Ok a more refined reproducer shows that this is an issue triggered by different permissions on the various layers. Although the directory is reported correctly the permissions for each layer are used on that layer to control who can actually see the contents of the directory. If you cannot rx the lower levels you cannot read the directory at all. This is a deliberate design decision.
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1293549 Title: Filesystem mount from lxc template causes filesystem permission breakages Status in juju-core: In Progress Status in lxc containers: Confirmed Status in “linux” package in Ubuntu: Confirmed Status in “postgresql” package in Juju Charms Collection: New Bug description: In juju-core 1.17.5, creating new lxc machines is now much faster as it appears to be using a template machine. In addition, the root filesystem is mounted from the template machine. Unfortunately, this causes filesystem permissions to screw up. juju deploy ubuntu juju ssh ubuntu/0 sudo chown ubuntu:ubuntu /etc/ssl/private ls /etc/ssl/private That final 'ls' fails with a permission denied. This is possibly a security precaution in lxc or the filesystem. This issue breaks the postgresql charm. The PostgreSQL packages require and use the ssl-cert package, which changes /etc/ssl/private to be group readable by the ssl-cert group. The postgres user, a member of the ssl-cert group, is unable to read the private key stored in this directory. To manage notifications about this bug go to: https://bugs.launchpad.net/juju-core/+bug/1293549/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
