[lxc-devel] [PATCH] cgfs: don't mount /sys/fs/cgroup readonly
Christian Seiler
christian at iwakd.de
Fri May 2 21:37:38 UTC 2014
Hi,
> On an ubuntu system, mountall wants /sys/fs/cgroup to be mounted rw.
> So on container startup, mountall will see that /sys/fs/cgroup is ro
> and hang startup (waiting for the user to say whether to skip
> or manually fix) because it's not allowed to remount /sys/fs/cgroup
> rw.
Ouch.
Irrespective of what we do in LXC, perhaps mountall should also be fixed
that if inside a container (env var ${container} set) and /sys/fs/cgroup
is mounted ro, then it should just print a warning but not hang?
(Obviously that doesn't absolve LXC from changing something, since this
will never be backported to arbitrarily old versions of mountall, but I
do think it's better for robustness.)
> Hm. So IIUC lxc would have to (and, you're telling me, now does not)
Currently, it doesn't do that, no, because I saw no reason for it, since
I saw no reason for /sys/fs/cgroup being rw itself until you mentioned
the problem with Ubuntu.
> have the following mounts?
>
>> /sys/fs/cgroup [tmpfs, rw]
>> /sys/fs/cgroup/cpu [tmpfs, ro]
>> /sys/fs/cgroup/cpu/lxc/c1 [bind-mount of host, rw]
Yes, that would be a good solution for that. I still don't like it
aesthetically that /sys/fs/cgroup is rw, but better a workaround than
containers hanging at boot...
I'll post a patch that does that tomorrow. (I could write it easily just
now in 5 minutes, but I do want to test it properly beforehand.)
Regards,
Christian
More information about the lxc-devel
mailing list