[Lxc-users] [PATCH] Re: read only rootfs
Michael H. Warfield
mhw at WittsEnd.com
Tue Jul 19 14:07:30 UTC 2011
On Tue, 2011-07-19 at 09:55 -0400, Michael H. Warfield wrote:
> On Mon, 2011-07-18 at 07:31 -0500, Serge E. Hallyn wrote:
> > Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > > Unfortunately, I also still find that if there's a -o remount,ro in the
> > > halt/reboot script, it still sets /dev/pts to ro and that still
> > > propagates to the host and to the other containers triggering random
> >
> > Wow.
> >
> > Did a quick grep; is there any reason why lxc-start doesn't turn on
> > MS_SLAVE for the client's root? Something like:
> >
> > From 7fbc3ec940403605c53b253d8630c3f47fad154c Mon Sep 17 00:00:00 2001
> > From: Serge Hallyn <serge.hallyn at ubuntu.com>
> > Date: Mon, 18 Jul 2011 07:29:57 -0500
> > Subject: [PATCH 1/1] (untested) turn container rootfs into MS_SLAVE
> >
> > Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> > ---
> > src/lxc/conf.c | 5 +++++
> > 1 files changed, 5 insertions(+), 0 deletions(-)
> >
> > diff --git a/src/lxc/conf.c b/src/lxc/conf.c
> > index 2eb598b..d36fe47 100644
> > --- a/src/lxc/conf.c
> > +++ b/src/lxc/conf.c
> > @@ -732,6 +732,11 @@ static int setup_rootfs(const struct lxc_rootfs *rootfs)
> > return -1;
> > }
> >
> > + if (mount(rootfs->path, rootfs->path, "none", MS_SLAVE, 0)) {
> > + ERROR("failed to turn child rootfs into slave");
> > + return -1;
> > + }
> > +
> > DEBUG("mounted '%s' on '%s'", rootfs->path, rootfs->mount);
> >
> > return 0;
> > --
> > 1.7.4.1
>
> Problem...
>
> lxc-start 1311083210.678 ERROR lxc_conf - failed to turn child rootfs into slave
> lxc-start 1311083210.678 ERROR lxc_conf - failed to setup rootfs for 'Alcove'
> lxc-start 1311083210.678 ERROR lxc_start - failed to setup the container
> lxc-start 1311083210.679 ERROR lxc_sync - invalid sequence number 1. expected 2
> lxc-start 1311083210.679 ERROR lxc_start - failed to spawn 'Alcove'
>
>
> This may be do to the way I have my rootfs set up. Mine are bind mounts
> from a private area to the common mount point. I've noticed that inside
> the containers, I see my root file system show up twice like this (over
> on one of my production machines):
Or, maybe not. Tried specifying the private directory as the rootfs
mount point directly and still got the same error, no bind mount in
fstab involved. :-P
Mike
<Snip>
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110719/31920ee2/attachment.pgp>
More information about the lxc-users
mailing list