Bug#862468: (pre-approval) unblock: lxc/1:2.0.8-1

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Bug#862468: (pre-approval) unblock: lxc/1:2.0.8-1

Evgeni Golov-2
Package: release.debian.org
Severity: normal
User: [hidden email]
Usertags: unblock

Dear Release Team,

I wonder if you would be OK with accepting the latest LXC stable release
into Stretch at this point in time.
Admittedly, the diff between the version in testing and 2.0.8 is quite
big (64 files changed, 1652 insertions(+), 996 deletions(-)), but it
allows us to drop both cherry-picked patches we carry today and gives an
IMHO better base for later updates during the Stretch life cycle.

Ubuntu will be updating to the same version in their LTS soon, so I
expect high exposure and low risk.

Additionally I've been thinking about including the fix for
 #860974 lxc: systemd and other inotify-based programs fail with "Too many open files" with a large number of LXC containers
Which boils down to adding a one-liner (plus comments) to /etc/sysctl.d

Please tell me how crazy I am ;-)

Full debdiff attached.

Thanks for all your work!
Evgeni

lxc_2.0.8-1.debdiff (168K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Bug#862468: (pre-approval) unblock: lxc/1:2.0.8-1

Evgeni Golov-2
Ohai,

On Sat, May 13, 2017 at 09:44:42AM +0100, Evgeni Golov wrote:
> I wonder if you would be OK with accepting the latest LXC stable release
> into Stretch at this point in time.
> Admittedly, the diff between the version in testing and 2.0.8 is quite
> big (64 files changed, 1652 insertions(+), 996 deletions(-)), but it
> allows us to drop both cherry-picked patches we carry today and gives an
> IMHO better base for later updates during the Stretch life cycle.

Niels asked on IRC if the diff can be filtered a bit.

It can, but it still does not look magically awesome then:
 54 files changed, 1548 insertions(+), 955 deletions(-)

Generated with:
 git diff debian/1%2.0.7-2.. |filterdiff -x a/debian/patches/\* -x a/configure -x a/src/tests/\* -x a/README -x a/doc/\* -x \*/Makefile.in

Bear in mind that the above still contains the upstream versions of
the two dropped patches:
 lxc-2.0-CVE-2017-5985-Ensure-target-netns-is-caller-owned.patch
  src/lxc/lxc_user_nic.c | 119 ++++++++++++++++++++++++++++++++++++-------------
 0010-lxc-debian-root-password.patch
  templates/lxc-debian.in | 3 ---
And I have no way to filter that out.

New debdiff attached.

Also, as it was asked, lxc and lxcfs are not coupled, we can update them independently.

lxc_2.0.8-1.filtered.debdiff (147K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Bug#862468: (pre-approval) unblock: lxc/1:2.0.8-1

Evgeni Golov-2
On Sat, May 27, 2017 at 10:34:35PM +0200, Ivo De Decker wrote:

> Hi,
>
> On Sat, May 20, 2017 at 10:14:29AM +0200, Evgeni Golov wrote:
> > Niels asked on IRC if the diff can be filtered a bit.
> >
> > It can, but it still does not look magically awesome then:
> >  54 files changed, 1548 insertions(+), 955 deletions(-)
> >
> > Generated with:
> >  git diff debian/1%2.0.7-2.. |filterdiff -x a/debian/patches/\* -x a/configure -x a/src/tests/\* -x a/README -x a/doc/\* -x \*/Makefile.in
>
> I'm sorry, but I think it's too late to consider this change now, given that
> we are very close to the release date.

ACK and totally understandable.
Would it be possible to consider lxc 2.0.8 for 9.1?

> > Also, as it was asked, lxc and lxcfs are not coupled, we can update them independently.
>
> lxcfs was unblocked earlier.

Yepp, that went in fine.

Thanks
Evgeni