[lxc-users] udevadm trigger corrupts the container
Serge Hallyn
serge.hallyn at ubuntu.com
Wed Jul 29 02:14:00 UTC 2015
Quoting Christoph Mathys (eraserix at gmail.com):
> I've been digging further and also tested with Ubuntu mainline
> kernels. To detect if the problem has been triggered I resorted to
> 'script' which fails to allocate a pty in the error case. For the
> problem to occur, "lxc.autodev = 1" seems to be required. I was not
> able to reproduce the problem without it at least.
>
> I used lxc 1.0.7 on Ubuntu 14.04 for testing, the containers to
> compare are setup with:
> sudo lxc-create -n c -t ubuntu -- -r precise
>
> I then manually added "lxc.autodev = 1" to the containers configuration.
>
> To reproduce the problem I run the following commands in a loop:
> sudo lxc-attach -n c --clear-env -- script -c tty /dev/null
> sudo lxc-attach -n c --clear-env -- udevadm trigger --action=change
The host should be protected from udevadm trigger by your container
being under an apparmor profile and/or readonly sys.
> sudo lxc-attach -n c --clear-env -- script -c tty /dev/null
>
> Output is something like that in the error case:
> Script started, file is /dev/null
> /dev/pts/0
> Script done, file is /dev/null
> script: openpty failed: No such file or directory
> [1] 3899 terminated ./test.sh withautodev
>
> I tested the following kernels:
> - 3.16 Ubuntu -> OK
> - 3.16.7 mainline -> FAIL
> - 3.18.17 mainline -> FAIL
>
> Christoph
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
More information about the lxc-users
mailing list