[Lxc-users] Lucid host & container - ignored fstab?

Roman Yepishev roman.yepishev at yandex.ua
Sat Apr 10 08:55:54 UTC 2010


Hello all,

I am trying to use LXC to run Ubuntu Lucid Lynx containers on Lucid Lynx
hosts. I have succeeded in configuring the container properly so it
starts, connects to the network etc.

However, as described in [1], my container can remount the /srv
partition read-only. I tried to fix it using the fstab entry that was
given at [1] but in the end mount gives:

rtg at lemon:~$ mount
/dev/mapper/fridge-srv on / type ext4 (rw)
...

"Ok, it might not work", I thought.

However, after some time I decided to bind-mount /var/cache/apt to
container's /var/cache/apt and now my fstab is:

/srv/vm/lxc/lemon/rootfs /srv/vm/lxc/rootfs none bind 0 0
/var/cache/apt    /srv/vm/lxc/lemon/rootfs/var/cache/apt none bind 0 0

During startup the debug output has the following lines: 
lxc-start 1270888370.767 DEBUG    lxc_conf - mounted /srv/vm/lxc/lemon/rootfs on /srv/vm/lxc/rootfs, type none
lxc-start 1270888370.767 DEBUG    lxc_conf - mounted /var/cache/apt on /srv/vm/lxc/lemon/rootfs/var/cache/apt, type none

So I guess it does mount something, however later on I see the
following: 
lxc-start 1270888370.773 DEBUG    lxc_conf - umounted '/lxc-oldrootfs-ib3iB1/srv/vm/lxc/lemon/rootfs/var/cache/apt'

I am not quite sure it should umount that directory, but here's how my
mount looks when the system is booted: 
rtg at lemon:/var/cache/apt$ mount
/dev/mapper/fridge-srv on / type ext4 (rw)
none on /proc type proc (rw,noexec,nosuid,nodev)
none on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /dev/console type devpts (rw,noexec,nosuid,relatime,gid=5,mode=620,ptmxmode=000)
none on /dev/tty1 type devpts (rw,noexec,nosuid,relatime,gid=5,mode=620,ptmxmode=000)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
none on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
none on /dev/shm type tmpfs (rw,nosuid,nodev)
none on /var/run type tmpfs (rw,nosuid,mode=0755)
none on /var/lock type tmpfs (rw,noexec,nosuid,nodev)
none on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)

Is there anything wrong with my set up? It looks like my first attempt
to protect /srv fails due to the same issue - bind mounts do not work in
the container for me.

I am using the version of lxc userspace tools that is bundled with Lucid
Lynx, 0.6.5-1 on 2.6.32-19-server kernel.

[1] http://www.mail-archive.com/lxc-devel@lists.sourceforge.net/msg00126.html

-- 
Roman Yepishev <roman.yepishev at yandex.ua>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20100410/f5442a84/attachment.pgp>


More information about the lxc-users mailing list