[lxc-users] lxc-start-ephemeral: --storage-type dir leaves data behind

Serge Hallyn serge.hallyn at ubuntu.com
Mon Feb 16 19:30:08 UTC 2015


Quoting juodumas (juodumas at gmail.com):
> Hello,
> 
> 1. Shouldn't ephemeral containers delete data after they are stopped? Data is
>    left behind when I use the '--storage-type dir' argument.
> 2. How do I delete leftover data with my unprivileged user after stopping the
>    ephemeral container?
> 
> Here is an example session on Ubuntu 14.04:
> 
> [1]$ ls -l ~/.local/share/lxc/
> drwxrwx--- 3  100000 ubuntu 4096 Feb 12 10:59 ubuntu-trusty
> 
> [2]$ lxc-start-ephemeral -o ubuntu-trusty -n ephemeral -s dir -- pwd
> /root
> 
> [3]$ ls -l ~/.local/share/lxc/
> drwxrwx--- 3  100000 ubuntu 4096 Feb 12 10:59 ubuntu-trusty
> drwxrwxr-x 3  100000 ubuntu 4096 Feb 12 23:12 ephemeral
> 
> [4]$ lxc-usernsexec -- rm -fr ~/.local/share/lxc/ephemeral/
> rm: cannot remove ‘/home/ubuntu/.local/share/lxc/ephemeral/’: Permission denied
> 
> [5]$ rmdir ~/.local/share/lxc/ephemeral
> 
> So it looks like I can delete the leftover data in 2 steps: [4] and [5].
> Is this the right way to do it? Can this cleanup be done with a single
> command? Shouldn't this be handled by the lxc-start-ephemeral script? 

Confirmed.  Putting a sleep into ~/.local/share/lxc/eph1/post-stop, I
can see that post-stop is being run as your userid rather than as the
container root.

So lxc-start-ephemeral should either just 'lxc-destroy -n $container',
or lxc-usernsexec -n $container rm -rf ...'


More information about the lxc-users mailing list