[lxc-users] squashfs container from read only filesystem
Judd Meinders
judd.meinders at rockwellcollins.com
Mon Oct 17 00:25:47 UTC 2016
Hello users,
I am writing to see if anyone else has experienced the behavior I am seeing
and to ask the people who would know if this is expected. lxc 2.0.3, linux
4.1.8
I am trying to start an unprivileged container from root. The container is
configured with the following mount options:
lxc.rootfs = loop:/opt/rootfs.squashfs
lxc.rootfs.mount = /var/lib/lxc/lxc1/rootfs
lxc.rootfs.options = -t squashfs
This all works fine when /opt is mounted as read/write, but lxc-start fails
when mounted as read only. I am able to mount the squashfs to the
destination manually as real root whether the source file system is read
only or not, but lxc-start seems to need it to be read/write.
Here is the container start log from when /opt is mounted read only, any
insight or help is appreciated:
lxc-start 20161016091404.038 INFO lxc_start_ui -
tools/lxc_start.c:main:264 - using rcfile /var/lib/lxc/lxc1/config
lxc-start 20161016091404.039 INFO lxc_confile -
confile.c:config_idmap:1500 - read uid map: type u nsid 0 hostid
101000 range 1000
lxc-start 20161016091404.039 INFO lxc_confile -
confile.c:config_idmap:1500 - read uid map: type g nsid 0 hostid
101000 range 1000
lxc-start 20161016091404.039 INFO lxc_start -
start.c:lxc_check_inherited:252 - closed inherited fd 4
lxc-start 20161016091404.040 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to
[lxc monitor] /var/lib/lxc lxc1
lxc-start 20161016091404.040 INFO lxc_lsm -
lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
lxc-start 20161016091404.041 DEBUG lxc_start -
start.c:setup_signal_fd:290 - sigchild handler set
lxc-start 20161016091404.041 DEBUG lxc_console -
console.c:lxc_console_peer_default:469 - no console peer
lxc-start 20161016091404.041 INFO lxc_start -
start.c:lxc_init:489 - 'lxc1' is initialized
lxc-start 20161016091404.041 DEBUG lxc_start -
start.c:__lxc_start:1327 - Not dropping cap_sys_boot or watching utmp
lxc-start 20161016091404.041 INFO lxc_start -
start.c:lxc_check_inherited:252 - closed inherited fd 4
lxc-start 20161016091404.043 ERROR lxcloop -
bdev/lxcloop.c:loop_mount:190 - Read-only file system - Error opening
backing file loop:/opt/rootfs.squashfs
lxc-start 20161016091404.044 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/ad055575fe28ddd5//var/lib/lxc
lxc-start 20161016091404.056 ERROR lxc_conf -
conf.c:mount_rootfs:807 - No such file or directory - failed to get
real path for 'loop:/opt/rootfs.squashfs'
lxc-start 20161016091404.056 ERROR lxc_conf -
conf.c:setup_rootfs:1221 - failed to mount rootfs
lxc-start 20161016091404.056 ERROR lxc_conf -
conf.c:do_rootfs_setup:3623 - failed to setup rootfs for 'lxc1'
lxc-start 20161016091404.056 ERROR lxc_start -
start.c:__lxc_start:1345 - Error setting up rootfs mount as root
before spawn
lxc-start 20161016091404.057 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc-start 20161016091409.062 ERROR lxc_start_ui -
tools/lxc_start.c:main:344 - The container failed to start.
lxc-start 20161016091409.062 ERROR lxc_start_ui -
tools/lxc_start.c:main:346 - To get more details, run the container in
foreground mode.
lxc-start 20161016091409.123 ERROR lxc_start_ui -
tools/lxc_start.c:main:348 - Additional information can be obtained by
setting the --logfile and --logpriority options.
--
Judd Meinders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20161016/de7aba2a/attachment.html>
More information about the lxc-users
mailing list