[Lxc-users] read only rootfs
Justin Cormack
justin at specialbusservice.com
Mon Jun 27 16:20:42 UTC 2011
On Mon, 2011-06-27 at 18:05 +0200, Samuel Maftoul wrote:
>
> I tried several ways to have the rootfs mounted RO.
> First I removed the lxc.rootfs from my config file and the tried:
>
>
> - lxc-start -n vm0 -o /tmp/lxc-vm0.log -l DEBUG -s
> "lxc.mount.entry=/ /var/lib/lxc/vm0/rootfs none ro,bind 0 0"
>
>
> Then I tried:
>
>
> - echo "/ /var/lib/lxc/vm0/rootfs none ro,bind 0 0"
> > /var/lib/lxc/vm0/fstab ;
> lxc-start -n vm0 -o /tmp/lxc-vm0.log -l DEBUG -s "lxc.mount
> = /var/lib/lxc/vm0/fstab"
>
> Finally I tried to boot with lxc.rootfs pointing to the same content,
> but on it's block device, mounted read-only
> The system starts, I have a console, but in the logs I get:
> lxc_conf - ignoring mount point '/var/lib/lxc/vm0/rootfs/lib'
> lxc_conf - ignoring mount point
> '/var/lib/lxc/vm0/rootfs/usr/lib'
>
>
> and of course, If I ls these directories, I have nothing inside.
Bind mounting the root fs is fine, but it will not bind mount file
systems under this, so you will need to add these to your fstab too. It
looks like you have /lib and /usr/lib mounted on separate file systems
and need to bind mount these too?
Justin
More information about the lxc-users
mailing list