Ubuntu
lxc package

  1. Bug #1476662
  2. Comment #63

Comment 63 for bug 1476662

Revision history for this message
Daniel Kraft (daniel-kraft) wrote :

The problem lies in the ubuntu patch

http://archive.ubuntu.com/ubuntu/pool/main/l/lxc/lxc_1.0.7-0ubuntu0.5.debian.tar.gz

where this code

+ size_t start = croot ? strlen(croot) : 0;
+ if (strcmp(ws + start, target + start) != 0) {
+ ERROR("Mount onto %s resulted in %s\n", target, ws);
+ goto out;
+ }

in file 0003-CVE-2015-1335.patch checks if ws and start are the same.
According to the given error (which I forgot to paste above), ws and target ARE different:

lxc-start: utils.c: ensure_not_symlink: 1384 Mount onto /usr/lib/x86_64-linux-gnu/lxc//proc resulted in /usr/lib/x86_64-linux-gnu/lxc/proc

So target is

  /usr/lib/x86_64-linux-gnu/lxc//proc

and ws is

   /usr/lib/x86_64-linux-gnu/lxc/proc

Any hints how we could prevent the double slashing? Or would you just "clean up" the path somehow?