[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
I'm still seeing this on 12.04, but not on 13.04. Reproducible as follows: me@laptop ~/temp $ mkdir ro rw aufs me@laptop ~/temp $ touch ro/dummy me@laptop ~/temp $ sudo mount -t aufs -o dirs=rw:ro=ro none aufs [sudo] password for me: me@laptop ~/temp $ ls aufs/ dummy me@laptop ~/temp $ rm aufs/dummy rm: cannot remove `aufs/dummy': Operation not permitted me@laptop ~/temp $ On 13.04 I don't get the error message and the file is 'deleted' (i.e, a whiteout file is correctly created). Looks like the bug fix hasn't been ported to the LTS release, but probably needs doing so. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/663069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
Upgrade from what to what? I see this on a tmpfs+aufs mount. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/663069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
Is this still happening? I no longer have the system that I found this bug on. I posted the workaround in this threads first message, and a solution was committed to Ubuntu long ago. Should not be a problem in current ubuntu. Yes, my searches say that the fix was committed in July 2011. If you are still having this issue, and you have updated to a current version, then post a new bug: You've caught a regression. If you have not updated, then do. On 7 October 2012 04:00, rbhkamal 663...@bugs.launchpad.net wrote: Where do get the fix for this? Thanks -- You received this bug notification because you are subscribed to the bug report. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/663069/+subscriptions -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/663069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
Where do get the fix for this? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/663069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
This was fixed by this commit: UBUNTU: ubuntu: Yama: if an underlying filesystem provides a permissions op When we are checking permissions on hardlinks we use generic_permissions() to work out if the user actually has read/write permissions and only then allow the link. However where the underlying filesystem supplies a permissions() op there is no guarentee that the inode ownership is actually valid and we must use that op instead. Add a new function mirroring the core fragment from inode_permission using the filesystem specific permissions() op falling back to generic_permissions() when it is not present. With this in place links in overlayfs behave as expected. Signed-off-by: Andy Whitcroft a...@canonical.com ** Changed in: linux (Ubuntu) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/663069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
** Changed in: launchpad Status: Triaged = Won't Fix ** No longer affects: launchpad -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/663069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
** Also affects: launchpad Importance: Undecided Status: New ** Changed in: launchpad Status: New = Triaged ** Changed in: launchpad Importance: Undecided = Low ** Tags added: paralleltest -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/launchpad/+bug/663069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
** Changed in: launchpad Importance: Low = High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/launchpad/+bug/663069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
Confirmed. This also causes problems if you try to use aufs to create a sandbox directory for LTSP guest users, like this: http://kristianlyng.wordpress.com/2010/03/19/a-sandboxed-home-directory/ This fails because xauth can't remove and replace the .Xauthority file when you log in graphically. sshd tells xauth to remove the existing cookie and create a new one. xauth creates .Xauthority-n, tries to remove .Xauthority (which fails), and then tries to hardlink .Xauthority to .Xauthority-n (which fails because .Xauthority still exists): [pid 1150] send(10, 39Dec 7 16:34:12 sshd[1150]: debug1: Forked child 10969., 59, MSG_NOSIGNAL unfinished ... [pid 10969] execve(/usr/sbin/sshd, [/usr/sbin/sshd, -R], [/* 5 vars */]) = 0 [pid 10969] clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb771cb48) = 11031 Process 11031 attached [pid 10969] send(4, 38Dec 7 16:34:20 sshd[10969]: User child is on pid 11031, 59, MSG_NOSIGNAL) = 59 [pid 11031] clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb771cb48) = 11032 Process 11032 attached [pid 11032] clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb771cb48) = 11033 Process 11033 attached [pid 11033] execve(/bin/sh, [sh, -c, /usr/bin/xauth -q -], [/* 13 vars */] unfinished ... [pid 11032] write(4, remove unix:38.0\nadd unix:38.0 MIT-MAGIC-COOKIE-1 9296d13c776bd89c10fe65673f3088e5\n, 83 unfinished ... [pid 11033] clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7880938) = 11034 Process 11034 attached [pid 11034] execve(/usr/bin/xauth, [/usr/bin/xauth, -q, -], [/* 14 vars */]) = 0 [pid 11034] open(/home/guest_091221/.Xauthority, O_RDONLY) = 3 [pid 11034] close(3)= 0 [pid 11034] read(0, remove unix:38.0\nadd unix:38.0 MIT-MAGIC-COOKIE-1 9296d13c776bd89c10fe65673f3088e5\n, 4096) = 83 [pid 11034] unlink(/home/guest_091221/.Xauthority) = -1 EPERM (Operation not permitted) [pid 11034] link(/home/guest_091221/.Xauthority-n, /home/guest_091221/.Xauthority) = -1 EEXIST (File exists) [pid 11034] write(2, /usr/bin/xauth: unable to link authority file /home/guest_091221/.Xauthority, use /home/guest_091221/.Xauthority-n\n, 116) = 116 Here's how to reproduce it without sshd and xauth: mana...@zambiaserver2:~$ mkdir base mana...@zambiaserver2:~$ touch base/.Xauthority mana...@zambiaserver2:~$ mkdir tmp mana...@zambiaserver2:~$ sudo mount -t tmpfs none tmp mana...@zambiaserver2:~$ mkdir aufs mana...@zambiaserver2:~$ sudo mount -t aufs -o dirs=tmp=rw:base=ro none aufs mana...@zambiaserver2:~$ ls -la aufs total 4 drwxrwxrwt 4 rootroot 100 2010-12-07 16:08 . drwxr-xr-x 39 manager manager 4096 2010-12-07 16:04 .. -rw-r--r-- 1 manager manager0 2010-12-07 16:03 .Xauthority mana...@zambiaserver2:~$ rm aufs/.Xauthority rm: cannot remove `aufs/.Xauthority': Operation not permitted mana...@zambiaserver2:~$ sudo tail -1 /var/log/kern.log Dec 7 16:09:04 zambiaserver2 kernel: [ 3445.254650] non-accessible hardlink creation was attempted by: rm (fsuid 1000) mana...@zambiaserver2:~$ sudo sysctl kernel.yama.protected_nonaccess_hardlinks=0 kernel.yama.protected_nonaccess_hardlinks = 0 mana...@zambiaserver2:~$ rm aufs/.Xauthority mana...@zambiaserver2:~$ ls -la aufs/.Xauthority ls: cannot access aufs/.Xauthority: No such file or directory -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
** Changed in: linux (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/663069 Title: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 663069] Re: non-accessable symlink errors when using aufs-shaddowed read-only root filesystem
Can be easily reproduced with the following steps:
mkdir ro rw aufs
touch ro/foo
sudo mount -t aufs -o br:rw:ro none aufs
mv aufs/{foo,bar}
Gives the following output:
mv: cannot move `aufs/foo' to `aufs/bar': Operation not permitted
And:
dmesg | tail -1
[179473.298795] non-accessible hardlink creation was attempted by: mv (fsuid
1000)
I confirm the kernel.yama.protected_nonaccess_hardlinks=0 workaround
--
non-accessable symlink errors when using aufs-shaddowed read-only root
filesystem
https://bugs.launchpad.net/bugs/663069
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
