[lxc-devel] [Devel] Re: LXC container, unmounting unneeded mount points (from the container namespace)

[Michael Holzt]

> I should now mention that I've been digging into it further and found
> that I can not reproduce this on a second, similar, system I'm testing
> on at this point.

On my system /dev/shm is mounted as well, but umount works as intended. So
it would be really interesting to see what is wrong on your system. Is there
any chance that i could ssh into it and debug the issue? Or maybe it can
be reproduced by cloning the installation (stripped of private data)?

> IAC, there should be some way to force the container to start, for
> diagnostic purposes, in a case like this, without modifying the sources.

Ok.

> Having the old root directory still there isn't fatal to run the
> container, particularly in a test system, even though highly undesirable
> in a production VM.

Oh, i think it is fatal, as it allows root in the container to modify the
host fs. As this is against the security goal, the container should never
start in this case, at least unless told so.


Regards,
Michael

-- 
It's an insane world, but i'm proud to be a part of it. -- Bill Hicks