[lxc-devel] [Not A Patch] [POC] Proof of concept code for using devtmpfs for autodev and more...

Michael H. Warfield mhw at WittsEnd.com
Fri Nov 1 21:44:16 UTC 2013


On Fri, 2013-11-01 at 16:30 -0500, Serge Hallyn wrote: 
> Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > On Fri, 2013-11-01 at 15:03 -0500, Serge Hallyn wrote: 
> > > Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > > > The only place that's being used is in creating a symlink...
> > > > 
> > > > /dev/.lxc/$name -> /dev/.lxc/$pathhash
> > > > 
> > > > I use it for the same reason you wanted the extra bind mounts to
> > > > $lxcpath/$lxcname.dev.  In your case, you wanted to see the dev mappings
> > > 
> > > Oh - gotcha.  Well in that case I'd say just create your own unique
> > > $name.$index.  that should be enough info.
> > 
> > > Oh now unprivileged container creation of course will not be able
> > > to do this as I won't be able to create /dev/.lxc/anything as uid
> > > 1000.
> > 
> > Oh, we're going to have to look into that then.  We're doing other
> > privileged operations like the bind mounts...  Hmmm...  It may have to

> bind mounts are ok.  we can do this in a private mntns.  That's how
> I currently get around our inability to mknod in a userns - I
> bind mount devices from the host into the container's /dev.

Ok...  How are you handling the creation of objects under $lxc_path
then?  Obviously, I haven't been paying much attention to the unpriv
user angle of things here.  Is it like many of the other virt systems
where the user needs to be part of a particular group?  Could we do
something similar?

Just thinking out loud here.

> -serge

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20131101/1b270f27/attachment.pgp>


More information about the lxc-devel mailing list