[Lxc-users] version 0.8.0 coming soon

Ramez Hanna rhanna at informatiq.org
Tue Feb 28 21:50:03 UTC 2012 

On Tue, Feb 28, 2012 at 5:13 PM, Serge Hallyn
<serge.hallyn at canonical.com> wrote:
> Quoting Papp Tamas (tompos at martos.bme.hu):
>> On 02/28/2012 01:20 AM, Serge Hallyn wrote:
>> > Quoting Daniel Lezcano (daniel.lezcano at free.fr):
>> >> Hi all,
>> >>
>> >> I will release a 0.8.0-rc1. I am looking for volunteer to test it :)
>> > Worked fine for me.  Tested create and clone of ubuntu, ubuntu and
>> > ubuntu-cloud images, with dir and lvm backing stores.  (And a run
>> > of lp:~serge-hallyn/+junk/lxc-test)
>> >
>> > Note, because upstream kernel didn't much care about the
>> > 'mount -o remount,ro /' problem, I'm going to patch lxc to
>> > pin open a '${rootfs}.hold' file, as long as the container
>> > is running.  That will prevent the underlying fs from being
>> > remounted ro.  (see
>> > https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/942325 for
>> > details).  That'll buy us some time to find a better solution
>> > in the kernel.
>> >
>> >
>>
>> Why can a container change mount options outside of its rootfs?
>> Sorry for the stupid question:)
>
> It's not a stupid question at all.
>
> The container isn't changing mount options outside of its rootfs.  THere
> are two places an fs can be marked readonly - in the mount itself, and in
> the superblock.  When you make a bind mount, you are creating more mounts
> (vfsmounts) using the same superblcok.
>
> If you do
>
>        mount --bind / / # not needed in container bc it's already been done
>        mount --bind -o remount,ro /
>
> then you are setting the reasonly flag on the mount itself.  If you just do
>
>        mount -o remount,ro /
>
> then you are setting the reasonly flag on the superblock, which will
> force all other mounts of that superblcok to also be readonly.
>
> Right now there is no way to prevent a container from doing that.  I sent
> a patch to make the devices cgroup be consulted on that, so that it could
> reteurn -EPERM.  That was refused.  The two other options I'm considering
> (and it wouldn't hurt ot have both) are 1. to pass the  remoutn flags to the
> LSM (selinux or apparmor or smack) so that it can deny permission.  Right
> now it can't do that (except for all-or-nothing check on remount).  And 2.
> to make it so that after doing
>
>        mount --bind / /
>        mount --bind -o remount,ro /
>        mount --bind -o remount,rw /
>
> any subsequent
>
>        mount -o remount,rw /
>
> would be refused (or automatically done only at the mount level).  I don't
> think that should be hard to do at fs/namespace.c:do_remount().
>
> -serge
>
> ------------------------------------------------------------------------------
> Keep Your Developer Skills Current with LearnDevNow!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-d2d
> _______________________________________________
> Lxc-users mailing list
> Lxc-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-users

tested it on f16
ubuntu container from older version still works
cleaning up of nested cgroups now works and no need for me to manually
rmdir all cgroups
f16 container starts (with some issues as before)
f14 works


-- 
BR
RH
http://informatiq.org

More information about the lxc-users mailing list