[Bug 1236577] Re: container's /home/ubuntu/ spawns with incorrect permissions, preventing SSH access
Scott Moser
smoser at ubuntu.com
Tue Oct 8 15:20:35 UTC 2013
For reference, to reproduce this, launch an instance of saucy with this user-data:
#cloud-config
system_info:
default_user:
name: smoser
ssh into instance, then add a 'ubuntu' user. That new ubuntu user
should get uid '1001' (anything other than 1000 is needed to show the
problem).
Then,
$ id -u; whoami
1000
smoser
$ id -u ubuntu
1001
$ sudo lxc-create -t ubuntu-cloud -n precise-source -- --release=precise
$ sudo lxc-create -t ubuntu-cloud -n lucid-source -- --release=lucid
# verify the home dir has correct ownership wrt the /etc/passwd inside
the image
$ ls --numeric-uid-gid -d /var/lib/lxc/precise-source/rootfs/home/ubuntu
drwxr-xr-x 2 1000 1000 4096 Oct 3 07:06 /var/lib/lxc/precise-source/rootfs/home/ubuntu
$ grep ubuntu /var/lib/lxc/precise-source/rootfs/etc/passwd
ubuntu:x:1000:1000:Ubuntu:/home/ubuntu:/bin/bash
$ ls --numeric-uid-gid -d /var/lib/lxc/lucid-source/rootfs/home/ubuntu
drwxr-xr-x 2 1000 1000 4096 Oct 7 03:05 /var/lib/lxc/lucid-source/rootfs/home/ubuntu
$ grep "ubuntu" /var/lib/lxc/lucid-source/rootfs/etc/passwd
ubuntu:x:1000:1000:Ubuntu,,,:/home/ubuntu:/bin/bash
$ sudo lxc-clone --snapshot -B overlayfs -o precise-source -n test1 --
--auth-key=/home/smoser/.ssh/id_rsa.pub
$ sudo lxc-start --daemon --name test1
$ sudo lxc-ls --fancy --fancy-format="ipv4" test1
IPV4
----------
10.0.3.252
$ ssh ubuntu at 10.0.3.252 "echo It worked"
The authenticity of host '10.0.3.252 (10.0.3.252)' can't be established.
ECDSA key fingerprint is 3d:e8:79:9d:b0:02:5f:3e:db:b3:8e:97:d2:23:4a:af.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.3.252' (ECDSA) to the list of known hosts.
It worked
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1236577
Title:
container's /home/ubuntu/ spawns with incorrect permissions,
preventing SSH access
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1236577/+subscriptions
More information about the Ubuntu-server-bugs
mailing list