adam@p1:~$ cat /proc/mounts rootfs / rootfs rw 0 0 /home/adam/.Private / ecryptfs rw,nosuid,nodev,relatime,ecryptfs_fnek_sig=799bd5c1f75cea45,ecryptfs_sig=cead7dbeb43d6c20,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs 0 0 proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0 sysfs /sys sysfs rw,nodev,relatime 0 0 none /sys/fs/fuse/connections fusectl rw,relatime 0 0 none /sys/kernel/debug debugfs rw,relatime 0 0 none /sys/kernel/security securityfs rw,relatime 0 0 none /sys/fs/pstore pstore rw,relatime 0 0 udev /dev/console devtmpfs rw,relatime,size=8111212k,nr_inodes=2027803,mode=755 0 0 udev /dev/full devtmpfs rw,relatime,size=8111212k,nr_inodes=2027803,mode=755 0 0 udev /dev/null devtmpfs rw,relatime,size=8111212k,nr_inodes=2027803,mode=755 0 0 udev /dev/random devtmpfs rw,relatime,size=8111212k,nr_inodes=2027803,mode=755 0 0 udev /dev/tty devtmpfs rw,relatime,size=8111212k,nr_inodes=2027803,mode=755 0 0 udev /dev/urandom devtmpfs rw,relatime,size=8111212k,nr_inodes=2027803,mode=755 0 0 udev /dev/zero devtmpfs rw,relatime,size=8111212k,nr_inodes=2027803,mode=755 0 0 none /sys/firmware/efi/efivars efivarfs rw,relatime 0 0 binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc rw,nosuid,nodev,noexec,relatime 0 0 devpts /dev/console devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0 devpts /dev/tty1 devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0 devpts /dev/tty2 devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0 devpts /dev/tty3 devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0 devpts /dev/tty4 devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0 devpts /dev/pts devpts rw,relatime,gid=100005,mode=620,ptmxmode=666 0 0 none /sys/fs/cgroup tmpfs rw,nodev,relatime,size=4k,mode=755,uid=100000,gid=100000 0 0 none /run tmpfs rw,nosuid,nodev,noexec,relatime,size=1625360k,mode=755,uid=100000,gid=100000 0 0 none /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k,uid=100000,gid=100000 0 0 none /run/shm tmpfs rw,nosuid,nodev,relatime,uid=100000,gid=100000 0 0 none /run/user tmpfs rw,nosuid,nodev,noexec,relatime,size=102400k,mode=755,uid=100000,gid=100000 0 0
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1389305 Title: sudo doesn't work on unprivileged lxc container Status in “lxc” package in Ubuntu: New Bug description: On Ubuntu 14.04 64 bit, after adding a user into an unprivileged container, the sudo complains that: $ sudo su sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges? To reproduce: 1. Download and install the Ubuntu amd64 minimalcd 2. Install lxc on it and openssh for convenience. 3. follow https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/ ; specifically do: a) sudo usermod --add-subuids 100000-165536 $USER b) sudo usermod --add-subgids 100000-165536 $USER c) sudo chmod +x $HOME d) create the file ~/.config/lxc/default.conf with the following contents: lxc.include = /etc/lxc/default.conf lxc.id_map = u 0 100000 65536 lxc.id_map = g 0 100000 65536 e) echo "$USER veth lxcbr0 10" | sudo tee /etc/lxc/lxc-usernet (restart is not required) 4. Create the container with lxc-create -t download -n p1 -- -d ubuntu -r trusty -a amd64 5. Install openssh-server in the container: lxc-start -d -n p1 lxc-attach -n p1 -- apt-get install openssh-server 6. Add a user "adam" with the group sudo lxc-attach -n p1 -- adduser adam sudo 7. Set a password for the user 8. Log in via ssh (and provide the password from step 7) ssh p1@adam 9. On the p1: adam@p1$ sudo su sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges? I expected it to make change the user to root. lxc version: 1.0.3-0ubuntu3 $cat ~/.cache/lxc/download/ubuntu/trusty/amd64/default/build_id 20141101_03:49 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1389305/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp