[lxc-users] lxc-execute with read-only rootfs

Antonin Bas antoninb at stanford.edu
Thu Dec 19 01:51:43 UTC 2013


Hi,

I guess that could do it. But I don't understand while it would not be
possible to have a read-only rootfs (i.e. is what I am seeing the
expected behaviour?).
What would the configuration look like if I decided to use overlayfs?
Is it easy to use with lxc-execute? Because I just want to run an
application, and I don't want to pay the overhead of
lxc-start-ephemeral.

Thanks,

Antonin

2013/12/18 Cal Leeming [Simplicity Media Ltd]
<cal.leeming at simplicitymedialtd.co.uk>:
> Would it not be better to use a stacked file system, such as overlayfs or
> aufs, then discard the changes?
>
> Cal
>
>
> On Thu, Dec 19, 2013 at 12:49 AM, Antonin Bas <antoninb at stanford.edu> wrote:
>>
>> Hi,
>>
>> I am trying to run an application container with lxc-execute. I am
>> going to run "untrusted" student codes in this container and I want
>> the root file system to be shared with the host but read-only. I
>> thought this would be as easy as using the following configuration
>> file:
>>
>> # Container with new network withtout network devices
>> lxc.utsname = omega
>> lxc.network.type = empty
>> lxc.network.flags = up
>>
>> lxc.rootfs = /tmp/guest/rootfs
>> lxc.mount.entry=/ /tmp/guest/rootfs/ none ro,bind 0 0
>>
>> However, when I run `sudo lxc-execute -n test -f grader.conf
>> --logpriority=DEBUG -- /bin/bash`, I get the following message:
>>
>> lxc-execute: Read-only file system - error unlinking
>> /usr/lib/x86_64-linux-gnu/lxc/dev/kmsg
>>
>> lxc-execute: failed to setup kmsg for 'test'
>> lxc-execute: Read-only file system - failed to create directory
>> '/usr/lib/x86_64-linux-gnu/lxc/lxc_putold'
>>
>> lxc-execute: Read-only file system - failed to create pivotdir
>> '/usr/lib/x86_64-linux-gnu/lxc/lxc_putold'
>> lxc-execute: failed to setup pivot root
>> lxc-execute: failed to set rootfs for 'test'
>> lxc-execute: failed to setup the container
>> lxc-execute: invalid sequence number 1. expected 2
>> lxc-execute: failed to spawn 'test'
>>
>>
>> Is it possible to have some insight on what the problem is here?
>> I am using Ubuntu 13.10, and my lxc is the one from the official repo
>> (1.0.0.alpha1).
>>
>> Thanks you in advance for your help,
>>
>> Antonin
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users


More information about the lxc-users mailing list