I don't quite get the point underlying Serge's preceding comment, so I'll describe the problem I'm experiencing with lxc and see whether Serge classifies it as a bug.
On an ubuntu-vivid (amd64) host, create an unprivileged vivid container named 'vivid',
lxc-create -n vivid -t download -- -d ubuntu -r vivid -a amd64
Start and attach to the container and create foo/bar.txt . Stop the container.
Then form a second container named vivid_overlay,
lxc-clone -s -B overlayfs vivid vivid_overlay
Start and attach to vivid_overlay.
Delete bar.txt (this should succeed).
Attempt to delete foo. I get "Operation not permitted", even as root in the container.
The same issue arises if I replace the overlay container with an ephemeral container,
lxc-start-ephemeral -o vivid -n vivid_ephemeral
I don't quite get the point underlying Serge's preceding comment, so I'll describe the problem I'm experiencing with lxc and see whether Serge classifies it as a bug.
On an ubuntu-vivid (amd64) host, create an unprivileged vivid container named 'vivid',
lxc-create -n vivid -t download -- -d ubuntu -r vivid -a amd64
Start and attach to the container and create foo/bar.txt . Stop the container.
Then form a second container named vivid_overlay,
lxc-clone -s -B overlayfs vivid vivid_overlay
Start and attach to vivid_overlay.
Delete bar.txt (this should succeed).
Attempt to delete foo. I get "Operation not permitted", even as root in the container.
The same issue arises if I replace the overlay container with an ephemeral container, start-ephemeral -o vivid -n vivid_ephemeral
lxc-