[Touch-packages] [Bug 1454057] Re: mounts are shared by default on ubuntu 15.04
The problem with schroot is tracked in bug 1430557. The original reporter here already asked to close it, most other distros (all with systemd, including Fedora, SUSE, Arch, and most importantly Debian) now default to shared namespaces. Also, nspawn works perfectly well on Ubuntu and people are using it. Hence I still consider this wontfix -- let's fix schroot instead, which needs to happen anyway given that regardless of the distro default the admin can still set the default mount policy or individual mounts to being shared. ** Changed in: systemd (Ubuntu) Status: New = Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1454057 Title: mounts are shared by default on ubuntu 15.04 Status in systemd package in Ubuntu: Won't Fix Bug description: Ubuntu 15.04: nir@reed:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:5 / / rw,relatime shared:1 - ext4 /dev/disk/by-uuid/70f9850c-8ebd-4881-a504-e14ec8d37f66 rw,discard,errors=remount-ro,data=ordered Ubuntu 14.10: nir@pilgrim:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:1 / / rw,relatime - ext4 /dev/disk/by-uuid/1d8ff8a8-6026-48dd-b6ce-e52b46c1f33d rw,errors=remount-ro,data=ordered This breaks CLONE_NEWNS and may present a security threat since process' private mounts are viewable to all and will persist after the process exits. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1454057/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1454057] Re: mounts are shared by default on ubuntu 15.04
** Tags added: vivid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1454057 Title: mounts are shared by default on ubuntu 15.04 Status in systemd package in Ubuntu: New Bug description: Ubuntu 15.04: nir@reed:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:5 / / rw,relatime shared:1 - ext4 /dev/disk/by-uuid/70f9850c-8ebd-4881-a504-e14ec8d37f66 rw,discard,errors=remount-ro,data=ordered Ubuntu 14.10: nir@pilgrim:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:1 / / rw,relatime - ext4 /dev/disk/by-uuid/1d8ff8a8-6026-48dd-b6ce-e52b46c1f33d rw,errors=remount-ro,data=ordered This breaks CLONE_NEWNS and may present a security threat since process' private mounts are viewable to all and will persist after the process exits. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1454057/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1454057] Re: mounts are shared by default on ubuntu 15.04
Right, this has been subject of countless debates, but it's not going to change at this point any more. The behavior change was made for the benefit of systemd's built-in container solution, which we do not use in Ubuntu. Alignment with upstream when upstream's behavior breaks our users' systems is not a goal unto itself. Please reconsider whether this behavior is correct in the context of *Ubuntu*, or if this behavior should be reverted in order to un-break existing systems (including, but not limited to, schroot+ecryptfs systems). ** Changed in: systemd (Ubuntu) Status: Won't Fix = New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1454057 Title: mounts are shared by default on ubuntu 15.04 Status in systemd package in Ubuntu: New Bug description: Ubuntu 15.04: nir@reed:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:5 / / rw,relatime shared:1 - ext4 /dev/disk/by-uuid/70f9850c-8ebd-4881-a504-e14ec8d37f66 rw,discard,errors=remount-ro,data=ordered Ubuntu 14.10: nir@pilgrim:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:1 / / rw,relatime - ext4 /dev/disk/by-uuid/1d8ff8a8-6026-48dd-b6ce-e52b46c1f33d rw,errors=remount-ro,data=ordered This breaks CLONE_NEWNS and may present a security threat since process' private mounts are viewable to all and will persist after the process exits. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1454057/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1454057] Re: mounts are shared by default on ubuntu 15.04
Related: http://cgit.freedesktop.org/systemd/systemd/commit/?id=b3ac5f8cb98757416d8660023d6564a7c411f0a0 ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1454057 Title: mounts are shared by default on ubuntu 15.04 Status in systemd package in Ubuntu: New Bug description: Ubuntu 15.04: nir@reed:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:5 / / rw,relatime shared:1 - ext4 /dev/disk/by-uuid/70f9850c-8ebd-4881-a504-e14ec8d37f66 rw,discard,errors=remount-ro,data=ordered Ubuntu 14.10: nir@pilgrim:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:1 / / rw,relatime - ext4 /dev/disk/by-uuid/1d8ff8a8-6026-48dd-b6ce-e52b46c1f33d rw,errors=remount-ro,data=ordered This breaks CLONE_NEWNS and may present a security threat since process' private mounts are viewable to all and will persist after the process exits. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1454057/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1454057] Re: mounts are shared by default on ubuntu 15.04
Right, this has been subject of countless debates, but it's not going to change at this point any more. ** Changed in: systemd (Ubuntu) Status: New = Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1454057 Title: mounts are shared by default on ubuntu 15.04 Status in systemd package in Ubuntu: Won't Fix Bug description: Ubuntu 15.04: nir@reed:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:5 / / rw,relatime shared:1 - ext4 /dev/disk/by-uuid/70f9850c-8ebd-4881-a504-e14ec8d37f66 rw,discard,errors=remount-ro,data=ordered Ubuntu 14.10: nir@pilgrim:~$ grep '/ / ' /proc/self/mountinfo 21 0 8:1 / / rw,relatime - ext4 /dev/disk/by-uuid/1d8ff8a8-6026-48dd-b6ce-e52b46c1f33d rw,errors=remount-ro,data=ordered This breaks CLONE_NEWNS and may present a security threat since process' private mounts are viewable to all and will persist after the process exits. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1454057/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
