touch-packages team mailing list archive

[Adam Ryczkowski <adam.ryczkowski@xxxxxxxxxxxxxx>]

I really don't know how to tell you, which Trusty's 64bit minimal cd I
used. I didn't even know that there are more than one.

I just downloaded the fresh minimal cd about week before posting this
bug. When opening the minimal cd in file browser I see no files with
names "version", "changelog" or anything similar. The best I found a
contents of the .disk/mini-info:

Ubuntu 14.04 "trusty" - amd64 (20101020ubuntu318)

uname -r
3.13.0-39-generic

Host's home lies on ecryptfs on top of btrfs:

$ mount
/dev/mapper/sdalvm-root on / type btrfs (rw,noatime,subvol=@)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /sys/fs/cgroup type tmpfs (rw)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
udev on /dev type devtmpfs (rw,mode=0755)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)
none on /run/shm type tmpfs (rw,nosuid,nodev)
none on /run/user type tmpfs (rw,noexec,nosuid,nodev,size=104857600,mode=0755)
none on /sys/fs/pstore type pstore (rw)
/dev/mapper/sdalvm-root on /home type btrfs (rw,noatime,subvol=@home)
/dev/sda1 on /boot type ext3 (rw)
systemd on /sys/fs/cgroup/systemd type cgroup (rw,noexec,nosuid,nodev,none,name=systemd)
/home/zosia/.Private on /home/zosia type ecryptfs (ecryptfs_check_dev_ruid,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs,ecryptfs_sig=65ba6ff1cded08ed,ecryptfs_fnek_sig=e9a5867908bf1b34)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1389305

Title:
  sudo doesn't work on unprivileged lxc container

Status in “lxc” package in Ubuntu:
  Incomplete

Bug description:
  On Ubuntu 14.04 64 bit, after adding a user into an unprivileged
  container, the sudo complains that:

  $ sudo su
  sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?

  To reproduce:

  1. Download and install the Ubuntu amd64 minimalcd
  2. Install lxc on it and openssh for convenience.
  3. follow https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/ ; specifically do:
       a) sudo usermod --add-subuids 100000-165536 $USER
       b) sudo usermod --add-subgids 100000-165536 $USER
       c) sudo chmod +x $HOME
       d) create the file  ~/.config/lxc/default.conf with the following contents:
  lxc.include = /etc/lxc/default.conf
  lxc.id_map = u 0 100000 65536
  lxc.id_map = g 0 100000 65536
       e) echo "$USER veth lxcbr0 10" | sudo tee /etc/lxc/lxc-usernet
  (restart is not required)
  4. Create the container with
  lxc-create -t download -n p1 -- -d ubuntu -r trusty -a amd64
  5. Install openssh-server in the container:
  lxc-start -d -n p1
  lxc-attach -n p1 -- apt-get install openssh-server
  6. Add a user "adam" with the group sudo
  lxc-attach -n p1 -- adduser adam sudo
  7. Set a password for the user
  8. Log in via ssh (and provide the password from step 7)
  ssh p1@adam
  9. On the p1:
  adam@p1$ sudo su
  sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?

  I expected it to make change the user to root.

  lxc version: 1.0.3-0ubuntu3
  $cat ~/.cache/lxc/download/ubuntu/trusty/amd64/default/build_id
  20141101_03:49

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1389305/+subscriptions