[lxc-devel] disable container start if lxcfs is not running
Serge Hallyn
serge.hallyn at ubuntu.com
Fri May 8 13:05:18 UTC 2015
Quoting Dietmar Maurer (dietmar at proxmox.com):
> Hi all,
>
> for some unknown reason lxcfs crashed (will try to debug). But after
> that, I am still able to start containers, which now have
> wrong /proc and cgroup mounts.
>
> I wonder if it would be safer to disable container start if
> lxcfs is not running, something like:
Hm, I think this makes sense. The only reason it shouldn't be available
(since the hook is installed with lxcfs, not lxc) is that it's broken -
we should fix that rather than work around it.
Can you resend this with a signed-off-by line? Also add
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
under the Signed-off-by.
thanks,
-serge
> Index: new/share/lxc.mount.hook.in
> ===================================================================
> --- new.orig/share/lxc.mount.hook.in
> +++ new/share/lxc.mount.hook.in
> @@ -15,6 +15,9 @@ if [ -d @LXCFSTARGETDIR@/proc/ ]; then
> [ -e "${LXC_ROOTFS_MOUNT}/proc/$(basename $entry)" ] || continue
> mount -n --bind $entry ${LXC_ROOTFS_MOUNT}/proc/$(basename $entry)
> done
> +else
> + >&2 echo "missing /var/lib/lxcfs/proc/ - lxcfs not running?"
> + exit 1
> fi
>
> # /sys/fs/cgroup files
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list