[lxc-devel] [Not A Patch] [POC] Proof of concept code for using devtmpfs for autodev and more...
Michael H. Warfield
mhw at WittsEnd.com
Fri Nov 1 21:44:16 UTC 2013
On Fri, 2013-11-01 at 16:30 -0500, Serge Hallyn wrote:
> Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > On Fri, 2013-11-01 at 15:03 -0500, Serge Hallyn wrote:
> > > Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > > > The only place that's being used is in creating a symlink...
> > > >
> > > > /dev/.lxc/$name -> /dev/.lxc/$pathhash
> > > >
> > > > I use it for the same reason you wanted the extra bind mounts to
> > > > $lxcpath/$lxcname.dev. In your case, you wanted to see the dev mappings
> > >
> > > Oh - gotcha. Well in that case I'd say just create your own unique
> > > $name.$index. that should be enough info.
> >
> > > Oh now unprivileged container creation of course will not be able
> > > to do this as I won't be able to create /dev/.lxc/anything as uid
> > > 1000.
> >
> > Oh, we're going to have to look into that then. We're doing other
> > privileged operations like the bind mounts... Hmmm... It may have to
> bind mounts are ok. we can do this in a private mntns. That's how
> I currently get around our inability to mknod in a userns - I
> bind mount devices from the host into the container's /dev.
Ok... How are you handling the creation of objects under $lxc_path
then? Obviously, I haven't been paying much attention to the unpriv
user angle of things here. Is it like many of the other virt systems
where the user needs to be part of a particular group? Could we do
something similar?
Just thinking out loud here.
> -serge
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20131101/1b270f27/attachment.pgp>
More information about the lxc-devel
mailing list