[lxc-users] User authentication in containers via libnss-mysql
Serge Hallyn
serge.hallyn at ubuntu.com
Wed Sep 10 18:33:57 UTC 2014
Quoting Andre Nathan (andre at digirati.com.br):
> On 09/09/2014 05:46 PM, Andre Nathan wrote:
> > I'm running Ubuntu 14.04 with LXC 1.0.4-0ubuntu0.1. I'm running a
> > container whose filesystem is populated via bind-mounts from the host.
> > The container starts up fine but for some reason calls to getpwnam()
> > block forever in a futex() call before being able to access the
> > libnss-mysql-bg configuration. Local users are found as expected, and
> > everything works fine from an lxc-attach session, but not from
> > lxc-console when logged in as a normal user.
>
> Fixed it :)
>
> For the record, between Ubuntu 12.04 and 14.04 the libnss-mysql-bg
> package was patched[1] and one side effect of that patch is that
> /etc/libnss-mysql-root.cfg needs to be readable by the shadow group. My
> configuration had the file created on the container with mode 400
> root:root. Changing it to 440 root:shadow fixed the issue.
>
> Cheers,
> Andre
>
> [1]https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641404
Thanks for the update!
-serge
More information about the lxc-users
mailing list