Vivid:
  New
Status in systemd source package in Wily:
  In Progress

Bug description:
  Test case
  -------------
  - Under Ubuntu 15.04 (or 15.10), set up an unprivileged container as in https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/
  - Boot it. You'll get a lot of errors like

    [FAILED] Failed to start Journal Service.
    systemd-journald-audit.socket failed to listen on sockets: Operation not permitted
    [FAILED] Failed to listen on Journal Audit Socket.

  - The same happens with systemd-nspawn -b.

  As a result, the journal isn't working at all.

  With a fixed systemd package, systemd in the container should realize
  that it cannot listen to the audit socket (as the kernel doesn't allow
  that -- the audit subsystem isn't fit for namespaces right now), and
  "sudo journalctl" should show the journal and systemd-journald.service
  should be running.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1457054/+subscriptions