> Something I'm still not sure about is what would happen if you made a > symlink, bind mount, etc. in upperdir with the same name as an unrelated > file in lowerdir. This is worth checking out.
just tried a symlink and it didn't seem to affect the host directory (/opt/cisco) which was symlinked to /tmp/upper/cisco in the container to begin with. > > It looks like no, since > > > > root@w1:/tmp# mount -t overlay -o > > lowerdir=lower,upperdir=upper,workdir=workdir overlay /mnt > > root@w1:/tmp# ls /mnt > > cisco > > root@w1:/tmp# rmdir /mnt/cisco > > rmdir: failed to remove ‘/mnt/cisco’: Read-only file system > > root@w1:/tmp# mv /mnt/cisco /mnt/c2 > > mv: cannot move ‘/mnt/cisco’ to ‘/mnt/c2’: Read-only file system > > > > (here w1 is a unpriv container with /hostopt a bind mount of /opt on the > > host; cisco a directory both in host's /opt and in /tmp/lowerdir) > > I think I'm missing something here. I don't know why your mount is > read-only. Because a directory in workdir is owned by uid -1 (root on the host). > But even if it wasn't, cisco is in lowerdir and thus should > never be modified or removed in any case. Removing it in /mnt should (I Right, but I was trying to use workdir as a vector to make changes to something in the host's opt. Not lowerdir. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1531747 Title: overlay: mkdir fails if directory exists in lowerdir in a user namespace Status in linux package in Ubuntu: Triaged Status in linux source package in Wily: Triaged Status in linux source package in Xenial: Triaged Bug description: If a directory exists in the lowerdir but not in the mounted overlay, then mkdir of the directory in the target dir results in a mysterious -EPERM. I've seen this both in wily kernel (4.2.0-22-generic #27-Ubuntu) and in a hand-built xenial master-next (with unrelated patches added). ===================================================== #!/bin/sh -ex dir=`mktemp -d` cleanup() { umount -l $dir/t rm -rf $dir } trap cleanup EXIT echo "dir is $dir" mkdir -p $dir/l $dir/u $dir/w $dir/t mkdir $dir/l/dev mount -t overlay -o lowerdir=$dir/l,upperdir=$dir/u,workdir=$dir/w o $dir/t stat $dir/t/dev rmdir $dir/t/dev mkdir $dir/t/dev echo $? echo "mkdir should have succeeded" ===================================================== The above will work on the host, but fail in a user namespace, i.e in a regular lxd container. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1531747/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
