[Bug 1066084] Re: Permissions mangled when creating rootfs from cloud images

Serge Hallyn 1066084 at bugs.launchpad.net
Wed Oct 24 19:30:40 UTC 2012 

** Changed in: lxc (Ubuntu Quantal)
   Importance: Undecided => High

** Changed in: lxc (Ubuntu Quantal)
       Status: New => Triaged

** Changed in: lxc (Ubuntu Precise)
   Importance: Undecided => High

** Changed in: lxc (Ubuntu Precise)
       Status: New => Triaged

** Description changed:

+ ==============================
+ 1. Impact: cloud image creations can fail.  This causes juju with local provider to fail.
+ 2. Development fix: use --numeric-owner when un-tarring ubuntu images, to make sure that /home/ubuntu in the container is owned by the right ubuntu userid.
+ 3. Stable fix: same as the development fix
+ 4. Test case:
+ 	1. add an ubuntu user if one does not yet exist on the host - make sure it is not uid 1000
+ 	2. lxc-create -t ubuntu-cloud -n c1
+ 	3. check /home/ubuntu in the container - it will be owned by the ubuntu userid on the host.
+ 	Additionally, when starting c1, you will be unable to log in as user ubuntu.
+ 5. Regression potential: this should introduce no regressions, as it only makes sure that the owners of files in the container match the username-userid mapping in the container's password file.
+ ==============================
+ 
  Permissions on the created lxc container somehow are reflecting the
  users /etc/password file:
  
  ubuntu at dpb-local-landscape-client-0:~$ cat /etc/passwd |grep landscape
  landscape:x:104:109::/var/lib/landscape:/bin/false
  ubuntu at dpb-local-landscape-client-0:~$ ll /etc/landscape
  total 12
  drwxr-xr-x  2 root root 4096 Oct 12 17:48 ./
  drwxr-xr-x 86 root root 4096 Oct 12 17:47 ../
  -rw-------  1  999 root  164 Oct 12 17:48 client.conf
  ubuntu at dpb-local-landscape-client-0:~$ logout
  Connection to 10.0.3.143 closed.
  
  dpb at starbuck:dpb-local$ cat /etc/passwd |grep landscape
  landscape:x:999:999::/var/lib/landscape:/bin/false
  dpb at starbuck:dpb-local$
  
  My hunch is where the tar happens from the mount of the downloaded image
  in lxc/templates/lxc-ubuntu-cloud

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1066084

Title:
  Permissions mangled when creating rootfs from cloud images

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1066084/+subscriptions

More information about the Ubuntu-server-bugs mailing list