Ubuntu
linux package

unprivileged overlayfs mounts no longer work in utopic

Bug #1357025 reported by Serge Hallyn
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

In 3.13.0-33-generic, root in a non-init user namespace can do overlayfs mounts. In 3.16.0-5-generic he cannot.

Test case:

sudo apt-get install lxc
lxc-usernsexec -- /bin/bash # start a containerized root shell
# mkdir /tmp/a /tmp/b /tmp/c
# mount -t overlayfs -o upperdir=/tmp/a,lowerdir=/tmp/b x /tmp/c

This works in trusty, but not in latest utopic.

(A testcase for this will be added to the lxc-tests package, but isn't there yet)

Revision history for this message
Brad Figg (brad-figg) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1357025

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
tags: added: trusty
Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu):
importance: Undecided → Medium
status: Incomplete → Confirmed
tags: added: kernel-da-key regression-release utopic
removed: trusty
Revision history for this message
Andy Whitcroft (apw) wrote :

Ok I think I see what got dropped here. Could you touch test these kernels for me to confirm:

    http://people.canonical.com/~apw/lp1377025-utopic/

Please report your testing back here.

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Thanks, with that kernel I can do

lxc-clone -s -o u1 -n u2
lxc-start -n u2

so the issue is fixed.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.16.0-9.14

---------------
linux (3.16.0-9.14) utopic; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1357370

  [ Serge Hallyn ]

  * SAUCE: Overlayfs: allow unprivileged mounts
    - LP: #1357025

  [ Upstream Kernel Changes ]

  * MAINTAINERS: Add entry for APM X-Gene SoC ethernet driver
  * Documentation: dts: Add bindings for APM X-Gene SoC ethernet driver
  * dts: Add bindings for APM X-Gene SoC ethernet driver
  * drivers: net: Add APM X-Gene SoC ethernet driver support.
  * powerpc/thp: Add write barrier after updating the valid bit
    - LP: #1357014
  * powerpc/thp: Don't recompute vsid and ssize in loop on invalidate
    - LP: #1357014
  * powerpc/thp: Invalidate old 64K based hash page mapping before insert
    of 4k pte
    - LP: #1357014
  * powerpc/thp: Handle combo pages in invalidate
    - LP: #1357014
  * powerpc/thp: Invalidate with vpn in loop
    - LP: #1357014
  * powerpc/thp: Use ACCESS_ONCE when loading pmdp
    - LP: #1357014
  * powerpc/mm: Use read barrier when creating real_pte
    - LP: #1357014
  * powerpc/thp: Add tracepoints to track hugepage invalidate
    - LP: #1357014
  * rebase to v3.16.1
 -- Tim Gardner <email address hidden> Thu, 14 Aug 2014 08:18:02 -0400

Changed in linux (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.