[Bug 1149131] New: transaction server shell does not mount /etc
http://bugzilla.suse.com/show_bug.cgi?id=1149131 Bug ID: 1149131 Summary: transaction server shell does not mount /etc Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Maintenance Assignee: bnc-team-screening@forge.provo.novell.com Reporter: william.brown@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- transactional-update shell does not mount /etc, meaning that attempts to use commands like pip install fails in these environments. /etc should be mounted as part of the shell process. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1149131 Alynx Zhou <alynx.zhou@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alynx.zhou@suse.com Assignee|bnc-team-screening@forge.pr |kukuk@suse.com |ovo.novell.com | -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1149131 http://bugzilla.suse.com/show_bug.cgi?id=1149131#c1 Thorsten Kukuk <kukuk@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kukuk@suse.com, | |william.brown@suse.com Assignee|kukuk@suse.com |iforster@suse.com Flags| |needinfo?(william.brown@sus | |e.com) --- Comment #1 from Thorsten Kukuk <kukuk@suse.com> --- transactional-update shell is for debugging, not installing software. If you need to install non-RPM packages below /usr, then transactional-update is most likely not the right choice for you. Beside that: /etc is mounted in transactional-shell. Maybe you should describe at first what your problem is and why pip install is failing? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1149131 http://bugzilla.suse.com/show_bug.cgi?id=1149131#c5 Fabian Vogt <fvogt@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fvogt@suse.com --- Comment #5 from Fabian Vogt <fvogt@suse.com> --- Any news here? I'm hitting this on Tumbleweed currently and it breaks zypper inside the shell as it tries to download .rpms over HTTPS. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1149131 http://bugzilla.suse.com/show_bug.cgi?id=1149131#c6 --- Comment #6 from Ignaz Forster <iforster@suse.com> --- Not yet, I didn't have any great ideas on how to solve this so far. In any case we can't just bind mount /var/lib/ca-certificates, as this would modify the production environment. One option may be to bind mount the directory read-only, or copy the entire directory into the chroot environment. In any case we have to make sure services don't try to modify that store during the update and think they succeeded (see bug 1133891 for an example which may be hidden in the copy case). I'll have to check what ca-certificates is doing exactly. Another use case where the missing certificates generate a warning is dracut, which will print "dracut: Couldn't find SSL CA cert bundle or libnssckbi.so; HTTPS won't work" when building the initrd. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1149131 Ignaz Forster <iforster@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(okurz@suse.com) -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1149131 https://bugzilla.suse.com/show_bug.cgi?id=1149131#c13 Oliver Kurz <okurz@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution|--- |FIXED Flags|needinfo?(okurz@suse.com) | --- Comment #13 from Oliver Kurz <okurz@suse.com> --- Sure, thanks for your efforts. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1149131 https://bugzilla.suse.com/show_bug.cgi?id=1149131#c16 --- Comment #16 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2021:1476-1: An update that has 5 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1133891,1149131,1162320,1168389,1192078 CVE References: JIRA References: Sources used: openSUSE Leap 15.2 (src): transactional-update-2.22-lp152.2.6.1 -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com -
bugzilla_noreply@suse.com