[Bug 1266809] Re: trusty: adt-virt-lxc cannot read /var/lib/lxc/ when running as user
Launchpad Bug Tracker
1266809 at bugs.launchpad.net
Wed Jan 29 19:28:49 UTC 2014
This bug was fixed in the package autopkgtest - 2.6.1
---------------
autopkgtest (2.6.1) unstable; urgency=medium
* adt-virt-lxc: Call lxc-config through sudo as well like all the other LXC
commands. This fixes running adt-run as user with the LXC runner.
* adt-run: For copydown(), always chown the testbed files to the non-root
user (if available). This fixes a "Permission denied" error with the
schroot or LXC runners and --unbuilt-tree if the source tree has tight
permissions. (LP: #1266811)
* Adjust LxcRunner.test_tree_built_binaries to also work with current apt
(similar to commit 5798b7f for the schroot runner).
* adt-virt-lxc: Call "sudo test" and "sudo readlink" instead of os.lexists()
and os.readlink() as recent LXC now makes the default container dir
/var/lib/lxc not readably by non-users. Fixes running adt-virt-lxc/adt-run
as user. (LP: #1266809)
* Add test for --binary with --built-tree.
* adt-run.1: Clarify and fix some wrong and misleading documentation what
happens with debs produced by source packages and specified with --binary.
(LP: #1175557)
-- Martin Pitt <mpitt at debian.org> Wed, 29 Jan 2014 06:53:16 +0100
** Changed in: autopkgtest (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to autopkgtest in Ubuntu.
https://bugs.launchpad.net/bugs/1266809
Title:
trusty: adt-virt-lxc cannot read /var/lib/lxc/ when running as user
Status in “autopkgtest” package in Ubuntu:
Fix Released
Bug description:
adt-virt-lxc assumes that the unprivileged user can see inside
/var/lib/lxc in order to see when the guest container has finished
booting, by detecting cloud-init's boot-finished flag.
The newest lxc package locks down /var/lib/lxc by default, so this
breaks.
Hacked workaround: "sudo chmod 755 /var/lib/lxc". This reduces
security of the system, but I think it should be OK on single-user
systems, such as most environments where users are running adt-run.
To fix this properly, adt-virt-lxc needs to call out to sudo to check
for this flag, instead of calling os.path.exists, etc.
An even nicer fix would be for lxc to have this functionality. I have
filed bug 1266808 to track this.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/autopkgtest/+bug/1266809/+subscriptions
More information about the foundations-bugs
mailing list