Comment 0 for bug 1509752

This bug/limitation is present in lxc from 1.0.7-0ubuntu0.5 through 1.0.7-0ubuntu0.9 (or anything that incorporates 0003-CVE-2015-1335.patch). Basically, the limitation is obvious when using recursive bind mounts because ensure_not_symlink() only checks the last line of /proc/self/mountinfo which will be a submount so will always fail the test and trigger:

ensure_not_symlink: 1413 Mount onto /usr/lib/x86_64-linux-gnu/lxc/storage resulted in /usr/lib/x86_64-linux-gnu/lxc/storage/submount, not /usr/lib/x86_64-linux-gnu/lxc/storage

Sorry if this is a duplicate, I did spend quite some time trying to find a similar report.

Thanks!