Snappy

snapd testsuite fails when run inside an lxd container

Bug #1638656 reported by Jamie Strandboge
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Snappy
Fix Released
Undecided
Unassigned

Bug Description

On an Ubuntu 16.04 system:

$ sudo apt-get install lxd (this gets lxd 2.0.5)
$ newgrp lxd
$ lxc init
$ sudo lxd init (accept all defaults)
$ lxc launch ubuntu:16.04 sd
$ lxc exec sd -- sudo -H -u ubuntu -i sh -c 'script /dev/null'
$ sudo apt-get install git golang
$ export GOPATH=${HOME}/work
$ mkdir $GOPATH
$ export PATH="$PATH:$GOPATH/bin"
$ go get -d -v github.com/snapcore/snapd/...
$ go get -u github.com/kardianos/govendor
$ cd $GOPATH/src/github.com/snapcore/snapd
$ govendor sync
$ go build -v github.com/snapcore/snapd/... && go test -v github.com/snapcore/snapd/client
...
FAIL: login_test.go:34: clientSuite.TestClientLogin

login_test.go:47:
    c.Check(err, check.IsNil)
... value *errors.errorString = &errors.errorString{s:"cannot persist login information: chown /tmp/check-6501085192752421740/83/json.qh6N5jVqT6JT: operation not permitted"} ("cannot persist login information: chown /tmp/check-6501085192752421740/83/json.qh6N5jVqT6JT: operation not permitted")

login_test.go:51:
    c.Check(user, check.DeepEquals, &client.User{
        Username: "the-user-name",
        Macaroon: "the-root-macaroon",
        Discharges: []string{"discharge-macaroon"}})
... obtained *client.User = (*client.User)(nil)
... expected *client.User = &client.User{ID:0, Username:"the-user-name", Email:"", Macaroon:"the-root-macaroon", Discharges:[]string{"discharge-macaroon"}}

login_test.go:53:
    c.Assert(cs.cli.LoggedIn(), check.Equals, true)
... obtained bool = false
... expected bool = true

----------------------------------------------------------------------
FAIL: client_test.go:137: clientSuite.TestClientSetsAuthorization

client_test.go:146:
    c.Assert(err, IsNil)
... value *os.PathError = &os.PathError{Op:"chown", Path:"/tmp/check-6501085192752421740/136/json.pbd1CK99CXs6", Err:0x1} ("chown /tmp/check-6501085192752421740/136/json.pbd1CK99CXs6: operation not permitted")

----------------------------------------------------------------------
FAIL: login_test.go:117: clientSuite.TestReadAuthData

login_test.go:127:
    c.Assert(err, check.IsNil)
... value *os.PathError = &os.PathError{Op:"chown", Path:"/tmp/check-6501085192752421740/157/json.hswY3ThgFLKC", Err:0x1} ("chown /tmp/check-6501085192752421740/157/json.hswY3ThgFLKC: operation not permitted")

----------------------------------------------------------------------
FAIL: login_test.go:99: clientSuite.TestWriteAuthData

login_test.go:109:
    c.Assert(err, check.IsNil)
... value *os.PathError = &os.PathError{Op:"chown", Path:"/tmp/check-6501085192752421740/168/json.wYtR60S5LGn3", Err:0x1} ("chown /tmp/check-6501085192752421740/168/json.wYtR60S5LGn3: operation not permitted")

OOPS: 76 passed, 4 FAILED
--- FAIL: Test (0.19s)
FAIL
exit status 1
FAIL github.com/snapcore/snapd/client 0.240s

Notes:
- this fails with both the lxd from the archive and the lxd snap
- using 'lxc config set sd security.privileged true' and restarting the container makes no difference
- 'dmesg|grep audit|grep -v STATUS' shows no apparmor or seccomp denials

See original description
Jamie Strandboge (jdstrand)
description: updated
description: updated
Revision history for this message
Michael Vogt (mvo) wrote :

This should be fixed with https://github.com/snapcore/snapd/pull/2283

The "sudo -H -u ubuntu -i sh" is the culprit of the bug, lxd is fine.

Changed in snappy:
status: New → In Progress
Jamie Strandboge (jdstrand)
Changed in snappy:
status: In Progress → Fix Committed
Michael Vogt (mvo)
Changed in snappy:
status: Fix Committed → Fix Released
Jean-Baptiste Lallement (jibel)
no longer affects: snapd (Ubuntu)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.