[lxc-devel] Probably more of a user list than a devel lis question but ...
Serge Hallyn
serge.hallyn at ubuntu.com
Wed May 7 19:38:38 UTC 2014
Quoting Michael J Coss (michael.coss at alcatel-lucent.com):
> I've been working on a sysfs FUSE to change what the container sees,
> and I need to get it mounted at the right time, in the right
> location. I run on Gentoo, and the only ebuild available is for
> 0.8.0, so I put together ebuilds for 1.0.3 with the hopes that the
> hooks provided in the 1.0.3 would help me to get my FUSE mounted.
> I've got 1.0.3 installed but I still can't seem to get the FUSE
> mounted at the right time.
>
> The FUSE I created is mostly a pass-thru, but applies a filter so
> that certain files can be omitted from directories, cant be opened,
> etc. But of course, this means that it needs an original to shadow.
> When I started this, it never dawned on me that the host sysfs
> wasn't identical to the container sysfs. This is, of course, wrong.
> Namely, there are some interactions with network, and process
> namespaces that are exposed in sysfs which means that to make my
> FUSE work, I need two steps:
>
> 1) mount a new instance of sysfs within the nework/process namespace
> of the container on some host mount point
Why on a host mount point, out of curiosity?
> 2) mount my pass-thru FUSE on the containers rootfs/sys mirroring
> the newly mounted instance of sysfs
>
> I had hoped that one of the many hook points would provided me with
So how does it go wrong if you use lxc.hook.mount? That happens
in the container's namespace, but before the pivot_root. So
you can access both the host's and container's mounts, though
your mounts won't be propagated to the host mount namespace.
At this point the container rootfs is mounted at
$LXC_ROOTFS_MOUNT, so ${LXC_ROOTFS_MOUNT}/sys will be the
container's sys, for instance.
> the ability to do this but thus far, I haven't found it. Any
> suggestions? I suspect that I could change lxc-start, but I'd
> really rather not do that if I don't have to.
>
> --
> ---Michael J Coss
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list