content of /proc/sys/kernel/random/uuid is always the same

[saez0pub]

The file /proc/sys/kernel/random/uuid should respond a new uuid each time we read it.

Some applications uses this file to generate uuid and we have collisions because it responds always the same uuid.

Here is an example with runc:

$ docker run --rm --runtime=runc -it ubuntu:latest bash -c 'for i in $(seq 1 5); do cat /proc/sys/kernel/random/uuid;done'
305c961e-0178-4b48-a9b5-5020b8d200c4
a9237f82-babd-4acd-8e4c-297ec4b69119
7006f593-1ad1-43cf-beba-090dd6aa3fb3
8db71aaf-9398-4a06-bb26-ae3e479b1aac
bc159e26-64c3-4589-8452-6e152f40abd5

Here is the result with sysbox:

docker run --rm --runtime=sysbox-runc -it ubuntu:latest bash -c 'for i in $(seq 1 5); do cat /proc/sys/kernel/random/uuid;done'
a34175c5-3c6c-4c22-84ed-657e6397e12f
a34175c5-3c6c-4c22-84ed-657e6397e12f
a34175c5-3c6c-4c22-84ed-657e6397e12f
a34175c5-3c6c-4c22-84ed-657e6397e12f
a34175c5-3c6c-4c22-84ed-657e6397e12f

Some informations:

docker info
Client: Docker Engine - Community
 Version:    25.0.3
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.12.1
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.24.6
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Server Version: 25.0.3
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc sysbox-runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 6.1.0-18-amd64
 Operating System: Debian GNU/Linux 12 (bookworm)
 OSType: linux
 Architecture: x86_64
 CPUs: 32
 Total Memory: 125.7GiB
 Name: xxxxx
 ID: xxxx
 Docker Root Dir: /data/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
 Default Address Pools:
   Base: 172.18.0.0/16, Size: 24

$ sysbox-runc --version
sysbox-runc
	edition: 	Community Edition (CE)
	version: 	0.6.3
	commit: 	e6ca9b930c43c0f20bb93ef3ef6af5bd49fd88ce
	built at: 	Tue Jan  9 17:59:49 UTC 2024
	built by: 	Cesar Talledo
	oci-specs: 	1.1.0+dev

[ctalledo]

Hi @saez0pub, thanks for reporting this bug.

Yes, that's for sure a bug, thought it's strange why it occurs.

Sysbox emulates the contents of a few files under /proc/sys/kernel, but interestingly /proc/sys/kernel/random/uuid is not one of those, meaning that the access to that file within the container is eventually serviced by the Linux kernel (rather than emulated by Sysbox). So it's very strange that we see the same uuid on every invocation.

Let us investigate and get back to you.

Thanks!

[saez0pub]

Hello,

Thank you, I hope you can find something to fix this 👍

[saez0pub]

Hello,

I upgraded to 0.64, but still occurs.

[ctalledo]

Fix in progress: nestybox/sysbox-fs#99

[ctalledo]

PR with tests here: #853

[ctalledo]

Fixed merged into the master branch, will be present in the next sysbox-ce release (v0.6.5).