** Changed in: cgmanager (Ubuntu Utopic)
Status: Confirmed => Fix Released
** Changed in: cgmanager (Ubuntu Trusty)
Status: Fix Committed => Confirmed
** Description changed:
+ ===============================================================
+ Impact: unprivileged users cannot attach to a container from a different
login session
+ Test Case:
+ lxc-start -n u1 -d
+ ssh localhost lxc-attach -n u1 /bin/true
+ Regression potential: This implements a new method, so should not regress
existing functionalty.
+ ===============================================================
+
When using the cgroup manager, if an unprivileged user starts a
container from one login session, then ssh's back in and tries lxc-
attach, that will fail.
The workaround for this is simply to start a container under screen or
tmux, then re-attach to that session to lxc-attach.
The proper fix is to use MovePidAbs in lxc-attach to move the current
task to the 'full' (relative to proxy) cgroup of the container. This
requires a new GetPidCgroupAbs method (which is in cgmanager utopic but
not yet in trusty) to find out the proper cgroup to attach to.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1315052
Title:
lxc-attach from a different login session fails
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cgmanager/+bug/1315052/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
