[lxc-users] Ownership changes after container move

Jamie Brown Jamie.Brown at mpec.co.uk
Tue Nov 10 15:37:03 UTC 2015 

Tycho,

I’ve just replicated it using live migration (odd that live migration worked this time too!)

# lxc launch images:ubuntu/trusty/amd64 test -pdefault -pmigratable
# lxc exec test -- /bin/bash
# adduser jamie
# addgroup admin
# usermod -a -G admin jamie


# mkdir ~jamie/.ssh
# touch ~jamie/.ssh/authorized_keys
# chmod 700 ~jamie/.ssh
# chmod 600 ~jamie/.ssh/authorized_keys
# chown -R jamie:jamie ~jamie/.ssh
# exit
# lxc move local-server:test remote-server:test

# lxc exec remote-server:test — ls -lAh /home/jamie
total 16K
-rw-r--r-- 1 ubuntu ubuntu  220 Nov 10 15:19 .bash_logout
-rw-r--r-- 1 ubuntu ubuntu 3.6K Nov 10 15:19 .bashrc
-rw-r--r-- 1 ubuntu ubuntu  675 Nov 10 15:19 .profile
drwx------ 2 ubuntu ubuntu 4.0K Nov 10 15:20 .ssh


I then corrected the ownership and moved the container (STOPPED) back from remote-server to local-server and the permissions remained correct. OK.

I then repeated the move (STOPPED) from local-server to remote-server and the permissions changed again;

# lxc exec remote-server:test -- ls -lAh /home/jamie
total 16K
-rw-r--r-- 1 ubuntu jamie  220 Nov 10 15:19 .bash_logout
-rw-r--r-- 1 ubuntu jamie 3.6K Nov 10 15:19 .bashrc
-rw-r--r-- 1 ubuntu jamie  675 Nov 10 15:19 .profile
drwx------ 2 ubuntu jamie 4.0K Nov 10 15:20 .ssh


So the problem appears to be limited to one direction.

local-server = directory backed / containers stored in symlink to ext3 mounting point
remote-server = directory backed / ext4

On 10/11/2015, 15:16, "lxc-users on behalf of Tycho Andersen" <lxc-users-bounces at lists.linuxcontainers.org on behalf of tycho.andersen at canonical.com> wrote:

>Hi Jamie,
>
>On Tue, Nov 10, 2015 at 09:10:22AM +0000, Jamie Brown wrote:
>> Hi,
>> 
>> I’ve discovered that some file ownership changes have occurred after moving stopped containers between hosts.
>> 
>> Prior to the move there were various user directories (e.g. “/home/jamie”) with ownership set to jamie:jamie. After moving, the ownership was changed to ubuntu:ubuntu.
>
>Sounds like a pretty serious bug. Do you happen to know how to
>reproduce the problem?
>
>Thanks,
>
>Tycho
>
>> I discovered the issue when attempting to SSH to the moved host and was prompted to enter my password as I no longer owned my authorized_keys file.
>> 
>> I will try to repeat this, but I can confirm it has happened on multiple containers.
>> 
>> — Jamie
>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>
>_______________________________________________
>lxc-users mailing list
>lxc-users at lists.linuxcontainers.org
>http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list