From debbugs-submit-bounces@debbugs.gnu.org Sun Aug 09 19:11:57 2015 Received: (at submit) by debbugs.gnu.org; 9 Aug 2015 23:11:57 +0000 Received: from localhost ([127.0.0.1]:51510 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZOZkx-0002Cz-F5 for submit@debbugs.gnu.org; Sun, 09 Aug 2015 19:11:57 -0400 Received: from eggs.gnu.org ([208.118.235.92]:41747) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZOWx8-0006bV-Br for submit@debbugs.gnu.org; Sun, 09 Aug 2015 16:12:38 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZOWx5-0004RW-Os for submit@debbugs.gnu.org; Sun, 09 Aug 2015 16:12:17 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_40,T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:47509) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZOWx5-0004RS-LS for submit@debbugs.gnu.org; Sun, 09 Aug 2015 16:12:15 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51748) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZOWx3-0008Um-6k for bug-guix@gnu.org; Sun, 09 Aug 2015 16:12:15 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZOWwz-0004Qk-Sa for bug-guix@gnu.org; Sun, 09 Aug 2015 16:12:13 -0400 Received: from mx1.riseup.net ([198.252.153.129]:48272) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZOWwz-0004Qc-JD for bug-guix@gnu.org; Sun, 09 Aug 2015 16:12:09 -0400 Received: from piha.riseup.net (unknown [10.0.1.162]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.riseup.net (Postfix) with ESMTPS id 47843C1EC9 for ; Sun, 9 Aug 2015 13:12:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1439151128; bh=2tsMxx3fbQ4QCKB4lQz0beW3DcjlpVBRaMq0is9zH30=; h=Date:From:To:Subject:From; b=q3+OLOIROb0EWCHSTmGhQSwW14V9enRpucSmDFBhPxAzKRTC8mIPx4FCNjpqYCMxB LHexMq56ucL4caPcCwwT3fHksjTXaNgIJ+LEx9Ygo7kbxGs8lwjPg9eJJ1nrnDQ00T DoiDOtibzx30LItPeI4AEqnUr3pfq5eIMYb05idY= Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: jchmrt) with ESMTPSA id 9E0AB14128E Message-ID: <55C7B413.1070003@riseup.net> Date: Sun, 09 Aug 2015 22:12:03 +0200 From: Jochem Raat User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0 MIME-Version: 1.0 To: bug-guix@gnu.org Subject: FAIL: tests/containers.scm Content-Type: multipart/mixed; boundary="------------090007090609060401040007" X-Virus-Scanned: clamav-milter 0.98.7 at mx1.riseup.net X-Virus-Status: Clean X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.3 (----) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Sun, 09 Aug 2015 19:11:53 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.3 (----) This is a multi-part message in MIME format. --------------090007090609060401040007 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable During the running of make check on the guix 0.8.3 source tarball, test/containers.scm failed. I don't know enough about guix to understand why, but the manual said to report it to this email-adress. Please tell me if you need me to do more tests. Attached are the test-suite.log and containers.log. --------------090007090609060401040007 Content-Type: text/x-log; name="test-suite.log" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="test-suite.log" =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D GNU Guix 0.8.3: ./test-suite.log =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D # TOTAL: 44 # PASS: 43 # SKIP: 0 # XFAIL: 0 # FAIL: 1 # XPASS: 0 # ERROR: 0 =2E. contents:: :depth: 2 FAIL: tests/containers =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D %%%% Starting test containers (Writing full log to "containers.log") tests/containers.scm:35: FAIL call-with-container, user namespace tests/containers.scm:43: FAIL call-with-container, uts namespace tests/containers.scm:53: FAIL call-with-container, pid namespace tests/containers.scm:68: FAIL call-with-container, mnt namespace %%%% Starting test containers (Writing full log to "containers.log") tests/containers.scm:35: FAIL call-with-container, user namespace tests/containers.scm:43: FAIL call-with-container, uts namespace tests/containers.scm:53: FAIL call-with-container, pid namespace tests/containers.scm:68: FAIL call-with-container, mnt namespace tests/containers.scm:75: FAIL call-with-container, all