[lxc-users] Why can proc not be remounted read-only inside a container?

Serge Hallyn serge.hallyn at ubuntu.com
Tue Mar 25 05:25:00 UTC 2014 

Quoting Aaron Staley (astaley at berkeley.edu):
> Resurrecting this thread.
> 
> I've tried again on a new machine running Ubuntu 13.10 with lxc
> 1.0.0~alpha1 and I am still getting the same problem.
> 
> I can remount /proc rw, but not ro.  I've disabled apparmor (via
> https://gist.github.com/gionn/7585324) and get no errors.
> 
> in lxc.conf:
> lxc.mount.auto = proc
> 
> I have the same issue if I use:
> lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
> 
> 
> Are you guys actually able to mount-bind proc ro inside your containers?

Works fine for me.

> On Thu, Jan 16, 2014 at 5:55 PM, Qiang Huang <h.huangqiang at huawei.com>wrote:
> 
> > Hi Aaron,
> >
> > On 2014/1/17 9:33, Aaron Staley wrote:
> > > I'm trying to run an application that works fine on my host inside a
> > container.
> > >
> > > The application executes:
> > > mount -t proc -o ro proc /mnt/remount_point
> > > But this command errors:
> > > mount: cannot mount block device proc read-only
> > >
> > > mounting read-write (mount -t proc proc /mnt/remount_point) does work
> > however.
> > >
> > > I'd rather not modify the application.  Is there some LXC option/other
> > issue blocking a RO mount of proc?
> > >
> >
> > RO mount of proc should have worked, there must be something else
> > wrong, maybe like Stéphane said.
> >
> > If you are looking for some LXC options,
> > lxc.mount.auto = sys proc
> > may be what you want.
> >
> > > Thanks,
> > > Aaron
> > >
> > >
> > > _______________________________________________
> > > lxc-users mailing list
> > > lxc-users at lists.linuxcontainers.org
> > > http://lists.linuxcontainers.org/listinfo/lxc-users
> > >
> >
> >
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> >

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list