[Bug 1266809] Re: trusty: adt-virt-lxc cannot read /var/lib/lxc/ when running as user

Launchpad Bug Tracker 1266809 at bugs.launchpad.net
Wed Jan 29 19:28:49 UTC 2014 

This bug was fixed in the package autopkgtest - 2.6.1

---------------
autopkgtest (2.6.1) unstable; urgency=medium


  * adt-virt-lxc: Call lxc-config through sudo as well like all the other LXC
    commands. This fixes running adt-run as user with the LXC runner.
  * adt-run: For copydown(), always chown the testbed files to the non-root
    user (if available). This fixes a "Permission denied" error with the
    schroot or LXC runners and --unbuilt-tree if the source tree has tight
    permissions. (LP: #1266811)
  * Adjust LxcRunner.test_tree_built_binaries to also work with current apt
    (similar to commit 5798b7f for the schroot runner).
  * adt-virt-lxc: Call "sudo test" and "sudo readlink" instead of os.lexists()
    and os.readlink() as recent LXC now makes the default container dir
    /var/lib/lxc not readably by non-users. Fixes running adt-virt-lxc/adt-run
    as user. (LP: #1266809)
  * Add test for --binary with --built-tree.
  * adt-run.1: Clarify and fix some wrong and misleading documentation what
    happens with debs produced by source packages and specified with --binary.
    (LP: #1175557)

 -- Martin Pitt <mpitt at debian.org>  Wed, 29 Jan 2014 06:53:16 +0100

** Changed in: autopkgtest (Ubuntu)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to autopkgtest in Ubuntu.
https://bugs.launchpad.net/bugs/1266809

Title:
  trusty: adt-virt-lxc cannot read /var/lib/lxc/ when running as user

Status in “autopkgtest” package in Ubuntu:
  Fix Released

Bug description:
  adt-virt-lxc assumes that the unprivileged user can see inside
  /var/lib/lxc in order to see when the guest container has finished
  booting, by detecting cloud-init's boot-finished flag.

  The newest lxc package locks down /var/lib/lxc by default, so this
  breaks.

  Hacked workaround: "sudo chmod 755 /var/lib/lxc". This reduces
  security of the system, but I think it should be OK on single-user
  systems, such as most environments where users are running adt-run.

  To fix this properly, adt-virt-lxc needs to call out to sudo to check
  for this flag, instead of calling os.path.exists, etc.

  An even nicer fix would be for lxc to have this functionality. I have
  filed bug 1266808 to track this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/autopkgtest/+bug/1266809/+subscriptions

More information about the foundations-bugs mailing list