https://bugzilla.redhat.com/show_bug.cgi?id=1096123
Bug ID: 1096123
Summary: useradd within EL6 container fails: failure while
writing changes to /etc/passwd
Product: Fedora
Version: 20
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: dcleal(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: admiller(a)redhat.com, golang(a)lists.fedoraproject.org,
lsm5(a)redhat.com, mattdm(a)redhat.com,
mgoldman(a)redhat.com, s(a)shk.io, vbatts(a)redhat.com
Description of problem:
Between docker-io-0.10.0-2.fc20 and docker-io-0.11.1-1.fc20, the following has
started failing:
$ docker run -t centos /usr/sbin/useradd test
useradd: failure while writing changes to /etc/passwd
'centos' is the official CentOS 6 image (0b443ba03958).
The Fedora 20 host has SELinux enforcing, and the same issue occurs when set to
permissive. No AVCs are seen.
Version-Release number of selected component (if applicable):
docker-io-0.11.1-1.fc20.x86_64
kernel-3.14.2-200.fc20.x86_64
How reproducible:
Always
Steps to Reproduce:
1. docker pull centos
2. docker run -t centos /usr/sbin/useradd test
Actual results:
useradd: failure while writing changes to /etc/passwd
Expected results:
no output
Additional info:
On 0.10.0, an strace of useradd shows:
open("/etc/group", O_RDONLY|O_CLOEXEC) = 11
fstat(11, {st_mode=S_IFREG|0644, st_size=379, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7feb5efe5000
read(11, "root:x:0:\nbin:x:1:bin,daemon\ndae"..., 4096) = 379
close(11) = 0
munmap(0x7feb5efe5000, 4096) = 0
fchown(10, 500, 12) = 0
fchmod(10, 0660) = 0
fsync(10) = 0
close(10) = 0
fstat(6, {st_mode=S_IFREG|0644, st_size=670, ...}) = 0
gettid() = 14
open("/proc/self/task/14/attr/fscreate", O_RDONLY) = 10
read(10, "", 4095) = 0
close(10) = 0
gettid() = 14
open("/proc/self/task/14/attr/fscreate", O_RDWR) = 10
write(10, "system_u:object_r:file_t:s0\0", 28) = 28
close(10) = 0
fstat(6, {st_mode=S_IFREG|0644, st_size=670, ...}) = 0
umask(077) = 022
open("/etc/passwd-", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 10
umask(022) = 077
lseek(6, 0, SEEK_SET) = 0
read(6, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 670
fstat(10, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7feb5efe5000
read(6, "", 4096) = 0
write(10, "root:x:0:0:root:/root:/bin/bash\n"..., 670) = 670
While on 0.11.1, strace shows:
open("/etc/group", O_RDONLY|O_CLOEXEC) = 10
fstat(10, {st_mode=S_IFREG|0644, st_size=379, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f2905a38000
read(10, "root:x:0:\nbin:x:1:bin,daemon\ndae"..., 4096) = 379
close(10) = 0
munmap(0x7f2905a38000, 4096) = 0
fchown(9, 500, 12) = 0
fchmod(9, 0660) = 0
fsync(9) = 0
close(9) = 0
fstat(5, {st_mode=S_IFREG|0644, st_size=675, ...}) = 0
gettid() = 30
open("/proc/self/task/30/attr/fscreate", O_RDONLY) = 9
read(9, "", 4095) = 0
close(9) = 0
gettid() = 30
open("/proc/self/task/30/attr/fscreate", O_RDWR) = -1 EROFS (Read-only file
system)
write(2, "useradd: failure while writing c"..., 54useradd: failure while
writing changes to /etc/passwd
) = 54
--
You are receiving this mail because:
You are on the CC list for the bug.