Package: systemd-container Version: 230-7~bpo8+2 Severity: important Dear Maintainer,
Short version ============= Assuming one has an image /var/lib/machines/jessie.raw and spawn it with: systemd-nspawn --ephemeral -m jessie The jessie.raw ends up being modified. Fix released with systemd 233 that should be backported: https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 Longer version ============== systemd-nspawn has a [-x|--ephemeral] option which is supposed to snapshot the image and boot a container out of it. Once the container is terminated, the snapshot is dismissed entirely. The ephemeral option is ignored entirely when using a raw image, for example via --machine which can load either a fs tree if the name match a directory or a raw image if the base name match. The upstream issue has a detailled reproducible case: https://github.com/systemd/systemd/issues/4664 Original thread: https://lists.freedesktop.org/archives/systemd-devel/2016-November/037699.html The fix is commit 0f3be6ca4 https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 It seems straightforward to backport to jessie-backports and for stretch. Non ephemeral ephemeral containers sounds like a release critical bug to me. Note: upstream issue also state that junk files are left behind in host /tmp there are a couple more commits to address that: https://github.com/poettering/systemd/commit/64e604111a8466764f36ae8ac83d5d0c0addc024 https://github.com/poettering/systemd/commit/0f3be6ca4dbbac8350cd8f10a8968d31f7bc13b6 -- System Information: Debian Release: 8.7 APT prefers stable APT policy: (500, 'stable'), (99, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-0.bpo.2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd-container depends on: ii libacl1 2.2.52-2 ii libblkid1 2.25.2-6 ii libbz2-1.0 1.0.6-7+b3 ii libc6 2.19-18+deb8u7 ii libcurl3-gnutls 7.38.0-4+deb8u5 ii libgcrypt20 1.6.3-2+deb8u2 ii liblzma5 5.1.1alpha+20120614-2+b3 ii libseccomp2 2.1.1-1 ii libselinux1 2.3-2 ii systemd 230-7~bpo8+2 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages systemd-container recommends: ii btrfs-tools 3.17-1.1 ii libnss-mymachines 230-7~bpo8+2 systemd-container suggests no packages. -- no debconf information
