[lxc-devel] Change rootfs pinning mechnism

Stéphane Graber stgraber at ubuntu.com
Fri Sep 13 16:18:29 UTC 2013 

On Fri, Sep 13, 2013 at 05:11:37PM +0100, Christian Seiler wrote:
> Hi there,
> 
> > Concur on the revert.
> >
> > What is really gained by deleting that file?  I agree with the basic
> > idea of moving and renaming that file to hold the mount open but, are 
> > we
> > really that worried that someone will inadvertently delete that file?
> > It shouldn't be a security issue and I don't think I see someone
> > deleting it to be stupid (but then you're still holding it open and 
> > the
> > general case applies).  I'm just not sure what was being accomplished 
> > by
> > the whole delete while held action here.
> 
> I see a consensus forming:
> 
>   - change name to something starting with a dort _inside_ the rootfs
>     (e.g. .lxc-running)
>   - don't delete it immediately
>   - remove it at stop
> 
> Agreed?

Whatever we end up with, please make sure we don't fail if the file
can't be created (read-only rootfs).

I'm not completely sure what a .lxc-running file would gain us since we
already have a unique abstract socket path which is much more reliable
to check if a given container is already running.

It's also not impossible that someone may actually want to run the same
container multiple times, so using the pin to prevent double-start seems
odd and would completely prevent shared rootfs.

I personally think that we shouldn't use the pin as an indication of the
container running at all, but only for its original purpose which is to
have a writable file open on the filesystem in order to prevent a
read-only remount of that fs.

> 
> The only thing I'm not really sure about:
> 
>   - fail if it already exists
>          => let's say one has an LXC running somewhere, the power goes 
> out,
>             no UPS, the host reboots after some time, tries to 
> auto-start the
>             LXC on boot but LXC won't start because .lxc-running 
> exists...
>   - perhaps we could write the pid of the lxc-start process in there, so 
> that
>     it may check whether the container is really running?
> 
> -- Christian

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20130913/0a1fc578/attachment.pgp>

More information about the lxc-devel mailing list