← Back to team overview

kernel-packages team mailing list archive

[Bug 1322067] [NEW] 3.15.0.1.2 breaks lxc-attach for unprivileged containers

 

Public bug reported:

An unprivileged call to lxc-attach fails with kernel 3.15.0.1.2, but
works fine using 3.13.0-24-generic.

Under 3.15.0.1.2, attempting to connect to a running unprivileged
container:

$ lxc-attach --clear-env -n trusty -- /bin/true
lxc-attach: Permission denied - Could not open /proc/3805/personality
lxc-attach: failed to get context of the init process, pid = 3805

Note that lxc-start and lxc-console are not affected.

To recreate:

1) Create an unpriv container:

$ lxc-create -n utopic -t download -- -d ubuntu -r utopic -a amd64

2) Boot with 3.13.0-24-generic

3) Start the container:
$ lxc-start -n utopic

4) Run a command in the container:

$ lxc-attach -n utopic --clear-env -n trusty -- /bin/true

5) Reboot into 3.15.0.1.2 and re-run the lxc-start and lxc-attach.

6) Observe the EPERM error.

ProblemType: Bug
DistroRelease: Ubuntu 14.10
Package: linux-generic 3.15.0.1.2
ProcVersionSignature: Ubuntu 3.13.0-24.47-generic 3.13.9
Uname: Linux 3.13.0-24-generic x86_64
ApportVersion: 2.14.2-0ubuntu4
Architecture: amd64
AudioDevicesInUse:
 USER        PID ACCESS COMMAND
 /dev/snd/controlC1:  james      2827 F.... pulseaudio
 /dev/snd/pcmC1D0p:   james      2827 F...m pulseaudio
 /dev/snd/controlC0:  james      2827 F.... pulseaudio
CurrentDesktop: Unity
Date: Thu May 22 07:21:55 2014
HibernationDevice: RESUME=UUID=db600bbe-faca-41f4-9338-c3e8e227599a
InstallationDate: Installed on 2014-04-11 (40 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Daily amd64 (20140409)
MachineType: LENOVO 20AQCTO1WW
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.13.0-24-generic root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7
RelatedPackageVersions:
 linux-restricted-modules-3.13.0-24-generic N/A
 linux-backports-modules-3.13.0-24-generic  N/A
 linux-firmware                             1.129
SourcePackage: linux
UpgradeStatus: Upgraded to utopic on 2014-05-08 (13 days ago)
dmi.bios.date: 02/10/2014
dmi.bios.vendor: LENOVO
dmi.bios.version: GJET71WW (2.21 )
dmi.board.asset.tag: Not Available
dmi.board.name: 20AQCTO1WW
dmi.board.vendor: LENOVO
dmi.board.version: 0B98405 STD
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: Not Available
dmi.modalias: dmi:bvnLENOVO:bvrGJET71WW(2.21):bd02/10/2014:svnLENOVO:pn20AQCTO1WW:pvrThinkPadT440s:rvnLENOVO:rn20AQCTO1WW:rvr0B98405STD:cvnLENOVO:ct10:cvrNotAvailable:
dmi.product.name: 20AQCTO1WW
dmi.product.version: ThinkPad T440s
dmi.sys.vendor: LENOVO

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug utopic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1322067

Title:
  3.15.0.1.2 breaks lxc-attach for unprivileged containers

Status in “linux” package in Ubuntu:
  New

Bug description:
  An unprivileged call to lxc-attach fails with kernel 3.15.0.1.2, but
  works fine using 3.13.0-24-generic.

  Under 3.15.0.1.2, attempting to connect to a running unprivileged
  container:

  $ lxc-attach --clear-env -n trusty -- /bin/true
  lxc-attach: Permission denied - Could not open /proc/3805/personality
  lxc-attach: failed to get context of the init process, pid = 3805

  Note that lxc-start and lxc-console are not affected.

  To recreate:

  1) Create an unpriv container:

  $ lxc-create -n utopic -t download -- -d ubuntu -r utopic -a amd64

  2) Boot with 3.13.0-24-generic

  3) Start the container:
  $ lxc-start -n utopic

  4) Run a command in the container:

  $ lxc-attach -n utopic --clear-env -n trusty -- /bin/true

  5) Reboot into 3.15.0.1.2 and re-run the lxc-start and lxc-attach.

  6) Observe the EPERM error.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.10
  Package: linux-generic 3.15.0.1.2
  ProcVersionSignature: Ubuntu 3.13.0-24.47-generic 3.13.9
  Uname: Linux 3.13.0-24-generic x86_64
  ApportVersion: 2.14.2-0ubuntu4
  Architecture: amd64
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/controlC1:  james      2827 F.... pulseaudio
   /dev/snd/pcmC1D0p:   james      2827 F...m pulseaudio
   /dev/snd/controlC0:  james      2827 F.... pulseaudio
  CurrentDesktop: Unity
  Date: Thu May 22 07:21:55 2014
  HibernationDevice: RESUME=UUID=db600bbe-faca-41f4-9338-c3e8e227599a
  InstallationDate: Installed on 2014-04-11 (40 days ago)
  InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Daily amd64 (20140409)
  MachineType: LENOVO 20AQCTO1WW
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.13.0-24-generic root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7
  RelatedPackageVersions:
   linux-restricted-modules-3.13.0-24-generic N/A
   linux-backports-modules-3.13.0-24-generic  N/A
   linux-firmware                             1.129
  SourcePackage: linux
  UpgradeStatus: Upgraded to utopic on 2014-05-08 (13 days ago)
  dmi.bios.date: 02/10/2014
  dmi.bios.vendor: LENOVO
  dmi.bios.version: GJET71WW (2.21 )
  dmi.board.asset.tag: Not Available
  dmi.board.name: 20AQCTO1WW
  dmi.board.vendor: LENOVO
  dmi.board.version: 0B98405 STD
  dmi.chassis.asset.tag: No Asset Information
  dmi.chassis.type: 10
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: Not Available
  dmi.modalias: dmi:bvnLENOVO:bvrGJET71WW(2.21):bd02/10/2014:svnLENOVO:pn20AQCTO1WW:pvrThinkPadT440s:rvnLENOVO:rn20AQCTO1WW:rvr0B98405STD:cvnLENOVO:ct10:cvrNotAvailable:
  dmi.product.name: 20AQCTO1WW
  dmi.product.version: ThinkPad T440s
  dmi.sys.vendor: LENOVO

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1322067/+subscriptions


Follow ups

References