Public bug reported:
Impact: When the ipc and user namespaces are unshared in a single system
call mqueue will do an internal mount of the new mqueue super block
before the new user namespace is installed. This results in s_user_ns
being set to the parent user ns, however the new ipc ns is owned by the
new user ns. Attempting to mount the mqueue filesystem in the new user
ns results in EBUSY when it should succeed. This breaks docker when user
namespace support is enabled.
Fix: Use the ipc namespace's owner for s_user_ns for all mqueue mounts.
Since mqueue already checks that the user has CAP_SYS_ADMIN in this
namespace for any userspace mounts we already know the user is
sufficiently privileged, and this is really the only arrangement that
makes sense.
Test Case: The following commands will result in a failure to mount
mqueue without the fix; with the fix the mount will succeed.
$ mkdir mnt
$ unshare -Umuniprf --mount-proc bash
# mount -t mqueue mqueue mnt
** Affects: linux (Ubuntu)
Importance: High
Assignee: Seth Forshee (sforshee)
Status: In Progress
** Affects: linux (Ubuntu Xenial)
Importance: High
Assignee: Seth Forshee (sforshee)
Status: In Progress
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: linux (Ubuntu Xenial)
Status: New => In Progress
** Changed in: linux (Ubuntu Xenial)
Assignee: (unassigned) => Seth Forshee (sforshee)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1582378
Title:
Unsharing user and ipc namespaces simultaneously makes mqueue
unmountable
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1582378/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
