[lxc-devel] Systemd creates btrfs subvolume under /var/lib/machines and makes lxc-destroy fail

[Christian Brauner]

Hello,

I test the newest systemd from git on a regular basis by compiling it
and installing it into a container and booting it. I did that with the
several current systemd versions from git for the last couple of weeks.
It seems that in the next version when booting a container with
lxc-start, systemd creates a btrfs subvolume under

    rootfs/var/lib/machines

in every container. This will cause lxc-destroy for unprivileged containers to
fail. (Because subvolumes can currently be created but not destroyed by
unprivileged users.) There either needs to be a way to destroy btrfs subvolumes
for unprivileged user with lxc-destroy or the creation of btrfs subvolumes
during container boot needs to be prevented. Is the second option already
available?

Best,
Christian

From the man page of machinectl:
(http://man7.org/linux/man-pages/man1/machinectl.1.html)
    FILES AND DIRECTORIES         top

           Machine images are preferably stored in /var/lib/machines/, but are
           also searched for in /usr/local/lib/machines/ and /usr/lib/machines/.
           For compatibility reasons the directory /var/lib/container/ is
           searched, too. Note that images stored below /usr are always
           considered read-only. It is possible to symlink machines images from
           other directories into /var/lib/machines/ to make them available for
           control with machinectl.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20150215/85709f1c/attachment.sig>