[lxc-devel] [lxc/lxc] da8c55: Revert "chmod container dir to 0770"
Serge Hallyn
serge.hallyn at ubuntu.com
Thu Aug 21 15:59:54 UTC 2014
Quoting Stéphane Graber (stgraber at ubuntu.com):
> On Sat, Aug 16, 2014 at 02:18:11PM -0700, GitHub wrote:
> > Branch: refs/heads/master
> > Home: https://github.com/lxc/lxc
> > Commit: da8c55e6ec2dec51d4335937e9f3af94fb200efa
> > https://github.com/lxc/lxc/commit/da8c55e6ec2dec51d4335937e9f3af94fb200efa
> > Author: Stéphane Graber <stgraber at ubuntu.com>
> > Date: 2014-08-16 (Sat, 16 Aug 2014)
> >
> > Changed paths:
> > M src/lxc/lxccontainer.c
> >
> > Log Message:
> > -----------
> > Revert "chmod container dir to 0770"
> >
> > This commit broke the testsuite for unprivileged containers as the
> > container directory is now 0750 with the owner being the container root
> > and the group being the user's group, meaning that the parent user can
> > only enter the directory, not create entries in there.
> >
> > This reverts commit c86da6a3ac517b78e6f710df7efe2f51d153b73c.
>
> Specifically this was causing things like:
> usernic-user at 7ecac076-2588-11e4-8a81-00163e317293:~$ lxc-create -t download -n b1 -- -d ubuntu -r trusty -a amd64
> WARN: could not reopen tty: No such file or directory
> lxc_container: Permission denied - Erorr creating partial file
> lxc_container: Error creating container b1
>
> The problem is easily confirmed with:
> usernic-user at 7ecac076-2588-11e4-8a81-00163e317293:~$ touch .local/share/lxc/b1/partial
> touch: cannot touch '.local/share/lxc/b1/partial': Permission denied
> usernic-user at 7ecac076-2588-11e4-8a81-00163e317293:~$ ls -lh .local/share/lxc/
> total 0
> drwxr-x--- 2 910000 usernic-user 40 Aug 16 21:13 b1
Ok, turns out to be due to umask. Sending v2 now.
More information about the lxc-devel
mailing list