[Lxc-users] Ubuntu 12.04 container non-root logins fail
Thaddeus Hogan
thaddeus at thogan.com
Fri Mar 9 04:24:09 UTC 2012
On 3/8/2012 10:11 PM, Fajar A. Nugraha wrote:
> On Fri, Mar 9, 2012 at 10:34 AM, Thaddeus Hogan<thaddeus at thogan.com> wrote:
>> When I start this container everything is working fine. However I don't
>> want my containers in /var/lib/lxc (ext4 fs) so I copy the rootfs to a
>> btrfs volume mounted to "/vm", into a subvolume that shares its name
>> with the container, "test2".
> Sometimes it's the "I want to make a small change, it should still
> work"-stuff that's giving you a headache. Seriusly :)
>
>> I ran strace on the su process and you can see that it proceeds fine all
>> the way though to the setuid() call, but then cannot chdir() to
>> "/home/tjh", or even to "/"!
>>
>> setuid(1000) = 0
>> chdir("/home/tjh") = -1 EACCES (Permission denied)
>> chdir("/") = -1 EACCES (Permission denied)
>> write(2, "Unable to cd to '/home/tjh'\n", 28Unable to cd to '/home/tjh')
>> = 28
>>
>> Any thoughts? I was banking on using a btrfs volume for my containers.
> I'm guessing you create a btrfs subvolume vor the container? If yes,
> check it's permission. By default, the new subvolume will only be
> accessible to root. A simple "chmod 755" should fix it.
>
> I'm using btrfs subvols as well, but in my case /var/lib/lxc itself is
> a subvol, and the containers have their own subvols under it.
>
That was it! I guess I just didn't think of the fact that file access in
the container would be dependent on permissions of parent directories
above "/". Thanks!
-- Thaddeus
More information about the lxc-users
mailing list