Package: lxc Version: 1:1.0.6-2 Severity: normal Tags: patch The helper utility lxc-user-nic has to be installed SETUID root in order to work correctly for unpriviledged containers. The upstream build system does that correctly but the SETUID bit gets swallowed by dh_fixperms. Attached is a patch that fixed the situation for me.
-- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (650, 'testing'), (600, 'unstable'), (500, 'testing-updates') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages lxc depends on: ii init-system-helpers 1.21 ii libapparmor1 2.8.0-8 ii libc6 2.19-11 ii libcap2 1:2.24-6 ii libseccomp2 2.1.1-1 ii libselinux1 2.3-2 ii multiarch-support 2.19-11 ii python3 3.4.1-1 Versions of packages lxc recommends: ii debootstrap 1.0.63 ii openssl 1.0.1i-2 ii rsync 3.1.1-2 Versions of packages lxc suggests: ii lua5.2 5.2.3-1 -- no debconf information
diff -ur lxc-1.0.6/debian/changelog lxc-1.0.6-mine/debian/changelog diff -ur lxc-1.0.6/debian/rules lxc-1.0.6-mine/debian/rules --- lxc-1.0.6/debian/rules 2014-09-29 12:29:17.000000000 +0200 +++ lxc-1.0.6-mine/debian/rules 2014-10-11 01:35:50.375185223 +0200 @@ -62,3 +62,7 @@ override_dh_strip: dh_strip --dbg-package=lxc-dbg + +override_dh_fixperms: + dh_fixperms + chmod 4755 debian/lxc/usr/lib/$(DEB_HOST_MULTIARCH)/lxc/lxc-user-nic
