[lxc-users] Issue with making a new LXC container from an existing directory

Nicholas Clark nicholas.clark at gmail.com
Tue Oct 25 20:09:30 UTC 2016 

Hi all,

I'm working on a project that involves generating a bunch of live images,
and I'd love to be able to use LXC to customize the filesystems.

I hacked something together using schroot, but I'd like to migrate it over
to unprivileged LXC containers so that the build is cleaner and needs fewer
root permissions.

In my intended build flow, I'd like to be able to do the following:
1. Mount the baseline .img file as a loop mount (happens with passwordless
sudo)
2. Use bindfs to remount the loop with user-level permissions (passwordless
sudo)
3. Create an unprivileged LXC container using the mounted directory as the
rootdir.
4. Run whatever upgrades/changes are needed inside of the LXC container.

I've been trying to get this work, but I can't get LXC to create a working
unprivileged container from an existing directory. Note that I _can_ use
unprivileged containers in a general sense - downloaded LXC images work
great.

I'm able to reproduce the problem without any bind-mounts or anything like
that - basically, I can reproduce my problem with this set of commands:

    $ lxc-create --name=fedora-base --template=download --dir=fedora-base
    $ cp -a fedora-base fedora-custom
    $ lxc-create --name=fedora-custom --template=none --dir=fedora-custom
    $ lxc-start --name=fedora-custom -F

Everything works great until I try to start the 'fedora-custom' container,
which then craps out with the following messages:

    lxc-start: utils.c: safe_mount: 1742 Permission denied - Failed to
mount /dev/null onto /dev/null
    lxc-start: conf.c: fill_autodev: 1182 Permission denied - Failed bind
mounting device null from host into container
    lxc-start: conf.c: lxc_setup: 3783 failed to populate /dev in the
container
    lxc-start: start.c: do_start: 834 failed to setup the container
    lxc-start: sync.c: __sync_wait: 57 An error occurred in another process
(expected sequence number 3)
    lxc-start: start.c: __lxc_start: 1354 failed to spawn 'fedora-custom'
    lxc-start: tools/lxc_start.c: main: 344 The container failed to start.
    lxc-start: tools/lxc_start.c: main: 348 Additional information can be
obtained by setting the --logfile and --logpriority options.

Can anybody help shed some light on what's going on? I know that I'm doing
_something_ wrong, but I don't have any idea what :(

-Nick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20161025/e6c34d7c/attachment.html>

More information about the lxc-users mailing list