kernel-packages team mailing list archive

[Serge Hallyn <1263738@xxxxxxxxxxxxxxxxxx>]

Quoting Joseph Salisbury (joseph.salisbury@xxxxxxxxxxxxx):
> One additional question, do you happen to know if this is a regression?
> Did this not happen with previous releases/kernels?

This is not a regression, it has never worked right.

We believe the problem is that if a task is !dumpable, then the kernel
marks some of its /proc/pid files as owned by the global host root,
which is not mapped into a user namespace.  If that is the case, then
the question is whether it is safe to mark them owned by the container
root; or whether we can distinguish between tasks which became dumpable
before switching namespaces; or whether there is something else we can
do.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1263738

Title:
  login console 0 in user namespace container is not configured right

Status in “linux” package in Ubuntu:
  Confirmed
Status in “lxc” package in Ubuntu:
  Triaged
Status in “linux” source package in Trusty:
  Confirmed
Status in “lxc” source package in Trusty:
  Triaged

Bug description:
  When you create a container in a private user namespace, when you start the
  container without the '-d' flag, that console is not properly set up.  Logging in
  gives you

  -bash: no job control in this shell

  and hitting ctrl-c reboots the container.

  Consoles from 'lxc-console -n $container' behave correctly.

  This may be a kernel issue, as discussed here:

  http://lists.linuxcontainers.org/pipermail/lxc-
  devel/2013-October/005843.html

  so also marking this as affecting the kernel.

  This can be worked around, but really needs to be fixed before trusty
  is frozen.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1263738/+subscriptions