<div dir="ltr"><font face="georgia, serif">Hi All,</font><div><font face="georgia, serif">I want to spawn an unprivileged LXC container with container rootfs as squashfs filetype. </font></div><div><font face="georgia, serif">(goal is to have container rootfs as compressed and read-only) <br></font></div><div><font face="georgia, serif"><br></font></div><div><font face="georgia, serif">1. Created a squashfs file out of container's rootfs using the below command:</font></div><div><b><font face="georgia, serif">mksquashfs rootfs rootfs.squashfs</font></b></div><div><font face="georgia, serif"> 2. Changed the rootfs path in the container config to refer to this newly created rootfs.squashfs file</font></div><div><font face="georgia, serif">please find attached container config file</font></div><div><font face="georgia, serif"><br></font></div><div><font face="georgia, serif">LXC is giving the below error while starting the unprivileged container</font></div><div><font face="georgia, serif"><br></font></div><div><p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif">lxc-start 20180817025351.739 ERROR
lxc_conf - conf.c:setup_rootfs:1220 - Failed to mount rootfs
"/home/oxpd/.local/share/lxc/spawn_squashfs_rootfs/rootfs.squashfs"
onto "/usr/lib/x86_64-linux-gnu/lxc" with options "(null)".</font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"> lxc-start 20180817025351.739
ERROR lxc_conf - conf.c:do_rootfs_setup:3899 - failed to
setup rootfs for 'spawn_squashfs_rootfs'</font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"> lxc-start 20180817025351.739
ERROR lxc_conf - conf.c:lxc_setup:3981 - Error setting up
rootfs mount after spawn</font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"> lxc-start 20180817025351.739
ERROR lxc_start - start.c:do_start:811 - Failed to setup
container "spawn_squashfs_rootfs".</font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"> lxc-start 20180817025351.739
ERROR lxc_sync - sync.c:__sync_wait:57 - An error occurred in
another process (expected sequence number 3)</font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"> lxc-start 20180817025351.739
ERROR lxc_start - start.c:__lxc_start:1358 - Failed to spawn
container "spawn_squashfs_rootfs".</font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"> lxc-start 20180817025356.796
ERROR lxc_start_ui - tools/lxc_start.c:main:366 - The
container failed to start.</font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"> lxc-start 20180817025356.796
ERROR lxc_start_ui - tools/lxc_start.c:main:368 - To get more
details, run the container in foreground mode.</font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"> lxc-start 20180817025356.796
ERROR lxc_start_ui - tools/lxc_start.c:main:370 - Additional
information can be obtained by setting the --logfile and --logpriority options.</font></p></div><div><b><font face="georgia, serif"><br></font></b></div><div><p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span lang="EN-GB" style=""><font face="georgia, serif">Since lxc was not able to mount squashed rootfs
filetype, I tried the following steps</font></span></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span lang="EN-GB" style=""><font face="georgia, serif"> </font></span></p><ol style="margin-top:0in;margin-bottom:0in" start="1" type="1">
<li class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span lang="EN-GB" style=""><font face="georgia, serif">Created empty rootfs directory</font></span></li>
<li class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span lang="EN-GB" style=""><font face="georgia, serif">Mounted rootfs.squashfs to rootfs directory
created in step# 1 ( <b>sudo mount -o loop -t squashfs
rootfs.squashfs rootfs </b>)</font></span></li>
<li class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span lang="EN-GB" style=""><font face="georgia, serif">Verified the new rootfs directory is read-only</font></span></li>
<li class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span lang="EN-GB" style=""><font face="georgia, serif">Started container with this new rootfs read-only
directory and it worked fine</font></span></li><li class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span style="font-size:14.6667px"><font face="georgia, serif">Verified that rootfs inside the container also is read-only.</font></span></li>
</ol>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span lang="EN-GB" style=""><font face="georgia, serif"> </font></span></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><b><span lang="EN-GB" style=""><font face="georgia, serif"> is it the right way of doing ?? or if there is any other way in which LXC can directly work with squashfs filetype, please provide help</font></span></b></p><p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><b><span lang="EN-GB" style=""><font face="georgia, serif"><br></font></span></b></p><p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><b><font face="georgia, serif">Thanks & Regards,</font></b></p><p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><b><font face="georgia, serif">Yasoda</font></b></p><p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><b><font face="georgia, serif">HP Inc</font></b></p><p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"><br></font></p><p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><font face="georgia, serif"><br></font></p>
<p class="MsoNormal" style="margin:0in 0in 0.0001pt;font-size:11pt"><span lang="EN-GB" style=""><font face="georgia, serif"> </font></span></p></div></div>