Great, thanks for the information. ecryptfs is a stackable filesystem, meaning that it sits between a real filesystem and your view of it, interpreting (encrypting/decrypting) data. There are several things which are notably difficult for a stackign filesystem to get right.
I'm going to mark this bug as affecting ecryptfs mainly so others can find the information should they run into this. However it is not something I would actually expect to get fixed, though it's not impossible. ** Also affects: ecryptfs-utils (Ubuntu) Importance: Undecided Status: New ** Changed in: lxc (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1389305 Title: sudo doesn't work on unprivileged lxc container Status in “ecryptfs-utils” package in Ubuntu: New Status in “lxc” package in Ubuntu: Invalid Bug description: On Ubuntu 14.04 64 bit, after adding a user into an unprivileged container, the sudo complains that: $ sudo su sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges? To reproduce: 1. Download and install the Ubuntu amd64 minimalcd 2. Install lxc on it and openssh for convenience. 3. follow https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/ ; specifically do: a) sudo usermod --add-subuids 100000-165536 $USER b) sudo usermod --add-subgids 100000-165536 $USER c) sudo chmod +x $HOME d) create the file ~/.config/lxc/default.conf with the following contents: lxc.include = /etc/lxc/default.conf lxc.id_map = u 0 100000 65536 lxc.id_map = g 0 100000 65536 e) echo "$USER veth lxcbr0 10" | sudo tee /etc/lxc/lxc-usernet (restart is not required) 4. Create the container with lxc-create -t download -n p1 -- -d ubuntu -r trusty -a amd64 5. Install openssh-server in the container: lxc-start -d -n p1 lxc-attach -n p1 -- apt-get install openssh-server 6. Add a user "adam" with the group sudo lxc-attach -n p1 -- adduser adam sudo 7. Set a password for the user 8. Log in via ssh (and provide the password from step 7) ssh p1@adam 9. On the p1: adam@p1$ sudo su sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges? I expected it to make change the user to root. lxc version: 1.0.3-0ubuntu3 $cat ~/.cache/lxc/download/ubuntu/trusty/amd64/default/build_id 20141101_03:49 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1389305/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp