From: "Mike Gilbert" <floppym@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/, sys-apps/systemd/files/
Date: Thu, 5 Apr 2018 20:12:02 +0000 (UTC) [thread overview]
Message-ID: <1522959112.3ffe8430672993cfc0d8d0b3abdf4d777cf3fdc1.floppym@gentoo> (raw)
commit: 3ffe8430672993cfc0d8d0b3abdf4d777cf3fdc1
Author: Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Thu Apr 5 20:11:52 2018 +0000
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Thu Apr 5 20:11:52 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3ffe8430
sys-apps/systemd: fix regression in nspawn network setup
Closes: https://bugs.gentoo.org/652396
Package-Manager: Portage-2.3.24, Repoman-2.3.6_p81
sys-apps/systemd/files/238-nspawn-wait.patch | 83 ++++++++++++++++++++++
...systemd-238-r3.ebuild => systemd-238-r4.ebuild} | 1 +
2 files changed, 84 insertions(+)
diff --git a/sys-apps/systemd/files/238-nspawn-wait.patch b/sys-apps/systemd/files/238-nspawn-wait.patch
new file mode 100644
index 00000000000..a740e893345
--- /dev/null
+++ b/sys-apps/systemd/files/238-nspawn-wait.patch
@@ -0,0 +1,83 @@
+From 7511655807e90aa33ea7b71991401a79ec36bb41 Mon Sep 17 00:00:00 2001
+From: Philip Sequeira <phsequei@gmail.com>
+Date: Thu, 5 Apr 2018 14:04:27 +0000
+Subject: [PATCH] nspawn: wait for network namespace creation before interface
+ setup (#8633)
+
+Otherwise, network interfaces can be "moved" into the container's
+namespace while it's still the same as the host namespace, in which case
+e.g. host0 for a veth ends up on the host side instead of inside the
+container.
+
+Regression introduced in 0441378080489e4ab6704cd0a2d78cb1ceaca899.
+
+Fixes #8599.
+---
+ src/nspawn/nspawn.c | 19 +++++++++++++++----
+ 1 file changed, 15 insertions(+), 4 deletions(-)
+
+diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
+index 810f1247ea2..a5bc50c1f4c 100644
+--- a/src/nspawn/nspawn.c
++++ b/src/nspawn/nspawn.c
+@@ -2329,6 +2329,9 @@ static int inner_child(
+ r = unshare(CLONE_NEWNET);
+ if (r < 0)
+ return log_error_errno(errno, "Failed to unshare network namespace: %m");
++
++ /* Tell the parent that it can setup network interfaces. */
++ (void) barrier_place(barrier); /* #3 */
+ }
+
+ r = mount_sysfs(NULL, arg_mount_settings);
+@@ -2337,7 +2340,7 @@ static int inner_child(
+
+ /* Wait until we are cgroup-ified, so that we
+ * can mount the right cgroup path writable */
+- if (!barrier_place_and_sync(barrier)) { /* #3 */
++ if (!barrier_place_and_sync(barrier)) { /* #4 */
+ log_error("Parent died too early");
+ return -ESRCH;
+ }
+@@ -2448,7 +2451,7 @@ static int inner_child(
+ /* Let the parent know that we are ready and
+ * wait until the parent is ready with the
+ * setup, too... */
+- if (!barrier_place_and_sync(barrier)) { /* #4 */
++ if (!barrier_place_and_sync(barrier)) { /* #5 */
+ log_error("Parent died too early");
+ return -ESRCH;
+ }
+@@ -3533,6 +3536,14 @@ static int run(int master,
+
+ if (arg_private_network) {
+
++ if (!arg_network_namespace_path) {
++ /* Wait until the child has unshared its network namespace. */
++ if (!barrier_place_and_sync(&barrier)) { /* #3 */
++ log_error("Child died too early");
++ return -ESRCH;
++ }
++ }
++
+ r = move_network_interfaces(*pid, arg_network_interfaces);
+ if (r < 0)
+ return r;
+@@ -3656,7 +3667,7 @@ static int run(int master,
+ * its setup (including cgroup-ification), and that
+ * the child can now hand over control to the code to
+ * run inside the container. */
+- (void) barrier_place(&barrier); /* #3 */
++ (void) barrier_place(&barrier); /* #4 */
+
+ /* Block SIGCHLD here, before notifying child.
+ * process_pty() will handle it with the other signals. */
+@@ -3684,7 +3695,7 @@ static int run(int master,
+ return r;
+
+ /* Let the child know that we are ready and wait that the child is completely ready now. */
+- if (!barrier_place_and_sync(&barrier)) { /* #4 */
++ if (!barrier_place_and_sync(&barrier)) { /* #5 */
+ log_error("Child died too early.");
+ return -ESRCH;
+ }
diff --git a/sys-apps/systemd/systemd-238-r3.ebuild b/sys-apps/systemd/systemd-238-r4.ebuild
similarity index 99%
rename from sys-apps/systemd/systemd-238-r3.ebuild
rename to sys-apps/systemd/systemd-238-r4.ebuild
index b68ed0bf92a..0aca5fbb302 100644
--- a/sys-apps/systemd/systemd-238-r3.ebuild
+++ b/sys-apps/systemd/systemd-238-r4.ebuild
@@ -155,6 +155,7 @@ src_prepare() {
PATCHES+=(
"${FILESDIR}/238-libmount-include.patch"
"${FILESDIR}/238-initctl.patch"
+ "${FILESDIR}/238-nspawn-wait.patch"
)
if ! use vanilla; then
next reply other threads:[~2018-04-05 22:40 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-05 20:12 Mike Gilbert [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-05-28 0:51 [gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/, sys-apps/systemd/files/ Sam James
2024-05-05 15:43 Sam James
2024-04-18 4:20 Mike Gilbert
2024-03-04 2:51 Sam James
2024-02-24 15:51 Mike Gilbert
2023-12-24 11:58 Sam James
2023-12-12 2:50 Sam James
2023-08-17 1:08 Mike Gilbert
2023-08-05 23:07 Sam James
2023-08-02 21:14 Sam James
2023-07-27 22:55 Sam James
2023-02-26 19:27 Mike Gilbert
2022-11-07 16:15 Mike Gilbert
2022-10-19 18:13 Mike Gilbert
2022-05-21 22:23 Mike Gilbert
2022-03-25 4:56 Sam James
2021-12-25 18:20 Mike Gilbert
2021-12-09 19:40 Mike Gilbert
2021-11-14 23:53 Mike Gilbert
2021-11-07 5:27 Georgy Yakovlev
2021-09-14 23:47 Mike Gilbert
2021-09-08 18:29 Mike Gilbert
2021-09-08 18:29 Mike Gilbert
2021-07-08 20:23 Mike Gilbert
2021-06-20 17:18 Mike Gilbert
2021-05-19 19:37 Mike Gilbert
2020-11-08 17:51 Mike Gilbert
2020-05-21 0:13 Mike Gilbert
2020-04-27 14:41 Mike Gilbert
2020-04-17 16:36 Mike Gilbert
2020-02-06 15:24 Mike Gilbert
2020-02-05 18:24 Mike Gilbert
2019-11-17 19:56 Mike Gilbert
2019-08-11 16:28 Mike Gilbert
2019-07-10 18:21 Mike Gilbert
2019-07-10 15:37 Mike Gilbert
2019-07-08 15:47 Mike Gilbert
2019-06-08 20:44 Mike Gilbert
2019-02-18 23:32 Mike Gilbert
2018-12-26 4:02 Mike Gilbert
2018-05-24 20:33 Mike Gilbert
2018-04-18 16:50 Mike Gilbert
2018-04-01 16:31 Mike Gilbert
2018-04-01 16:31 Mike Gilbert
2018-03-26 21:17 Mike Gilbert
2018-03-10 17:29 Mike Gilbert
2018-02-08 17:17 Jason Donenfeld
2017-12-19 2:01 Mike Gilbert
2017-12-17 19:03 Mike Gilbert
2017-11-19 20:09 Mike Gilbert
2017-10-26 21:37 Mike Gilbert
2017-10-08 14:40 Mike Gilbert
2017-08-13 23:08 Mike Gilbert
2017-07-17 15:28 Mike Gilbert
2017-07-02 15:56 Mike Gilbert
2017-06-28 20:31 Mike Gilbert
2017-01-10 22:22 Mike Gilbert
2017-01-10 22:22 Mike Gilbert
2016-11-04 1:06 Mike Gilbert
2016-10-30 3:52 Mike Gilbert
2016-04-10 1:05 Mike Gilbert
2015-09-26 1:53 Mike Gilbert
2015-09-25 14:52 Mike Gilbert
2015-08-22 17:16 Mike Gilbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1522959112.3ffe8430672993cfc0d8d0b3abdf4d777cf3fdc1.floppym@gentoo \
--to=floppym@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox