[pkg-lxc-devel] Bug#839843: /usr/bin/lxc-create: Ran rm -rf on an entire filesystem after failing to create a container

Matthew Gabeler-Lee cheetah at fastcat.org
Wed Oct 5 17:25:18 UTC 2016 

Package: lxc
Version: 1:2.0.4-1
Severity: normal
File: /usr/bin/lxc-create

I ran lxc-create to setup an image, and realized I had given it the wrong
arguments (wrong distro version, nothing dramatic), so I stopped it with
Ctrl-C and cleaned up the partial directory it left behind.

Some time later, while in the process of setting up the container created
from using the correct arguments, I noticed many many things going wrong. 
As I started to go WTF, this pops out on the console used for the original
incorrect lxc-create:

lxc-destroy: utils.c: _recursive_rmdir: 170 _recursive_rmdir: failed to delete /scratch
lxc-destroy: lxccontainer.c: container_destroy: 2384 Error destroying rootfs for centos7-32bit-lxc
Container is not defined
exiting...

It ran rm -rf on the ENTIRE FILESYSTEM CONTAINING ALL OF MY LXC IMAGES.

Instead of doing an rm -rf on the container, it tried to do an rm -rf of the
directory in which the container was created, and since it had to be run as
root to create the container, it was pretty $#!%$ successful.

reportbug wants me to quote chapter and verse from the policy manual to mark
this as a serious bug, but "don't rm -rf the entire OS" is so blatantly
obvious that there is no specific policy entry to reference.


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lxc depends on:
ii  init-system-helpers  1.45
ii  libapparmor1         2.10.95-4+b1
ii  libc6                2.24-3
ii  libcap2              1:2.25-1
ii  liblxc1              1:2.0.4-1
ii  libseccomp2          2.3.1-2
ii  libselinux1          2.5-3
ii  python3              3.5.1-4
pn  python3:any          <none>

Versions of packages lxc recommends:
ii  bridge-utils  1.5-9
pn  cgmanager     <none>
pn  debootstrap   <none>
ii  dirmngr       2.1.15-3
ii  dnsmasq-base  2.76-4
ii  gnupg         2.1.15-3
ii  iptables      1.6.0-3
pn  libpam-cgfs   <none>
pn  lxcfs         <none>
ii  openssl       1.0.2j-1
ii  rsync         3.1.1-3
pn  uidmap        <none>

Versions of packages lxc suggests:
pn  apparmor     <none>
ii  btrfs-tools  4.7.3-1
pn  lua5.2       <none>
ii  lvm2         2.02.164-1

-- no debconf information

More information about the Pkg-lxc-devel mailing list