[lxc-users] User authentication in containers via libnss-mysql

Serge Hallyn serge.hallyn at ubuntu.com
Wed Sep 10 18:33:57 UTC 2014


Quoting Andre Nathan (andre at digirati.com.br):
> On 09/09/2014 05:46 PM, Andre Nathan wrote:
> > I'm running Ubuntu 14.04 with LXC 1.0.4-0ubuntu0.1. I'm running a
> > container whose filesystem is populated via bind-mounts from the host.
> > The container starts up fine but for some reason calls to getpwnam()
> > block forever in a futex() call before being able to access the
> > libnss-mysql-bg configuration. Local users are found as expected, and
> > everything works fine from an lxc-attach session, but not from
> > lxc-console when logged in as a normal user.
> 
> Fixed it :)
> 
> For the record, between Ubuntu 12.04 and 14.04 the libnss-mysql-bg
> package was patched[1] and one side effect of that patch is that
> /etc/libnss-mysql-root.cfg needs to be readable by the shadow group. My
> configuration had the file created on the container with mode 400
> root:root. Changing it to 440 root:shadow fixed the issue.
> 
> Cheers,
> Andre
> 
> [1]https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641404

Thanks for the update!

-serge


More information about the lxc-users mailing list