kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #50628
[Bug 1293549] Re: Filesystem mount from lxc template causes filesystem permission breakages
** Changed in: juju-core
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1293549
Title:
Filesystem mount from lxc template causes filesystem permission
breakages
Status in juju-core:
Fix Released
Status in lxc containers:
Confirmed
Status in “linux” package in Ubuntu:
Confirmed
Status in “postgresql” package in Juju Charms Collection:
New
Bug description:
In juju-core 1.17.5, creating new lxc machines is now much faster as
it appears to be using a template machine. In addition, the root
filesystem is mounted from the template machine.
Unfortunately, this causes filesystem permissions to screw up.
juju deploy ubuntu
juju ssh ubuntu/0
sudo chown ubuntu:ubuntu /etc/ssl/private
ls /etc/ssl/private
That final 'ls' fails with a permission denied. This is possibly a
security precaution in lxc or the filesystem.
This issue breaks the postgresql charm. The PostgreSQL packages
require and use the ssl-cert package, which changes /etc/ssl/private
to be group readable by the ssl-cert group. The postgres user, a
member of the ssl-cert group, is unable to read the private key stored
in this directory.
To manage notifications about this bug go to:
https://bugs.launchpad.net/juju-core/+bug/1293549/+subscriptions