Ubuntu
lxc package

Bug #1646462
Comment #13

Comment 13 for bug 1646462

Revision history for this message

Ken Sharp (kennybobs) wrote on 2018-07-12: Re: lxc container download error (possibly HSTS related)

#13

I'm pretty certain this is not related to HSTS, and it is a setuid issue:

[pid 19145] openat(3, "uid_map", O_WRONLY|O_LARGEFILE) = 6
[pid 19145] write(6, "0 10000 1\n1001 1001 1\n", 22) = -1 EPERM (Operation not permitted)
[pid 19145] write(2, "newuidmap: write to uid_map fail"..., 60) = 60
[pid 19142] <... read resumed> "newuidmap: write to uid_map fail"..., 4095) = 60
[pid 19145] exit_group(1) = ?
[pid 19142] waitpid(19144, <unfinished ...>
[pid 19145] +++ exited with 1 +++
[pid 19144] <... wait4 resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], 0, NULL) = 19145
[pid 19144] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19145, si_uid=1001, si_status=1, si_utime=0, si_stime=0} ---
[pid 19144] sigreturn({mask=[]}) = 19145
[pid 19144] exit_group(1) = ?
[pid 19144] +++ exited with 1 +++
[pid 19142] <... waitpid resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], 0) = 19144
[pid 19142] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19144, si_uid=1001, si_status=1, si_utime=0, si_stime=0} ---
[pid 19142] close(5) = 0
[pid 19142] write(2, "lxc 20180712141840.743 ERROR "..., 204 <unfinished ...>
[pid 19141] <... read resumed> "lxc 20180712141840.743 ERROR "..., 4095) = 204
[pid 19141] waitpid(19142, <unfinished ...>
[pid 19142] <... write resumed> ) = 204
[pid 19142] write(2, "error mapping child\n", 20) = 20
[pid 19142] write(7, "1", 1 <unfinished ...>
[pid 19143] <... read resumed> "1", 1) = 1
[pid 19143] close(5) = 0
[pid 19143] close(6) = 0
[pid 19143] setgid32(0) = -1 EINVAL (Invalid argument)
[pid 19143] dup(2) = 4
[pid 19143] fcntl64(4, F_GETFL) = 0x1 (flags O_WRONLY)
[pid 19142] <... write resumed> ) = 1
[pid 19143] close(4 <unfinished ...>
[pid 19142] waitpid(19143, <unfinished ...>
[pid 19143] <... close resumed> ) = 0
[pid 19143] write(2, "setgid: Invalid argument\n", 25) = 25
[pid 19143] write(1, "WARN: could not reopen tty: No s"..., 108) = 108
[pid 19143] exit_group(-1) = ?
[pid 19143] +++ exited with 255 +++
[pid 19142] <... waitpid resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 255}], __WALL) = 19143
[pid 19142] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19143, si_uid=1001, si_status=255, si_utime=0, si_stime=0} ---
[pid 19142] exit_group(255) = ?
[pid 19142] +++ exited with 255 +++
<... waitpid resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 255}], 0) = 19142
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19142, si_uid=1001, si_status=255, si_utime=1, si_stime=2} ---
close(4) = 0
write(2, "Error creating container test\n", 30Error creating container test
) = 30
exit_group(1) = ?
+++ exited with 1 +++

Running lxc-create under sudo -H (I haven't created sub-ids for root) works.

This stops me from creating or running any container, which is wonderful.

I'm pretty certain this is not related to HSTS, and it is a setuid issue:

[pid 19145] openat(3, "uid_map", O_WRONLY|O_LARGEFILE) = 6
[pid 19145] write(6, "0 10000 1\n1001 1001 1\n", 22) = -1 EPERM (Operation not permitted)
[pid 19145] write(2, "newuidmap: write to uid_map fail"..., 60) = 60
[pid 19142] <... read resumed> "newuidmap: write to uid_map fail"..., 4095) = 60
[pid 19145] exit_group(1)               = ?
[pid 19142] waitpid(19144,  <unfinished ...>
[pid 19145] +++ exited with 1 +++
[pid 19144] <... wait4 resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], 0, NULL) = 19145
[pid 19144] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19145, si_uid=1001, si_status=1, si_utime=0, si_stime=0} ---
[pid 19144] sigreturn({mask=[]})        = 19145
[pid 19144] exit_group(1)               = ?
[pid 19144] +++ exited with 1 +++
[pid 19142] <... waitpid resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], 0) = 19144
[pid 19142] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19144, si_uid=1001, si_status=1, si_utime=0, si_stime=0} ---
[pid 19142] close(5)                    = 0
[pid 19142] write(2, "lxc 20180712141840.743 ERROR    "..., 204 <unfinished ...>
[pid 19141] <... read resumed> "lxc 20180712141840.743 ERROR    "..., 4095) = 204
[pid 19141] waitpid(19142,  <unfinished ...>
[pid 19142] <... write resumed> )       = 204
[pid 19142] write(2, "error mapping child\n", 20) = 20
[pid 19142] write(7, "1", 1 <unfinished ...>
[pid 19143] <... read resumed> "1", 1)  = 1
[pid 19143] close(5)                    = 0
[pid 19143] close(6)                    = 0
[pid 19143] setgid32(0)                 = -1 EINVAL (Invalid argument)
[pid 19143] dup(2)                      = 4
[pid 19143] fcntl64(4, F_GETFL)         = 0x1 (flags O_WRONLY)
[pid 19142] <... write resumed> )       = 1
[pid 19143] close(4 <unfinished ...>
[pid 19142] waitpid(19143,  <unfinished ...>
[pid 19143] <... close resumed> )       = 0
[pid 19143] write(2, "setgid: Invalid argument\n", 25) = 25
[pid 19143] write(1, "WARN: could not reopen tty: No s"..., 108) = 108
[pid 19143] exit_group(-1)              = ?
[pid 19143] +++ exited with 255 +++
[pid 19142] <... waitpid resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 255}], __WALL) = 19143
[pid 19142] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19143, si_uid=1001, si_status=255, si_utime=0, si_stime=0} ---
[pid 19142] exit_group(255)             = ?
[pid 19142] +++ exited with 255 +++
<... waitpid resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 255}], 0) = 19142
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=19142, si_uid=1001, si_status=255, si_utime=1, si_stime=2} ---
close(4)                                = 0
write(2, "Error creating container test\n", 30Error creating container test
) = 30
exit_group(1)                           = ?
+++ exited with 1 +++

Running lxc-create under sudo -H (I haven't created sub-ids for root) works.

This stops me from creating or running any container, which is wonderful.

Ubuntulxc package

Comment 13 for bug 1646462

Ubuntu
lxc package