[lxc-users] Setting lxc.pivotdir leaves mounted host "/" rw in container?
steve at linuxsuite.org
steve at linuxsuite.org
Fri Jan 15 18:18:46 UTC 2016
Howdy!
I am trying to make lxc containers with readonly root "/"
I bind mount a "common" rootfs and make it readonly to use as a
readonly container root file system.
mount --bind /srv/common/ /srv/test/
mount -o remount,ro /srv/test
lxc.rootfs = /srv/test ( in container config)
lxc-start fails because /usr is readonly and /usr/lib64/lxc
is needed to be rw, I guess..
lxc-start: utils.c: mkdir_p: 202 Read-only file system - failed to create
directory '/usr/lib64/lxc/rootfs/lx
c_putold'
So, I set lxc.pivotdir in container config ( I have a rw /var
in the container )
lxc.pivotdir = /var/mnt
And it boots perfectly and I have a readonly "/", Yeay!! but
then I notice that the entire host filesystem is mounted read/write in
the container
under /var/mnt...
Why does this mount not go away? Ideas about what I have to do??
lxc 1.0.8 on centos6.7... tried both building from source tarball
from linuxcontainers.org
and EPEL package. Same thing
mounted filesystems in the container
******* boot with default pivot
Filesystem 1K-blocks Used Available Use% Mounted on
rootfs 20027260 2889036 16114224 16% /
/dev/md0p4 20027260 2889036 16114224 16% /
devtmpfs 4014480 192 4014288 1% /dev
tmpfs 4026484 0 4026484 0% /dev/shm
**** after setting lxc.pivot = /var/mnt
Filesystem 1K-blocks Used Available Use% Mounted on
rootfs 20027260 2889184 16114076 16% /
/dev/md0p4 20027260 2889184 16114076 16% /var/mnt
devtmpfs 4014480 192 4014288 1% /var/mnt/dev
devtmpfs 4014480 192 4014288 1% /var/mnt/dev
tmpfs 4026484 0 4026484 0%
/var/mnt/dev/shm
/dev/md0p4 20027260 2889184 16114076 16% /var/mnt/srv/test
/dev/md0p4 20027260 2889184 16114076 16% /
devtmpfs 4014480 192 4014288 1% /dev
tmpfs 4026484 0 4026484 0% /dev/shm
thanx - steve
More information about the lxc-users
mailing list