← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1607374] [NEW] Cannot mount proc in unprivileged containers if /proc/xen is mounted

 

Public bug reported:

SRU Justification

Impact: The xenfs filesystem is traditionally mounted at /proc/xen in
xen guests. This directory doesn't use the special "create proc
mountpoint" interface and thus fails the permanently empty test in
fs_fully_visible(). This causes mounting of proc to fail in user
namespace containers.

Fix: Use the special proc interface to make this a "permanently empty"
directory.

Regression potential: This change will make it impossible to create
files within /proc/xen, but since the directory is only ever used as a
mount point this should not cause any problems.

Original bug report and testing results can be found at
https://github.com/lxc/lxd/issues/2238.

** Affects: linux (Ubuntu)
     Importance: Medium
     Assignee: Seth Forshee (sforshee)
         Status: In Progress

** Affects: linux (Ubuntu Xenial)
     Importance: Medium
     Assignee: Seth Forshee (sforshee)
         Status: In Progress

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1607374

Title:
  Cannot mount proc in unprivileged containers if /proc/xen is mounted

Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Xenial:
  In Progress

Bug description:
  SRU Justification

  Impact: The xenfs filesystem is traditionally mounted at /proc/xen in
  xen guests. This directory doesn't use the special "create proc
  mountpoint" interface and thus fails the permanently empty test in
  fs_fully_visible(). This causes mounting of proc to fail in user
  namespace containers.

  Fix: Use the special proc interface to make this a "permanently empty"
  directory.

  Regression potential: This change will make it impossible to create
  files within /proc/xen, but since the directory is only ever used as a
  mount point this should not cause any problems.

  Original bug report and testing results can be found at
  https://github.com/lxc/lxd/issues/2238.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1607374/+subscriptions


Follow ups