[Lxc-users] [systemd-devel] Unable to run systemd in an LXC / cgroup container.
Serge Hallyn
serge.hallyn at canonical.com
Fri Dec 7 13:57:14 UTC 2012
Quoting John (lxc at jelmail.com):
>
> >Quoting Michael H. Warfield (mhw at WittsEnd.com):
> >>You have to add an option to the config file for your systemd
> >>containers.
> >>
> >>lxc.autodev = 1
> >
> I would like to understand a bit more about what this option does
> and learn the correct way of creating devices inside a container.
>
> With autodev, if I understand correctly, LXC creates a 100Kb tmpfs
> for /dev, overmounting any existing /dev. it creates a pts
> subdirectory plus the devices listed in sutuct lxc_devs
> (src/lxc/conf.c) - null, zero, full, urandom, random, tty and
> console.
>
> What do I do if I need more than those devices in /dev? To date, I
> have manually used mknod to create devices during the process of
> creating a rootfs (i.e. I create them beforehand, on the host). I
> see the comment in the source about providing a file, so I guess
> this is being thought about?
>
> I like being able to do things in the main config file, so perhaps
> supporting options like "lxc.dev = name mask type maj min" ?
Yup, in either the commit msg or the RFC email I suggested we would
probably want to add that. I think it's a good idea. I just didn't
do it :) Does someone want to write that patch?
> Also, I can't work out what the autodev option does that allows
> systemd to work ? It's a bit over my head but I'd like to understand
It's because systemd checks whether /dev is a separate filesystem from
/ or not. If it not, then it mounts its own /dev, hiding the console
which lxc has created, which is a unix98 pty which lxc-console will
attach to.
In fact it's more dangerous than that - systemd will (I'm pretty sure)
mount /dev as devtmpfs type, which means it's a shared mount with the
host, so changes made by the container to /dev will be reflected on the
host's /dev.
> if I can. What's the difference between /dev that is on the rootfs
> and a /dev that is created and over-mounted?
Create a fedora 14 container. Look at /dev/console and /dev/tty1 -
/dev/tty4 in container and on the host. They're different.
> systemd inside container = issues so far:
> - creating devices in /dev
> - no vty devices (cannot use lxc-console)
>
> Regards,
> John
>
>
More information about the lxc-users
mailing list