[Lxc-users] [systemd-devel] Unable to run systemd in an LXC / cgroup container.

Michael H. Warfield mhw at WittsEnd.com
Sun Oct 28 18:06:52 UTC 2012 

On Sun, 2012-10-28 at 18:52 +0100, Serge Hallyn wrote:
> Quoting Michael H. Warfield (mhw at WittsEnd.com):
> > On Sat, 2012-10-27 at 13:51 -0400, Michael H. Warfield wrote:
> > > On Sat, 2012-10-27 at 13:40 -0400, Michael H. Warfield wrote:
> > > > /me erasing everything at this point and taking off the systemd crew,
> > > > since this will have no relevance to them...
> > > > 
> > > > Testing the hook feature out using git rev (finally got it built)...
> > > > 
> > > > I added this line to my config...
> > > > 
> > > > lxc.mount.entry=tmpfs /srv/lxc/private/Plover/dev.tmp tmpfs defaults 0 0
> > > > lxc.hook.mount = /var/lib/lxc/Plover/mount
> > > > 
> > > > In /var/lib/lxc/Plover/mount I have this:
> > > > 
> > > > -- 
> > > > rsync -avAH /srv/lxc/private/Plover/dev.template/. /srv/lxc/private/Plover/dev.tmp/
> > > > -- 
> > > 
> > > > (This is just testing out the concepts.
> > > 
> > > > If I understand this correctly, lxc.hook.pre-mount runs BEFORE the
> > > > mounting takes place and lxc.hook.mount takes place after the mount.
> > > 
> > > > Problem is, the result of that rsync is not showing up in the mounted
> > > > tmpfs file system but is showing up in the underlying parent file system
> > > > as if it were run pre-mount.  Something not right here...
> > 
> > > I changed it to "lxc.hook.start = /srv/lxc/mount" (where I put the
> > > script in the container) which then works but that then requires the
> > > template and the command to be in the container.  Suboptimal to say the
> > > least.  But it gives me a way to test this tmpfs thing out.
> > 
> > > I also noticed that the .start hook runs, it appears, after caps are
> > > dropped and I see a lot of bitching about mknod on certain devices.  I
> > > had to thrown an exit 0 into that script so it would continue in spite
> > > of the errors but, now, I can refine my template based on what it could
> > > create.
> > 
> > Crap.  I've got a catch-22 here...  This is going to take some work.

> Hey,

> I've got a rather minimal patch (appended below) to add the support for
> mounting and populating a minimal /dev working.  (A few hours were wasted
> due to my not knowing that upstart was going to issue mounted-dev even though
> /dev was mounted before upstart started - and the mounted-dev hook deletes
> and recreates all consoles.  GAH)

> > Yes, we can create the /dev directory with tmpfs from a template.
> > Problem is that /dev/pts does not exist at the time we need to mount the
> > devpts on /dev/pts for the pty's so that hurls chunks and dies.  We
> > can't create the /dev/ directory contents prior to mounting in the
> > pre-mount hook because we won't have tmpfs in place at the time.  We
> > have to get tmpfs mounted on /dev and then create /dev/pts and then
> > mount the ptys in there.  There has to be a mkdir in between those two
> > mount actions.  Simplest solution would seem to be to add some logic to
> > the mount logic that says "test if directory exists and, if not, create
> > it."  I'm not sure of the consequences of that, though.
> > 
> > I don't see a way to make this happen with hooks.  It's almost like we
> > need and on-mount per mount hook.

> Should be moot given my patch, which I intend to push this week, but why
> couldn't a lxc.hook.mount do the whole thing, mount /dev and and populate
> it?  I wasn't thinking a lxc.hook.start, for the reasons you encountered,
> but I assume you tried lxc.hook.mount and it failed?

See my other comment about lxc.hook.mount.  I tried using it to
populate /dev but it showed up in the parent of the mount undeneath the
tmpfs mount.  It was like it ran pre-mount.  I tried it for several
different combinations and couldn't get it to go.  Would still have the
problem with mounting /dev/pts which would take place before the mount
hook at run to mount the file system and populate it.  That actually
MIGHT work (gotta think on this now) if I used lxc.hook.pre-mount and
mounted tmpfs over /dev, and populated it but then I run into a problem
where I was using a bind-mount for the rootfs.  Might still work.  I'll
test your patch out first though.

> Patch below:

<snip>

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20121028/d1006bd3/attachment.pgp>

More information about the lxc-users mailing list