Here is what I did with strace: fred@it1-pc33:~/test$ mkdir d1 d2 home; touch home/f1; sudo mount -t aufs -o br=d1:home none d2
fred@it1-pc33:~/test$ mount /dev/sda1 on / type ext4 (rw,errors=remount-ro) ... none on /home2/fred/test/d2 type aufs (rw,relatime,si=deb855b9) Homedir of fred is ext4 fred@it1-pc33:~/test$ strace -e trace=file rm d2/f1 execve("/bin/rm", ["rm", "d2/f1"], [/* 34 vars */]) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/i386-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 3 faccessat(AT_FDCWD, "d2/f1", W_OK) = 0 unlinkat(AT_FDCWD, "d2/f1", 0) = -1 EPERM (Operation not permitted) ... Hence it is unlinkat. root@it1-pc33:~# apt-cache show aufs-tools Original-Maintainer: Daniel Baumann <daniel.baum...@progress-technologies.net> Architecture: i386 Version: 1:3.0+20111101-1ubuntu1 --> You said according to git it should print "aufs3.2 20120109". My installation is not older than 1 month, but i will do an upgrade and report. root@it1-pc33:~# uname -a Linux it1-pc33 3.2.0-45-generic-pae #70-Ubuntu SMP Wed May 29 20:31:05 UTC 2013 i686 i686 i386 GNU/Linux root@it1-pc33:~# apt-cache show apparmor Architecture: i386 Version: 2.7.102-0ubuntu3 I would be glad to help and apply a debug patch on my side. For that, I assume I have to download the sources (apt-get source aufs-tools), cd aufs-tools-3.0+20111101/, apply your patch (via patch??), compile (make && make install ???) and ?? Then I mail you back some output. Markus Am 09.07.2013 03:42, schrieb sf...@users.sourceforge.net: > Markus Weich: >> just to sum up again: as user fred2, I did: mkdir d1 d2 home; touch home/f1 >> as root, I did: mount -t aufs -o br=d1:home none d2 >> root@it1-pc40:$ find d1 d2 home -printf "%h/%f %M %u %g\n" >> ./d1 drwxr-xr-x fred2 users >> d1/.wh..wh.plnk drwx------ root root >> d1/.wh..wh.aufs -r--r--r-- root root >> d1/.wh..wh.orph drwx------ root root >> ./d2 drwxr-xr-x fred2 users >> d2/f1 -rw-r--r-- fred2 users >> ./home drwxr-xr-x fred2 users >> home/f1 -rw-r--r-- fred2 users >> >> rm d2/f1 --> leads to "operation not permitted" > On my test system which is > - aufs3.9 locally modified version > - on ext2 branches > > $ mkdir d1 d2 home; touch home/f1 > $ sudo mount -t aufs -o br=d1:home none d2 > [sudo] password for xxx: > aufs: module verification failed: signature and/or required key missing - > tainting kernel > aufs 3.9 > $ find d1 d2 home -printf "%h/%f %M %u %g\n" > ./d1 drwxr-xr-x xxx xxx > d1/.wh..wh.aufs -r--r--r-- root root > d1/.wh..wh.plnk drwx------ root root > find: `d1/.wh..wh.plnk': Permission denied > d1/.wh..wh.orph drwx------ root root > find: `d1/.wh..wh.orph': Permission denied > ./d2 drwxr-xr-x xxx xxx > d2/f1 -rw-r--r-- xxx xxx > ./home drwxr-xr-x xxx xxx > home/f1 -rw-r--r-- xxx xxx > $ rm d2/f1 > rm: remove regular empty file `d2/f1'? y > $ > > As far as I know, there have never been a report such simple operation > fails. > So I guess there may exist a restriction or limitation out of aufs. For > example, LSM configuration or ubuntu specific settings. > > For more investigation, we need to find the systemcall which returned > the error as a first step. Could you post the output of "strace rm > d2/f1"? Currently I guess it is unlink(2). > And if I make a debug print patch to identify which module caused the > error, could you apply and test it on your side? > > >> Kernel is 3.2.0-45-generic-pae from ubuntu 12.04 standard installation, >> the dirs are on ext4. Aufs Version is version 3.x-rcN-20111205. > According to git://kernel.ubuntu.com/ubuntu/ubuntu-precise.git, the > latest ubuntu-precise should print "aufs3.2 20120109". It means that > you are using a little older ubuntu-precise. But I don't know it is a > problem. > > > J. R. Okajima > ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk