Ubuntu
linux package

ubuntu-device-flash snap doesn't work on eCryptfs encrypted home

Bug #1612854 reported by Tyler Hicks
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Triaged
Medium
Tyler Hicks

Bug Description

Originally reported by Michael Vogt and investigated by Jamie Strandboge:

1. create a VM with 5G free space (at least)
2. create a testuser: sudo adduser --encrypt-home testuser
3. add the testuser to 'sudo': sudo adduser testuser sudo
4. login as test user and do:

$ sudo snap install --devmode --edge ubuntu-device-flash
$ sudo DEBUG_DISK=1 strace -o /tmp/trace -f -vv /snap/bin/ubuntu-device-flash core 16 --kernel canonical-snapdragon-linux --gadget canonical-dragon --os ubuntu-core --channel=edge -o $(pwd)/dragon.img
[sudo] password for testuser:
Determining gadget configuration
 744.00 KB / 744.00 KB [=======================================] 100.00% 5.62 MB/s 0
Parallel unsquashfs: Using 1 processor
13 inodes (35 blocks) to write

/tmp/gadget530855550/gadget/fake-gadget/1.0-fake
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/README
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/gpt.bin
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/hyp.mbn
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/meta
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/meta/icon.png
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/meta/snap.yaml
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/rpm.mbn
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/sbl1.mbn
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/sd_appsboot.mbn
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/sec.dat
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/tz.mbn
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/u-boot.img
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/uboot.env
/tmp/gadget530855550/gadget/fake-gadget/1.0-fake/uboot.env.in

created 13 files
created 2 directories
created 0 symlinks
created 0 devices
created 0 fifos

Error: Could not stat device /home/testuser/dragon.img - Permission denied.
issues while partitioning

From strace:
2007 lstat("/home", {st_dev=makedev(253, 1), st_ino=12, st_mode=S_IFDIR|0755, st_nlink=6, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2016/08/12-06:05:24.897831278, st_mtime=2016/08/12-06:05:17.465732936, st_ctime=2016/08/12-06:05:17.465732936}) = 0
2007 lstat("/home/testuser", {st_dev=makedev(0, 40), st_ino=405, st_mode=S_IFDIR|0755, st_nlink=4, st_uid=1001, st_gid=1001, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2016/08/12-06:13:28.992000000, st_mtime=2016/08/12-06:14:42.907782272, st_ctime=2016/08/12-06:14:42.907782272}) = 0
2007 lstat("/home/testuser/dragon.img", 0x7ffe57228440) = -1 EACCES (Permission denied)

But the file exists:
$ stat ./dragon.img
  File: './dragon.img'
  Size: 3899999744 Blocks: 7617216 IO Block: 4096 regular file
Device: 28h/40d Inode: 101 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 1001/testuser) Gid: ( 1001/testuser)
Access: 2016-08-12 06:41:46.871343338 -0500
Modify: 2016-08-12 06:41:46.871343338 -0500
Change: 2016-08-12 06:41:46.871343338 -0500
 Birth: -

Doing this in a non-ecryptfs dir:
$ sudo mkdir /home/foo
$ sudo chown testuser:testuser /home/foo
$ cd /home/foo
$ sudo DEBUG_DISK=1 strace -o /tmp/trace -f -vv /snap/bin/ubuntu-device-flash core 16 --kernel canonical-snapdragon-linux --gadget canonical-dragon --os ubuntu-core --channel=edge -o $(pwd)/dragon.img
...
New image complete
Summary:
 Output: /home/foo/dragon.img
 Architecture: arm64
 Channel: edge
 Version: 0

Looking in this strace:
2032 lstat("/home", {st_dev=makedev(253, 1), st_ino=12, st_mode=S_IFDIR|0755, st_nlink=6, st_uid=0, st_gid=0, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2016/08/12-06:05:24.897831278, st_mtime=2016/08/12-06:05:17.465732936, st_ctime=2016/08/12-06:05:17.465732936}) = 0
2032 lstat("/home/foo", {st_dev=makedev(253, 1), st_ino=107, st_mode=S_IFDIR|0755, st_nlink=2, st_uid=1001, st_gid=1001, st_blksize=4096, st_blocks=8, st_size=4096, st_atime=2016/08/12-06:15:28.732042881, st_mtime=2016/08/12-06:15:35.783602468, st_ctime=2016/08/12-06:15:35.783602468}) = 0
2032 lstat("/home/foo/dragon.img", {st_dev=makedev(253, 1), st_ino=85, st_mode=S_IFREG|0644, st_nlink=1, st_uid=1001, st_gid=1001, st_blksize=4096, st_blocks=0, st_size=3899999744, st_atime=2016/08/12-06:15:35.783602468, st_mtime=2016/08/12-06:15:35.783602468, st_ctime=2016/08/12-06:15:35.783602468}) = 0

Revision history for this message
Tyler Hicks (tyhicks) wrote :

This is an odd one. I can consistently reproduce it using the Xenial kernel (4.4.0-34.53-generic) but cannot reproduce it using other kernels.

u-d-f works when running under a development kernel build of 4.7. It also works when running under 4.7, 4.6, 4.5, and 4.4 kernels from http://kernel.ubuntu.com/~kernel-ppa/mainline/.

Revision history for this message
Tyler Hicks (tyhicks) wrote :

The next step is to look at any Ubuntu SAUCE patches and the differences between the distro kernel config and the configs of the mainline builds.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.