[lxc-users] squashfs container from read only filesystem

Judd Meinders judd.meinders at rockwellcollins.com
Mon Oct 17 00:25:47 UTC 2016


Hello users,

I am writing to see if anyone else has experienced the behavior I am seeing
and to ask the people who would know if this is expected.  lxc 2.0.3, linux
4.1.8

I am trying to start an unprivileged container from root.  The container is
configured with the following mount options:

lxc.rootfs = loop:/opt/rootfs.squashfs
lxc.rootfs.mount = /var/lib/lxc/lxc1/rootfs
lxc.rootfs.options = -t squashfs

This all works fine when /opt is mounted as read/write, but lxc-start fails
when mounted as read only.  I am able to mount the squashfs to the
destination manually as real root whether the source file system is read
only or not, but lxc-start seems to need it to be read/write.

Here is the container start log from when /opt is mounted read only, any
insight or help is appreciated:

      lxc-start 20161016091404.038 INFO     lxc_start_ui -
tools/lxc_start.c:main:264 - using rcfile /var/lib/lxc/lxc1/config
      lxc-start 20161016091404.039 INFO     lxc_confile -
confile.c:config_idmap:1500 - read uid map: type u nsid 0 hostid
101000 range 1000
      lxc-start 20161016091404.039 INFO     lxc_confile -
confile.c:config_idmap:1500 - read uid map: type g nsid 0 hostid
101000 range 1000
      lxc-start 20161016091404.039 INFO     lxc_start -
start.c:lxc_check_inherited:252 - closed inherited fd 4
      lxc-start 20161016091404.040 INFO     lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to
[lxc monitor] /var/lib/lxc lxc1
      lxc-start 20161016091404.040 INFO     lxc_lsm -
lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
      lxc-start 20161016091404.041 DEBUG    lxc_start -
start.c:setup_signal_fd:290 - sigchild handler set
      lxc-start 20161016091404.041 DEBUG    lxc_console -
console.c:lxc_console_peer_default:469 - no console peer
      lxc-start 20161016091404.041 INFO     lxc_start -
start.c:lxc_init:489 - 'lxc1' is initialized
      lxc-start 20161016091404.041 DEBUG    lxc_start -
start.c:__lxc_start:1327 - Not dropping cap_sys_boot or watching utmp
      lxc-start 20161016091404.041 INFO     lxc_start -
start.c:lxc_check_inherited:252 - closed inherited fd 4
      lxc-start 20161016091404.043 ERROR    lxcloop -
bdev/lxcloop.c:loop_mount:190 - Read-only file system - Error opening
backing file loop:/opt/rootfs.squashfs
      lxc-start 20161016091404.044 INFO     lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/ad055575fe28ddd5//var/lib/lxc
      lxc-start 20161016091404.056 ERROR    lxc_conf -
conf.c:mount_rootfs:807 - No such file or directory - failed to get
real path for 'loop:/opt/rootfs.squashfs'
      lxc-start 20161016091404.056 ERROR    lxc_conf -
conf.c:setup_rootfs:1221 - failed to mount rootfs
      lxc-start 20161016091404.056 ERROR    lxc_conf -
conf.c:do_rootfs_setup:3623 - failed to setup rootfs for 'lxc1'
      lxc-start 20161016091404.056 ERROR    lxc_start -
start.c:__lxc_start:1345 - Error setting up rootfs mount as root
before spawn
      lxc-start 20161016091404.057 WARN     lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
      lxc-start 20161016091409.062 ERROR    lxc_start_ui -
tools/lxc_start.c:main:344 - The container failed to start.
      lxc-start 20161016091409.062 ERROR    lxc_start_ui -
tools/lxc_start.c:main:346 - To get more details, run the container in
foreground mode.
      lxc-start 20161016091409.123 ERROR    lxc_start_ui -
tools/lxc_start.c:main:348 - Additional information can be obtained by
setting the --logfile and --logpriority options.






-- 
Judd Meinders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20161016/de7aba2a/attachment.html>


More information about the lxc-users mailing list