namespaces tests/containers.scm:81: FAIL container-excursion # of unexpected failures 6 %%%% Starting test containers (Writing full log to "containers.log") tests/containers.scm:35: FAIL call-with-container, user namespace tests/containers.scm:43: FAIL call-with-container, uts namespace tests/containers.scm:53: FAIL call-with-container, pid namespace tests/containers.scm:68: FAIL call-with-container, mnt namespace tests/containers.scm:75: FAIL call-with-container, all namespaces %%%% Starting test containers (Writing full log to "containers.log") tests/containers.scm:35: FAIL call-with-container, user namespace tests/containers.scm:43: FAIL call-with-container, uts namespace tests/containers.scm:53: FAIL call-with-container, pid namespace %%%% Starting test containers (Writing full log to "containers.log") tests/containers.scm:35: FAIL call-with-container, user namespace tests/containers.scm:43: FAIL call-with-container, uts namespace %%%% Starting test containers (Writing full log to "containers.log") tests/containers.scm:35: FAIL call-with-container, user namespace tests/containers.scm:43: FAIL call-with-container, uts namespace %%%% Starting test containers (Writing full log to "containers.log") tests/containers.scm:35: FAIL call-with-container, user namespace %%%% Starting test containers (Writing full log to "containers.log") --------------090007090609060401040007 Content-Type: text/x-log; name="containers.log" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="containers.log" %%%% Starting test containers Group begin: containers Test begin: test-name: "call-with-container, user namespace" source-file: "tests/containers.scm" source-line: 35 source-form: (test-assert "call-with-container, user namespace" (zero? = (call-with-container (quote ()) (lambda () (assert-exit (and (zero? (getu= id)) (zero? (getgid))))) #:namespaces (quote (user))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12229/setgroups") (2)) Test begin: test-name: "call-with-container, uts namespace" source-file: "tests/containers.scm" source-line: 43 source-form: (test-assert "call-with-container, uts namespace" (zero? (= call-with-container (quote ()) (lambda () (sethostname "test-container") = (primitive-exit 0)) #:namespaces (quote (user uts))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12230/setgroups") (2)) Test begin: test-name: "call-with-container, pid namespace" source-file: "tests/containers.scm" source-line: 53 source-form: (test-assert "call-with-container, pid namespace" (zero? (= call-with-container (quote ()) (lambda () (match (primitive-fork) (0 (ass= ert-exit (=3D 2 (getpid)))) (pid (primitive-exit (match (waitpid pid) ((_= . status) (status:exit-val status))))))) #:namespaces (quote (user pid))= ))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12237/setgroups") (2)) Test begin: test-name: "call-with-container, mnt namespace" source-file: "tests/containers.scm" source-line: 68 source-form: (test-assert "call-with-container, mnt namespace" (zero? (= call-with-container (quote (("none" device "/testing" "tmpfs" () #f #f)))= (lambda () (assert-exit (file-exists? "/testing"))) #:namespaces (quote = (user mnt))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12242/setgroups") (2)) Test begin: test-name: "call-with-container, all namespaces" source-file: "tests/containers.scm" source-line: 75 source-form: (test-assert "call-with-container, all namespaces" (zero? = (call-with-container (quote ()) (lambda () (primitive-exit 0))))) %%%% Starting test containers Group begin: containers Test begin: test-name: "call-with-container, user namespace" source-file: "tests/containers.scm" source-line: 35 source-form: (test-assert "call-with-container, user namespace" (zero? = (call-with-container (quote ()) (lambda () (assert-exit (and (zero? (getu= id)) (zero? (getgid))))) #:namespaces (quote (user))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12229/setgroups") (2)) Test begin: test-name: "call-with-container, uts namespace" source-file: "tests/containers.scm" source-line: 43 source-form: (test-assert "call-with-container, uts namespace" (zero? (= call-with-container (quote ()) (lambda () (sethostname "test-container") = (primitive-exit 0)) #:namespaces (quote (user uts))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12230/setgroups") (2)) Test begin: test-name: "call-with-container, pid namespace" source-file: "tests/containers.scm" source-line: 53 source-form: (test-assert "call-with-container, pid namespace" (zero? (= call-with-container (quote ()) (lambda () (match (primitive-fork) (0 (ass= ert-exit (=3D 2 (getpid)))) (pid (primitive-exit (match (waitpid pid) ((_= . status) (status:exit-val status))))))) #:namespaces (quote (user pid))= ))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12237/setgroups") (2)) Test begin: test-name: "call-with-container, mnt namespace" source-file: "tests/containers.scm" source-line: 68 source-form: (test-assert "call-with-container, mnt namespace" (zero? (= call-with-container (quote (("none" device "/testing" "tmpfs" () #f #f)))= (lambda () (assert-exit (file-exists? "/testing"))) #:namespaces (quote = (user mnt))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12242/setgroups") (2)) Test begin: test-name: "call-with-container, all namespaces" source-file: "tests/containers.scm" source-line: 75 source-form: (test-assert "call-with-container, all namespaces" (zero? = (call-with-container (quote ()) (lambda () (primitive-exit 0))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12250/setgroups") (2)) Test begin: test-name: "container-excursion" source-file: "tests/containers.scm" source-line: 81 source-form: (test-assert "container-excursion" (call-with-temporary-di= rectory (lambda (root) (match (list (pipe) (pipe)) (((start-in . start-ou= t) (end-in . end-out)) (define (container) (close end-out) (close start-i= n) (write (quote ready) start-out) (close start-out) (read end-in) (close= end-in)) (define (namespaces pid) (let ((pid (number->string pid))) (map= (lambda (ns) (readlink (string-append "/proc/" pid "/ns/" ns))) (quote (= "user" "ipc" "uts" "net" "pid" "mnt"))))) (let* ((pid (run-container root= (quote ()) %namespaces container)) (container-namespaces (namespaces pid= )) (result (begin (close start-out) (read start-in) (close start-in) (con= tainer-excursion pid (lambda () (match (primitive-fork) (0 (assert-exit (= equal? container-namespaces (namespaces (getpid))))) (fork-pid (match (wa= itpid fork-pid) ((_ . status) (primitive-exit (status:exit-val status))))= ))))))) (close end-in) (write (quote done) end-out) (close end-out) (wait= pid pid) (zero? result))))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12254/setgroups") (2)) Group end: containers # of unexpected failures 6 %%%% Starting test containers Group begin: containers Test begin: test-name: "call-with-container, user namespace" source-file: "tests/containers.scm" source-line: 35 source-form: (test-assert "call-with-container, user namespace" (zero? = (call-with-container (quote ()) (lambda () (assert-exit (and (zero? (getu= id)) (zero? (getgid))))) #:namespaces (quote (user))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12229/setgroups") (2)) Test begin: test-name: "call-with-container, uts namespace" source-file: "tests/containers.scm" source-line: 43 source-form: (test-assert "call-with-container, uts namespace" (zero? (= call-with-container (quote ()) (lambda () (sethostname "test-container") = (primitive-exit 0)) #:namespaces (quote (user uts))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12230/setgroups") (2)) Test begin: test-name: "call-with-container, pid namespace" source-file: "tests/containers.scm" source-line: 53 source-form: (test-assert "call-with-container, pid namespace" (zero? (= call-with-container (quote ()) (lambda () (match (primitive-fork) (0 (ass= ert-exit (=3D 2 (getpid)))) (pid (primitive-exit (match (waitpid pid) ((_= . status) (status:exit-val status))))))) #:namespaces (quote (user pid))= ))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12237/setgroups") (2)) Test begin: test-name: "call-with-container, mnt namespace" source-file: "tests/containers.scm" source-line: 68 source-form: (test-assert "call-with-container, mnt namespace" (zero? (= call-with-container (quote (("none" device "/testing" "tmpfs" () #f #f)))= (lambda () (assert-exit (file-exists? "/testing"))) #:namespaces (quote = (user mnt))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12242/setgroups") (2)) Test begin: test-name: "call-with-container, all namespaces" source-file: "tests/containers.scm" source-line: 75 source-form: (test-assert "call-with-container, all namespaces" (zero? = (call-with-container (quote ()) (lambda () (primitive-exit 0))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12250/setgroups") (2)) Test begin: test-name: "container-excursion" source-file: "tests/containers.scm" source-line: 81 source-form: (test-assert "container-excursion" (call-with-temporary-di= rectory (lambda (root) (match (list (pipe) (pipe)) (((start-in . start-ou= t) (end-in . end-out)) (define (container) (close end-out) (close start-i= n) (write (quote ready) start-out) (close start-out) (read end-in) (close= end-in)) (define (namespaces pid) (let ((pid (number->string pid))) (map= (lambda (ns) (readlink (string-append "/proc/" pid "/ns/" ns))) (quote (= "user" "ipc" "uts" "net" "pid" "mnt"))))) (let* ((pid (run-container root= (quote ()) %namespaces container)) (container-namespaces (namespaces pid= )) (result (begin (close start-out) (read start-in) (close start-in) (con= tainer-excursion pid (lambda () (match (primitive-fork) (0 (assert-exit (= equal? container-namespaces (namespaces (getpid))))) (fork-pid (match (wa= itpid fork-pid) ((_ . status) (primitive-exit (status:exit-val status))))= ))))))) (close end-in) (write (quote done) end-out) (close end-out) (wait= pid pid) (zero? result))))))) %%%% Starting test containers Group begin: containers Test begin: test-name: "call-with-container, user namespace" source-file: "tests/containers.scm" source-line: 35 source-form: (test-assert "call-with-container, user namespace" (zero? = (call-with-container (quote ()) (lambda () (assert-exit (and (zero? (getu= id)) (zero? (getgid))))) #:namespaces (quote (user))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12229/setgroups") (2)) Test begin: test-name: "call-with-container, uts namespace" source-file: "tests/containers.scm" source-line: 43 source-form: (test-assert "call-with-container, uts namespace" (zero? (= call-with-container (quote ()) (lambda () (sethostname "test-container") = (primitive-exit 0)) #:namespaces (quote (user uts))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12230/setgroups") (2)) Test begin: test-name: "call-with-container, pid namespace" source-file: "tests/containers.scm" source-line: 53 source-form: (test-assert "call-with-container, pid namespace" (zero? (= call-with-container (quote ()) (lambda () (match (primitive-fork) (0 (ass= ert-exit (=3D 2 (getpid)))) (pid (primitive-exit (match (waitpid pid) ((_= . status) (status:exit-val status))))))) #:namespaces (quote (user pid))= ))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12237/setgroups") (2)) Test begin: test-name: "call-with-container, mnt namespace" source-file: "tests/containers.scm" source-line: 68 source-form: (test-assert "call-with-container, mnt namespace" (zero? (= call-with-container (quote (("none" device "/testing" "tmpfs" () #f #f)))= (lambda () (assert-exit (file-exists? "/testing"))) #:namespaces (quote = (user mnt))))) %%%% Starting test containers Group begin: containers Test begin: test-name: "call-with-container, user namespace" source-file: "tests/containers.scm" source-line: 35 source-form: (test-assert "call-with-container, user namespace" (zero? = (call-with-container (quote ()) (lambda () (assert-exit (and (zero? (getu= id)) (zero? (getgid))))) #:namespaces (quote (user))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12229/setgroups") (2)) Test begin: test-name: "call-with-container, uts namespace" source-file: "tests/containers.scm" source-line: 43 source-form: (test-assert "call-with-container, uts namespace" (zero? (= call-with-container (quote ()) (lambda () (sethostname "test-container") = (primitive-exit 0)) #:namespaces (quote (user uts))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12230/setgroups") (2)) Test begin: test-name: "call-with-container, pid namespace" source-file: "tests/containers.scm" source-line: 53 source-form: (test-assert "call-with-container, pid namespace" (zero? (= call-with-container (quote ()) (lambda () (match (primitive-fork) (0 (ass= ert-exit (=3D 2 (getpid)))) (pid (primitive-exit (match (waitpid pid) ((_= . status) (status:exit-val status))))))) #:namespaces (quote (user pid))= ))) %%%% Starting test containers Group begin: containers Test begin: test-name: "call-with-container, user namespace" source-file: "tests/containers.scm" source-line: 35 source-form: (test-assert "call-with-container, user namespace" (zero? = (call-with-container (quote ()) (lambda () (assert-exit (and (zero? (getu= id)) (zero? (getgid))))) #:namespaces (quote (user))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12229/setgroups") (2)) Test begin: test-name: "call-with-container, uts namespace" source-file: "tests/containers.scm" source-line: 43 source-form: (test-assert "call-with-container, uts namespace" (zero? (= call-with-container (quote ()) (lambda () (sethostname "test-container") = (primitive-exit 0)) #:namespaces (quote (user uts))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12230/setgroups") (2)) Test begin: test-name: "call-with-container, pid namespace" source-file: "tests/containers.scm" source-line: 53 source-form: (test-assert "call-with-container, pid namespace" (zero? (= call-with-container (quote ()) (lambda () (match (primitive-fork) (0 (ass= ert-exit (=3D 2 (getpid)))) (pid (primitive-exit (match (waitpid pid) ((_= . status) (status:exit-val status))))))) #:namespaces (quote (user pid))= ))) %%%% Starting test containers Group begin: containers Test begin: test-name: "call-with-container, user namespace" source-file: "tests/containers.scm" source-line: 35 source-form: (test-assert "call-with-container, user namespace" (zero? = (call-with-container (quote ()) (lambda () (assert-exit (and (zero? (getu= id)) (zero? (getgid))))) #:namespaces (quote (user))))) Test end: result-kind: fail actual-value: #f actual-error: (system-error "open-file" "~A: ~S" ("No such file or dire= ctory" "/proc/12229/setgroups") (2)) Test begin: test-name: "call-with-container, uts namespace" source-file: "tests/containers.scm" source-line: 43 source-form: (test-assert "call-with-container, uts namespace" (zero? (= call-with-container (quote ()) (lambda () (sethostname "test-container") = (primitive-exit 0)) #:namespaces (quote (user uts))))) %%%% Starting test containers Group begin: containers Test begin: test-name: "call-with-container, user namespace" source-file: "tests/containers.scm" source-line: 35 source-form: (test-assert "call-with-container, user namespace" (zero? = (call-with-container (quote ()) (lambda () (assert-exit (and (zero? (getu= id)) (zero? (getgid))))) #:namespaces (quote (user))))) --------------090007090609060401040007-- From debbugs-submit-bounces@debbugs.gnu.org Mon Aug 10 16:46:55 2015 Received: (at 21226) by debbugs.gnu.org; 10 Aug 2015 20:46:55 +0000 Received: from localhost ([127.0.0.1]:52485 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZOtyB-0001LX-1w for submit@debbugs.gnu.org; Mon, 10 Aug 2015 16:46:55 -0400 Received: from mail-yk0-f171.google.com ([209.85.160.171]:36571) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZOty8-0001LP-Gm for 21226@debbugs.gnu.org; Mon, 10 Aug 2015 16:46:53 -0400 Received: by ykeo23 with SMTP id o23so149831217yke.3 for <21226@debbugs.gnu.org>; Mon, 10 Aug 2015 13:46:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=h71hkpylx2VujM8YS58K6+GE/vO/6SXWUDQCuwgjsBc=; b=hYD+O1tTFTCNvYpKEmIukM5DiYuZ1DtbQw4od6ulC/kE+f2cw4ivThCFC/cQyMUZGp bzFjtRtgpxGFIoRM4F7hI7Qaj4qE4k1WTssI4FiR+0FivxTx4SRZ5asMfLp+jMrZ17sR epwYZhPA0Xi2tTTsRWAZaB9pdTKiaAxDMhwsYX3EAf9nsmXyorcSI85cTCtH6oiDrvz5 lDVwbib0ZDQApe0Tx/a633DrZE9eXfc90N/juReDAMyG8KYUvO0cOuFu/ytZe9sDqERT TdpHjYAnjGaD+VN11BVQPCkrIe0H9ITSiqfvRNQ8XpILWgHT7CH4DWxLSD6ahZp9xsmT Dmzg== X-Gm-Message-State: ALoCoQkfeGNX/oTzu3tHpCGeyy3fq61VS8YrQ3h3P8+tauwt1IU1MnGcLSCnCnyc71S/LsKpIpF+ MIME-Version: 1.0 X-Received: by 10.129.81.194 with SMTP id f185mr1007083ywb.41.1439239611960; Mon, 10 Aug 2015 13:46:51 -0700 (PDT) Received: by 10.37.53.193 with HTTP; Mon, 10 Aug 2015 13:46:51 -0700 (PDT) In-Reply-To: <55C85F91.1080700@riseup.net> References: <55C7B413.1070003@riseup.net> <55C85F91.1080700@riseup.net> Date: Mon, 10 Aug 2015 16:46:51 -0400 Message-ID: Subject: Re: bug#21226: FAIL: tests/containers.scm From: "Thompson, David" To: Jochem Raat , 21226@debbugs.gnu.org Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 21226 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) [ Forgot to "Reply All". Re-sending to bug tracker ] On Mon, Aug 10, 2015 at 4:23 AM, Jochem Raat wrote: > On 10-08-15 02:10, Thompson, David wrote: >> Hello Jochem, >> >> Thanks for the report. I've done some work to fix these in our >> master, but perhaps you have a situation that I haven't addressed. >> The container functionality requires a relatively recent version (3.8, >> I think) of Linux in order to work. >> >> What version of Linux are you using? > > I think I am running linux 3.13 ('uname -r' returns: 3.13.0-30-generic). > >> What is the output of 'ls -l /proc/self/ns'? > > 'ls -l /proc/self/ns' returns: > total 0 > lrwxrwxrwx 1 jm jm 0 aug 10 10:12 ipc -> ipc:[4026531839] > lrwxrwxrwx 1 jm jm 0 aug 10 10:12 mnt -> mnt:[4026531840] > lrwxrwxrwx 1 jm jm 0 aug 10 10:12 net -> net:[4026531956] > lrwxrwxrwx 1 jm jm 0 aug 10 10:12 pid -> pid:[4026531836] > lrwxrwxrwx 1 jm jm 0 aug 10 10:12 user -> user:[4026531837] > lrwxrwxrwx 1 jm jm 0 aug 10 10:12 uts -> uts:[4026531838] > Thanks. So, you have a new enough kernel for all 6 user namespaces to work but the 'setgroups' interface is not present. I did some reading in the user_namespaces(7) man page and found that using setgroups became a requirement in Linux 3.19 and only kernels may not have it. I took a look at an Ubuntu 14.04 machine which also runs a 3.13 kernel and /proc/self/setgroups exists, so indeed it is an optional thing. The fix will be to test if /proc/self/setgroups exists before writing to it. I'll have this fixed next time I get a chance to hack. Thanks again for reporting this issue! - Dave From debbugs-submit-bounces@debbugs.gnu.org Tue Aug 11 08:41:57 2015 Received: (at 21226) by debbugs.gnu.org; 11 Aug 2015 12:41:57 +0000 Received: from localhost ([127.0.0.1]:52967 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZP8sP-0001sQ-Ii for submit@debbugs.gnu.org; Tue, 11 Aug 2015 08:41:57 -0400 Received: from mail-yk0-f182.google.com ([209.85.160.182]:36017) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZP8sN-0001sG-Ds for 21226@debbugs.gnu.org; Tue, 11 Aug 2015 08:41:55 -0400 Received: by ykeo23 with SMTP id o23so164760926yke.3 for <21226@debbugs.gnu.org>; Tue, 11 Aug 2015 05:41:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=f/+YCVkiG4mDWgox3OFDDH8GIaxYHc24rKeiSW7kCQc=; b=mKEo/N2CKloaI+s9tHai+x6xaI5rVu0pta93+2iRtqWSb9Ca+/cA7Svr0K9thlbq72 X9vgyqlN5hFvAJLbp80936UF3fwlocfxKWyFLSW57ozun30QYVTgUxCgpI8n92S2loUA 6owHMzfmzlCb2f560AdMkQQXKA/yaQDss5LCHYZ6qOz1gRIDVZn6kHKchIO+Ul37Fs1a n4Y6tMbk75PcKuUkgobHC9beY/42BFAzVEKHv9xDh+44pteALshLh70+vk9ofq9vf+Ps 4YNe2Bx7+6EYu1vidd7nU4WOFWP56WiCcSRdiMiq4AP0Bw311YKbp/x2E++DjDDBLNOj dRgQ== X-Gm-Message-State: ALoCoQnvrlyViYaacjgRRL7CMYF0y34mv65TNS+CCkQV8W8xBbj2YAvB9S7XZizXjpvhNEaLE/b6 MIME-Version: 1.0 X-Received: by 10.13.212.207 with SMTP id w198mr13216988ywd.68.1439296914772; Tue, 11 Aug 2015 05:41:54 -0700 (PDT) Received: by 10.37.53.193 with HTTP; Tue, 11 Aug 2015 05:41:54 -0700 (PDT) In-Reply-To: <55C7B413.1070003@riseup.net> References: <55C7B413.1070003@riseup.net> Date: Tue, 11 Aug 2015 08:41:54 -0400 Message-ID: Subject: Re: bug#21226: FAIL: tests/containers.scm From: "Thompson, David" To: Jochem Raat Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 21226 Cc: 21226@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) Hello Jochem, On Sun, Aug 9, 2015 at 4:12 PM, Jochem Raat wrote: > During the running of make check on the guix 0.8.3 source tarball, > test/containers.scm failed. I don't know enough about guix to understand > why, but the manual said to report it to this email-adress. Please tell > me if you need me to do more tests. > > Attached are the test-suite.log and containers.log. Fixed in commit bc459b6, which skips the tests if /proc/self/setgroups does not exist, rather than allowing a system with a vulnerable kernel create containers with a new user namespace. I would like to note that you should update your kernel as soon as possible, as the lack of /proc/self/setgroups means that you are running a kernel with a known security vulnerability. The fix was introduced in Linux 3.19, but backported to many older kernels, including 3.13. Thanks, - Dave From debbugs-submit-bounces@debbugs.gnu.org Tue Aug 11 08:52:54 2015 Received: (at control) by debbugs.gnu.org; 11 Aug 2015 12:52:54 +0000 Received: from localhost ([127.0.0.1]:52975 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZP930-00028N-2a for submit@debbugs.gnu.org; Tue, 11 Aug 2015 08:52:54 -0400 Received: from mail.fsf.org ([208.118.235.13]:40612) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZP92x-00028F-FF for control@debbugs.gnu.org; Tue, 11 Aug 2015 08:52:51 -0400 Received: from [216.236.243.66] (port=56472 helo=izanagi) by mail.fsf.org with esmtpsa (TLS-1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.69) (envelope-from ) id 1ZP92w-0006zi-Mw for control@debbugs.gnu.org; Tue, 11 Aug 2015 08:52:50 -0400 From: David Thompson To: control@debbugs.gnu.org Subject: Close #21226 User-Agent: Notmuch/0.19 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-unknown-linux-gnu) Date: Tue, 11 Aug 2015 08:52:49 -0400 Message-ID: <87h9o6ugv2.fsf@izanagi.i-did-not-set--mail-host-address--so-tickle-me> MIME-Version: 1.0 Content-Type: text/plain X-detected-operating-system: by mail.fsf.org: GNU/Linux 2.2.x-3.x [generic] X-Spam-Score: -4.0 (----) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.0 (----) close 21226 From debbugs-submit-bounces@debbugs.gnu.org Tue Aug 11 09:29:35 2015 Received: (at 21226) by debbugs.gnu.org; 11 Aug 2015 13:29:35 +0000 Received: from localhost ([127.0.0.1]:52986 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZP9cU-0004VM-4O for submit@debbugs.gnu.org; Tue, 11 Aug 2015 09:29:34 -0400 Received: from mx1.riseup.net ([198.252.153.129]:54183) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZP9cQ-0004VC-L0 for 21226@debbugs.gnu.org; Tue, 11 Aug 2015 09:29:31 -0400 Received: from cotinga.riseup.net (unknown [10.0.1.161]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.riseup.net (Postfix) with ESMTPS id E617CC22FF; Tue, 11 Aug 2015 06:29:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1439299769; bh=yQ8tlc29nvi8gB5O1vv7TWmpBrMmYj5L8dmyCdUAhTo=; h=Date:From:To:CC:Subject:References:In-Reply-To:From; b=b6rS22RMuiFaTWZPssMzkLUzrbEgAoknC3AYeuD1VeoUyo6xeC3UQ/tUUjQtY9kP2 EGqQ79dpQH9DZe3L/SlKsptTGhEjcb7oMSdRDJBmB9vTuG7XL//rhwlnBzi8xCpVvG 3KPZcxv0/UBIEWxiuOIQXfWUwSN0wbrHGQ5uvM40= Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: jchmrt) with ESMTPSA id C159B1C023A Message-ID: <55C9F8B5.4000200@riseup.net> Date: Tue, 11 Aug 2015 15:29:25 +0200 From: Jochem Raat User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0 MIME-Version: 1.0 To: "Thompson, David" Subject: Re: bug#21226: FAIL: tests/containers.scm References: <55C7B413.1070003@riseup.net> In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.98.7 at mx1.riseup.net X-Virus-Status: Clean X-Spam-Score: -0.9 (/) X-Debbugs-Envelope-To: 21226 Cc: 21226@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.9 (/) On 11-08-15 14:41, Thompson, David wrote: > > Fixed in commit bc459b6, which skips the tests if /proc/self/setgroups > does not exist, rather than allowing a system with a vulnerable kernel > create containers with a new user namespace. Thanks for the fast response and fix! > > I would like to note that you should update your kernel as soon as > possible, as the lack of /proc/self/setgroups means that you are > running a kernel with a known security vulnerability. The fix was > introduced in Linux 3.19, but backported to many older kernels, > including 3.13. Thanks for the advice, I have updated my kernel. From unknown Sat Aug 16 19:16:30 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Wed, 09 Sep 2015 11:24:04 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator