[lxc-users] Can LVM be used in an LXC container?
Jeremiah Snapp
jeremiah.snapp at gmail.com
Thu Jan 16 19:06:20 UTC 2014
Thanks again. Is there a good place to look for an explanation of the
settings you gave me before?
lxc.cgroup.devices.allow = c 10:236 rwm
lxc.cgroup.devices.allow = b 252:* rwm
On Thu, Jan 16, 2014 at 2:02 PM, Serge Hallyn <serge.hallyn at ubuntu.com>wrote:
> Quoting Jeremiah Snapp (jeremiah.snapp at gmail.com):
> > Thanks Serge! I actually just found out in IRC that further in my
> config I
> > was denying access. Once I allowed access it works fine.
> >
> > Yours is the second warning I've received about using LVM in a container.
> > I don't know the details of the concern but can you tell me if it would
> > require human error to cause problems?
>
> Well human error would help :) But also allowing the container to have
> all the privileges it needs to do lvm+mounting means that anything in
> the continer could mess with the host.
>
> > I'm not using this in production by
> > the way. These are throw away test containers.
>
> If it's also a throw away test host, then there's nothing to worry
> about.
>
> > The app installed inside
> > requires an LVM volume.
>
> Nothing *should* go wrong :) It's just that by having access to the
> host disk devices, any malware/bugs in the container can easily hose
> your host, replace your /sbin/init, etc.
>
> -serge
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140116/585e46fb/attachment.html>
More information about the lxc-users
mailing list