[lxc-users] Can LVM be used in an LXC container?

Serge Hallyn serge.hallyn at ubuntu.com
Thu Jan 16 20:53:32 UTC 2014 

Not sure which bits you are looking for an explanation for.  There is
lxc.conf(5), the Documentation/cgroups/ directory in the linux kernel
(https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/cgroups?id=refs/tags/v3.13-rc8)
and a bit in
https://help.ubuntu.com/13.04/serverguide/lxc.html

-serge

Quoting Jeremiah Snapp (jeremiah.snapp at gmail.com):
> Thanks again.  Is there a good place to look for an explanation of the
> settings you gave me before?
> 
> lxc.cgroup.devices.allow = c 10:236 rwm
> lxc.cgroup.devices.allow = b 252:* rwm
> 
> 
> On Thu, Jan 16, 2014 at 2:02 PM, Serge Hallyn <serge.hallyn at ubuntu.com>wrote:
> 
> > Quoting Jeremiah Snapp (jeremiah.snapp at gmail.com):
> > > Thanks Serge!  I actually just found out in IRC that further in my
> > config I
> > > was denying access.  Once I allowed access it works fine.
> > >
> > > Yours is the second warning I've received about using LVM in a container.
> > >  I don't know the details of the concern but can you tell me if it would
> > > require human error to cause problems?
> >
> > Well human error would help :)  But also allowing the container to have
> > all the privileges it needs to do lvm+mounting means that anything in
> > the continer could mess with the host.
> >
> > > I'm not using this in production by
> > > the way.  These are throw away test containers.
> >
> > If it's also a throw away test host, then there's nothing to worry
> > about.
> >
> > > The app installed inside
> > > requires an LVM volume.
> >
> > Nothing *should* go wrong :)  It's just that by having access to the
> > host disk devices, any malware/bugs in the container can easily hose
> > your host, replace your /sbin/init, etc.
> >
> > -serge
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> >

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list