[lxc-devel] [PATCH] Issue #476: incomplete destruction of unprivileged ephemeral containers

Stéphane Graber stgraber at ubuntu.com
Mon Apr 6 16:10:32 UTC 2015 

On Fri, Mar 27, 2015 at 06:50:30PM +1100, overlay fs wrote:
> If an unprivileged ephemeral container is started as follows,
> 
>     lxc-start-ephemeral -o trusty -n test_ephemeral
> 
> Then an empty directory remains upon exit from the container,
> 
>     ~/.local/share/lxc/test_ephemeral/tmpfs/delta0
> 
> (The tmpfs filesystem is successfully unmounted, but we seem to lack
> permission to delete the delta0 directory).
> 
> This issue arose following commits 4799a1e and dd2271e .
> 
> The following patch resolves the issue. It has been tested on ubuntu
> 14.04 with the lxc-daily ppa.
> Since gmail screws up the formatting of the patch via line-wrapping
> etc, please copy the patch from the issue-tracker rather than from
> this email.
> 
> --- /usr/bin/lxc-start-ephemeral        2015-03-18 07:09:22.000000000 +1100
> +++ lxc-start-ephemeral 2015-03-22 01:49:10.929867425 +1100
> @@ -240,17 +240,15 @@
> count = 0
> for entry in overlay_dirs:
>           tmpdir = "%s/tmpfs" % dest_path
> +        fd.write("mkdir -p %s\n" % (tmpdir))
> +        if args.storage_type == "tmpfs":
> +            fd.write("mount -n -t tmpfs -o mode=0755 none %s\n" % (tmpdir))
>           deltdir = "%s/delta%s" % (tmpdir, count)
>           workdir = "%s/work%s" % (tmpdir, count)
>           fd.write("mkdir -p %s %s\n" % (deltdir, entry[1]))
>           if have_new_overlay:
>               fd.write("mkdir -p %s\n" % workdir)
> 
> -        if args.storage_type == "tmpfs":
> -            fd.write("mount -n -t tmpfs -o mode=0755 none %s\n" % (tmpdir))
> -            fd.write("mkdir %s\n" % deltdir)
> -            fd.write("mkdir %s\n" % workdir)
> -
>           fd.write("getfacl -a %s | setfacl --set-file=- %s || true\n" %
>                    (entry[0], deltdir))
>           fd.write("getfacl -a %s | setfacl --set-file=- %s || true\n" %
> 
> Signed-off by: Oleg Freedholm <overlayfs at gmail.com>

Acked-by: Stéphane Graber <stgraber at ubuntu.com>

> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20150406/7a69502f/attachment.sig>

More information about the lxc-devel mailing list