[lxc-users] Cannot unlink/rename over host-level file that has been bind-mounted out of a container

Barry Jaspan barry.jaspan at acquia.com
Mon Dec 8 22:53:23 UTC 2014 

I'm using LXC on Ubuntu 12.04 (Precise) on EC2. I am creating a container
that uses the host's root filesystem. In the lxc config, I am bind-mounting
a different passwd file on top of /etc/passwd:

lxc.mount.entry=/container/passwd etc/passwd none rw,bind 0 0

As expected, /etc/passwd on the host and /etc/passwd in the container are
different inodes:

host# ls -i /etc/passwd
58046 /etc/passwd
host# ls -i /container/passwd
287145 /container/passwd

container# ls -i /etc/passwd
287145 /etc/passwd

What I did not expect is that now it is not possible to unlink /etc/passwd
at the host level (or inside the container, although I don't care about
that):

host# rm /etc/passwd
rm: cannot remove `/etc/passwd': Device or resource busy
host#  chsh -s /bin/false root
chsh: failure while writing changes to /etc/passwd

strace confirms that unlinkat() and rename() are returning EBUSY. (chsh
creates a replacement for /etc/passwd and then rename()'s it into place.)

So, somehow, the fact that the host's /etc/passwd is *not* present in the
container marks its inode as busy. I do not think it is as simple as "an
inode that has been bind-mounted out of a namespace is busy" because a
simple bind-mount test case does not reproduce it:

# echo foo > foo
# touch bar
# mount --bind ./foo ./bar
# cat bar
foo
# touch new
# mv new foo
#

This seems related to http://lwn.net/Articles/570338/. However, in that
article, a file which is bind-mounted into another namespace causes EBUSY
from unlink/rename(). In my case, a file which is *not* bind-mounted into
another namespace is causing EBUSY.

Can someone explain what is going on?

Thanks,

Barry

-- 
Barry Jaspan
Senior Architect | Acquia <http://acquia.com>
barry.jaspan at acquia.com | (c) 617.905.2208 | (w) 781-313-8298

Acquia Dev Cloud: You build killer websites. We do the rest.
<http://www.acquia.com/dev-cloud> <http://acquia.com/dev-cloud>
Acquia ranked #1 Software Vendor on the 2012 Inc 500
<http://www.acquia.com/about-us/newsroom/press-releases/inc-magazine-unveils-31st-annual-list-america-s-fastest-growing>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20141208/72cde676/attachment.html>

More information about the lxc-users mailing list