Ubuntu
linux package

Chown of file within overlayfs with setuid set crashes kernel

Bug #1622396 reported by davegoodson
This bug report is a duplicate of:  Bug #1618572: apt-key add fails in overlayfs. Edit Remove
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

The kernel crashes when the ownership of a file is changed when the set{u,g}id permission is set within a overlayfs.

I originally found this bug within a nested docker container inside an lxd container. I then tested this with a overlayfs running directly on the host.

I have tested this on multiple systems, physical and virtual (virtualbox and kvm) all produces the same result.

Expected case:
ownership of file with set(u,g)id set is changed.

Actual case:
chown segfaults with kernel error.

Version sig: Ubuntu 4.4.0-36.55-generic 4.4.16
Description: Ubuntu 16.04.1 LTS x86_64

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-36-generic 4.4.0-36.55
ProcVersionSignature: Ubuntu 4.4.0-36.55-generic 4.4.16
Uname: Linux 4.4.0-36-generic x86_64
AlsaVersion: Advanced Linux Sound Architecture Driver Version k4.4.0-36-generic.
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/pcmC0D1c', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/controlC0', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
Card0.Amixer.info: Error: [Errno 2] No such file or directory: 'amixer'
Card0.Amixer.values: Error: [Errno 2] No such file or directory: 'amixer'
Date: Sun Sep 11 23:10:57 2016
HibernationDevice: RESUME=/dev/mapper/lxd--vg-swap_1
InstallationDate: Installed on 2016-09-09 (2 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719)
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
Lsusb:
 Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
 Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
ProcFB: 0 vboxdrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-36-generic root=/dev/mapper/hostname--vg-root ro
RelatedPackageVersions:
 linux-restricted-modules-4.4.0-36-generic N/A
 linux-backports-modules-4.4.0-36-generic N/A
 linux-firmware 1.157.3
RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:rvnOracleCorporation:rnVirtualBox:rvr1.2:cvnOracleCorporation:ct1:cvr:
dmi.product.name: VirtualBox
dmi.product.version: 1.2
dmi.sys.vendor: innotek GmbH

See original description
Revision history for this message
davegoodson (5-me-o) wrote :
description: updated
description: updated
Revision history for this message
Brad Figg (brad-figg) wrote : Status changed to Confirmed

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Tim Gardner (timg-tpi) wrote :

I believe this bug to be a duplicate. Please install linux 4.4.0-38.57 from proposed.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.