[lxc-devel] The view of bind-mounts from inside lxc containers
Eytan Heidingsfeld
eytanh at gmail.com
Sun Nov 4 13:48:16 UTC 2018
Hello,
I know this isn't lxc-specific but it is happening to me when using lxc.
I'm using kubernetes/docker style bind-mounting of resolv.conf from the
host into the rootfs of the container to ensure it stays up to date
(instead of overriding the file manually on start or setting the parameters
manually).
The problem is that inside the lxc container /proc/mounts has line like:
/dev/sda1 /etc/resolv.conf from the bind mount and this causes some of the
init/halt scripts to try and access /dev/sda1 and fail.
I know this is not a security concern as the container is running
unprivileged and doesn't have access to the root or it's devices, but it
does cause some annoying errors.
Does anyone have any similar use-cases of bind-mounts showing up in
/proc/mounts and have any good solutions?
I was looking at lxcfs and thinking maybe to add code to handle this there,
any thoughts?
Thanks,
Eytan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20181104/a16a6c0a/attachment.html>
More information about the lxc-devel
mailing list