[Bug 645625] Re: lxc container can power-off host machine
thanks for your infomation,Serge -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 645625] Re: lxc container can power-off host machine
Quoting Lawrance (lawrancej...@gmail.com): can somebody show we how to solve this problem with appamor, i install openstack with lxc installed, and i can use echo b /proc/sysrq-trigger to power-off host. sorry,i'am newbie to appamor... thanks Openstack uses libvirt-lxc. The apparmor policies are in effect for containers created and started through the lxc package, which is a completely different source unfortunately. Adding apparmor protections will need to either be done separately in libvirt source, or achieved by writing a new libvirt lxc driver which uses our lxc package. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 645625] Re: lxc container can power-off host machine
can somebody show we how to solve this problem with appamor, i install openstack with lxc installed, and i can use echo b /proc/sysrq-trigger to power-off host. sorry,i'am newbie to appamor... thanks -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 645625] Re: lxc container can power-off host machine
Quoting maxadamo (645...@bugs.launchpad.net): don't want to argue, but may I ask why you decided to tag the urgency of this issue as low? Because of the many ways that root in a container can mess with a host, this is only one. One can stop 30 containers and the host machine and the host machine, by issuing a simple command on one of the containers and you say urgency is just low? Wasn't it at least medium, if not high? No, because for 12.04 our goal is only to prevent accidental abuses of the host by a container. There is no way we can claim to prevent actual mischief. Put another way, if this would be a high priority item for your use case, then lxc is not yet right for your use case. Note that work toward a user namespace, which will help achieve that goal, is heavily under way. Nevertheless, note that it is fix released. With the current apparmor policy in 12.04, you should not be able to reboot through /proc/sysrq-trigger. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 645625] Re: lxc container can power-off host machine
It's correct what you wrote. Thanks. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 645625] Re: lxc container can power-off host machine
don't want to argue, but may I ask why you decided to tag the urgency of this issue as low? One can stop 30 containers and the host machine and the host machine, by issuing a simple command on one of the containers and you say urgency is just low? Wasn't it at least medium, if not high? cheers. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 645625] Re: lxc container can power-off host machine
This bug was fixed in the package lxc - 0.7.5-3ubuntu41 --- lxc (0.7.5-3ubuntu41) precise; urgency=low * add lxc-shutdown command: - 0060-lxc-shutdown: add the command to the source - debian/lxc.upstart: use lxc-shutdown to shut down containers cleanly - debian/lxc.default: add LXC_SHUTDOWN_TIMEOUT (default 120s) * support per-container apparmor policies: (LP: #953453) - 0061-lxc-start-apparmor: add lxc.aa_profile to config file. If not specified, lxc-default profile is used for container. Otherwise, the specified profile is used. Note that per-container profiles must be named 'lxc-*'. - split debian/lxc-default.apparmor from debian/lxc.apparmor. - have /etc/apparmor.d/lxc-containers #include /etc/apparmor.d/lxc/* - debian/lxc.postinst: load the new lxc-containers profiles - debian/lxc.postrm: remove lxc-containers profiles - debian/rules: make new etc/apparmor.d/lxc dir and copy lxc-default into it - debian/control: add libapparmor-dev to build-depends - debian/lxc.upstart: load apparmor per-container policies at pre-start. * debian/lxc.apparmor: insert the stricter mount rules for lxc-start (LP: #645625) (LP: #942934) * debian/local/lxc-start-ephemeral: re-enable aufs option (LP: #960262) * replace upstream lxc-wait with our own bash script (LP: #951181) - debian/local/lxc-wait: the script - debian/rules: copy the script into place * 0062-templates-relative-paths: update templates to use relative paths, and make lxc-start always accept /var/lib/lxc/CN/rootfs as target prefix, to make lvm containers work. (LP: #960860) -- Serge Hallyn serge.hal...@ubuntu.com Wed, 21 Mar 2012 08:20:06 -0500 ** Changed in: lxc (Ubuntu) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 645625] Re: lxc container can power-off host machine
This is partially solved by the new apparmor policy, and will be Closed once the new apparmor mount restrictions are available and exploited in the lxc apparmor policy (soon). -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 645625] Re: lxc container can power-off host machine
** Changed in: lxc (Ubuntu) Status: Confirmed = Triaged -- You received this bug notification because you are a member of Ubuntu Server Team, which is a direct subscriber. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 645625] Re: lxc container can power-off host machine
Thanks for taking an interest and reporting this bug. You can use LSMs to mitigate this to some extent. However the real solution will be completion of the user namespace and proc filtering. Both are well-known and substantial todo items. I am marking this Triaged as (a) the proper solution is known, and (b) the community is slowly but surely addressing it. -- You received this bug notification because you are a member of Ubuntu Server Team, which is a direct subscriber. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
