<div dir="ltr"><div><div><div>Hi,<br><br></div>I found an interesting behavior today which I think is not wrong but it's still interesting.<br></div><div><br></div>When I tried to copy a file from the host to /root inside the container using cp, this happened.<br><br></div><div>On the host:<br></div>$sudo cp some_file.sh /var/lib/lxc/containers/c1/rootfs/root/<br><br><div>On the container:<br>#ls -la /root/ | grep some_file.sh<br>-rwxr-xr-x 1 <b>nobody nogroup</b> 3450 Oct 1 21:34 some_file.sh<br><br></div><div>#chown root.root /root/some_file.sh<br>chown: changing ownership of 'some_file.sh': Operation not permitted<br><br></div><div></div><div>This behavior happens only in the /root/ directory on the container, because this directory has 700 as its permissions. So, the only way to write inside is being root on the host, but id 0 is not mapped in /etc/subuid/ inside the container. I can write directly to any other directory of the container's root tree from the host without getting sudo privileges because my user is in the lxd group. <br></div><div><br></div><div>So, lesson learned that always use push/pull to copy files.<br></div><div><br></div><div><div><div><div>Disclaimer: I know how push/pull works, I was trying to copy a file in the old fashioned way. <br></div><div><br></div><br><br clear="all"><div><div><br>-- <br><div class="gmail_signature">Luis M. Ibarra</div>
</div></div></div></div></div></div>