[lxc-users] LXC bind Mount Permissioning

Serge Hallyn serge.hallyn at ubuntu.com
Tue Nov 18 20:50:42 UTC 2014 

Quoting Nicholas J Ingrassellino (nick at lifebloodnetworks.com):
> Feel a little dumb responding to my own question so soon. In case
> anyone else wants to figure out how to do this it turns out to be
> pretty simple.
> 
> The built-in LXC fstab functionality is pretty awesome but can lead
> to some permissioning issues, I have found. To solve this, after
> creating the container but before starting it up, do your bind mount
> on the host itself (IE /mount --bind /source_path/
> ~/.local/share/lxc/container/rootfs/var/lib/postgresql//). You can

Hm, it seems like that should have been possible with:

lxc.mount.entry = /source_path var/lib/postgresql none bind 0 0

> do it on the CLI or in your host fstab (which obviously has the
> benefit of being permanent). Make sure you set the appropriate
> permissions from the host (just match what the neighboring container
> path have if you are unsure) if you need to.
> 
> Thanks any way to the list. Hope this helps someone.
> 
> On 11/15/2014 01:27 PM, Nicholas J Ingrassellino wrote:
> >Howdy!
> >
> >I am experimenting with ZFS and LXC.
> >
> >As a test on my host I have two ZFS filesystems: //tank/lxc/ for
> >containers and //tank/lxc_postgresql/ for bind mounting in a
> >container. I have the container fstab working
> >(//tank/lxc_postgresql var/lib/postgresql none bind/) where
> >//tank/lxc_postgresql/ on my host is equivalent to
> >//var/lib/postgresql// within the container.
> >
> >The problem comes when I try to install PostgreSQL. It complains
> >that, during install, it can not change the permissions on
> >//var/lib/postgresql//. I have tried changing the permissions from
> >the host (to the same permissions the rest of the folders in
> >//var/lib// have) and from the container. I have tried bind
> >mounting at //media/postgresql// and creating a symlink to
> >//var/lib/postgresql// (not so much because I do not understand
> >why it failed but because I was running out of ideas). I am not
> >sure how to get this working...
> >
> >I ultimately want to do this with a number of containers (some
> >should have dedup, some should have a different block sizes, ect)
> >but can not even get it working with a single container. Any ideas
> >would be appreciated.
> >
> >Thanks in advance!
> >
> >
> >_______________________________________________
> >lxc-users mailing list
> >lxc-users at lists.linuxcontainers.org
> >http://lists.linuxcontainers.org/listinfo/lxc-users
> 

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list