I retested using lxc-1.1.4 from the lxc-stable ppa (https://launchpad.net/~ubuntu-lxc/+archive/ubuntu/lxc-stable) which I added to a fresh vm image from the daily-builds, https://cloud- images.ubuntu.com/trusty/current.
"lxc-start -n trusty_overlay" fails as before, with the same error message, ERROR lxc_utils - utils.c:safe_mount:1641 - Permission denied - Failed to mount /home/ubuntu/test.txt onto /usr/lib/x86_64-linux-gnu/lxc/home/ubuntu/test.txt ERROR lxc_conf - conf.c:mount_entry:1731 - Permission denied - failed to mount '/home/ubuntu/test.txt' on '/usr/lib/x86_64-linux-gnu/lxc/home/ubuntu/test.txt' ERROR lxc_conf - conf.c:lxc_setup:3745 - failed to setup the mount entries for 'trusty_overlay' Chris, it would be of interest to see whether you can reproduce the underlying kernel bug using this script, #!/bin/bash fatal() { echo "error: $@"; exit 1; } echo -e "testing for overlayfs kernel bug in kernels <= 3.17."; echo -e "(This script does not work for the newer version of overlayfs in kernels 3.18+)"; mkdir test_dir || fatal "mkdir test_dir"; sudo mount -t tmpfs none test_dir || fatal "mount tmpfs"; cd test_dir; mkdir lowerdir upperdir overlayfs; sudo mount -t overlayfs -o lowerdir=lowerdir,upperdir=upperdir none overlayfs || fatal "mount overlayfs"; exec 6> file_tmpfs.txt; exec 7> lowerdir/file_lowerdir.txt; exec 8> upperdir/file_upperdir.txt; exec 9> overlayfs/file_overlayfs.txt; echo -e "\ncontents of /proc/$BASHPID/fd/ . A broken symbolic link to file_overlayfs.txt indicates a kernel bug"; echo "--------------------------------------------------------------------------------------------------------"; file /proc/$BASHPID/fd/[6-9]; # cleanup exec 9>&-; exec 8>&-; exec 7>&-; exec 6>&-; sudo umount overlayfs; cd ..; sudo umount test_dir && rmdir test_dir; #----------end of script Running the script as root, sudo ./script, I get the following output, testing for overlayfs kernel bug in kernels <= 3.17. (This script does not work for the newer version of overlayfs in kernels 3.18+) contents of /proc/1916/fd/ . A broken symbolic link to file_overlayfs.txt indicates a kernel bug -------------------------------------------------------------------------------------------------------- /proc/1916/fd/6: symbolic link to `/home/ubuntu/test_dir/file_tmpfs.txt' /proc/1916/fd/7: symbolic link to `/home/ubuntu/test_dir/lowerdir/file_lowerdir.txt' /proc/1916/fd/8: symbolic link to `/home/ubuntu/test_dir/upperdir/file_upperdir.txt' /proc/1916/fd/9: broken symbolic link to `/file_overlayfs.txt' It seems that the kernel bug is causing fd 9 to point to /file_overlayfs.txt, when it should point to /home/ubuntu/test_dir/overlayfs/file_overlayfs.txt . The lxc commit which introduced safe_mount(), which passes fd's as arguments to mount() is, CVE-2015-1335: Protect container mounts against symlinks https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d Here is the relevant part of the commit, which creates a file descriptor and passes it to mount(). + destfd = open_without_symlink(dest, rootfs); + if (destfd < 0) { + if (srcfd != -1) + close(srcfd); + return destfd; + } + + ret = snprintf(destbuf, 50, "/proc/self/fd/%d", destfd); + if (ret < 0 || ret > 50) { + if (srcfd != -1) + close(srcfd); + close(destfd); + ERROR("Out of memory"); + return -EINVAL; + } + + ret = mount(mntsrc, destbuf, fstype, flags, data); ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1335 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1507463 Title: OverlayFS: Wrong mnt_id and path reported in /proc in linux-3.13 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1507463/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs