[pkg-lxc-devel] Bug#839843: /usr/bin/lxc-create: Ran rm -rf on an entire filesystem after failing to create a container

Christian Brauner christian.brauner at canonical.com
Fri Oct 28 23:37:05 UTC 2016 

On Sat, Oct 29, 2016 at 12:38:40AM +0200, Christian Brauner wrote:
> On Wed, 05 Oct 2016 13:25:18 -0400 Matthew Gabeler-Lee
> <cheetah at fastcat.org> wrote:
> > Package: lxc
> > Version: 1:2.0.4-1
> > Severity: normal
> > File: /usr/bin/lxc-create
> >
> > I ran lxc-create to setup an image, and realized I had given it the wrong
> > arguments (wrong distro version, nothing dramatic), so I stopped it with
> > Ctrl-C and cleaned up the partial directory it left behind.
> >
> > Some time later, while in the process of setting up the container created
> > from using the correct arguments, I noticed many many things going wrong.
> > As I started to go WTF, this pops out on the console used for the original
> > incorrect lxc-create:
> >
> > lxc-destroy: utils.c: _recursive_rmdir: 170 _recursive_rmdir: failed to delete /scratch
> > lxc-destroy: lxccontainer.c: container_destroy: 2384 Error destroying rootfs for centos7-32bit-lxc
> > Container is not defined
> > exiting...
> >
> > It ran rm -rf on the ENTIRE FILESYSTEM CONTAINING ALL OF MY LXC IMAGES.
> >
> > Instead of doing an rm -rf on the container, it tried to do an rm -rf of the
> > directory in which the container was created, and since it had to be run as
> > root to create the container, it was pretty $#!%$ successful.
> >
> > reportbug wants me to quote chapter and verse from the policy manual to mark
> > this as a serious bug, but "don't rm -rf the entire OS" is so blatantly
> > obvious that there is no specific policy entry to reference.
> >
> >
> > -- System Information:
> > Debian Release: stretch/sid
> >   APT prefers testing
> >   APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
> > Architecture: amd64 (x86_64)
> > Foreign Architectures: i386
> >
> > Kernel: Linux 4.7.0-1-amd64 (SMP w/8 CPU cores)
> > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> > Shell: /bin/sh linked to /bin/dash
> > Init: systemd (via /run/systemd/system)
> >
> > Versions of packages lxc depends on:
> > ii  init-system-helpers  1.45
> > ii  libapparmor1         2.10.95-4+b1
> > ii  libc6                2.24-3
> > ii  libcap2              1:2.25-1
> > ii  liblxc1              1:2.0.4-1
> > ii  libseccomp2          2.3.1-2
> > ii  libselinux1          2.5-3
> > ii  python3              3.5.1-4
> > pn  python3:any          <none>
> >
> > Versions of packages lxc recommends:
> > ii  bridge-utils  1.5-9
> > pn  cgmanager     <none>
> > pn  debootstrap   <none>
> > ii  dirmngr       2.1.15-3
> > ii  dnsmasq-base  2.76-4
> > ii  gnupg         2.1.15-3
> 
> Hi,
> 
> Can you please specify the exact commands you used to create the container,
> and the commands you used to clean up the partial directory. The
> partial directory
> should usually be cleaned up by LXC itself. So I'm wondering if this
> has anything
> to do with it. If it's not too much trouble, could you also file a bug against
> https://github.com/lxc/lxc and link in this one here?
> 
> Christian

On second look, there is something that confuses me about this bug report:
You said that you ran lxc-create and then Ctrl+Ced it and then:

> > As I started to go WTF, this pops out on the console used for the original
> > incorrect lxc-create:
> >
> > lxc-destroy: utils.c: _recursive_rmdir: 170 _recursive_rmdir: failed to delete /scratch
> > lxc-destroy: lxccontainer.c: container_destroy: 2384 Error destroying rootfs for centos7-32bit-lxc
> > Container is not defined
> > exiting...

This confuses me as the output can only come from running lxc-destroy. So you
must have called the lxc-destroy command. lxc-create would not cause this error
message to be printed. Again, to have any idea of what could possibly cause this
we need to know the exact commands you used.

Christian

More information about the Pkg-lxc-devel mailing list