[lxc-users] lxc container rootfs dev folder permission are changing from ro to rw inside container
Yasoda Padala
padala.yasoda at gmail.com
Tue Feb 26 04:02:48 UTC 2019
Hi Tomasz,
Please find below the output of mount & cat /proc/mounts
container config is also attached with this mail
yasoda at yasoda-HP-Z600-Workstation:~/.local/share/lxc/busybox$ lxc-attach -n
busybox
BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
Enter 'help' for a list of built-in commands.
/ # mount
/dev/loop0 on / type squashfs (ro,relatime)
none on /dev type tmpfs
(rw,relatime,size=492k,mode=755,uid=100000,gid=100000)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
proc on /proc/sys/net type proc (rw,nosuid,nodev,noexec,relatime)
proc on /proc/sys type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/sysrq-trigger type proc (ro,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime)
sysfs on /sys/devices/virtual/net type sysfs (rw,relatime)
sysfs on /sys/devices/virtual/net type sysfs
(rw,nosuid,nodev,noexec,relatime)
udev on /dev/full type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/null type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/random type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/tty type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/urandom type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/zero type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/tty0 type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/tty1 type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/null type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
udev on /dev/urandom type devtmpfs
(rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755)
/dev/sda1 on /lib type ext4 (ro,relatime,errors=remount-ro,data=ordered)
/dev/sda1 on /usr/lib type ext4 (ro,relatime,errors=remount-ro,data=ordered)
/dev/sda1 on /lib64 type ext4 (ro,relatime,errors=remount-ro,data=ordered)
securityfs on /sys/kernel/security type securityfs
(ro,nosuid,nodev,noexec,relatime)
devpts on /dev/console type devpts
(rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
devpts on /dev/pts type devpts
(rw,nosuid,noexec,relatime,gid=100005,mode=620,ptmxmode=666,max=1)
devpts on /dev/ptmx type devpts
(rw,nosuid,noexec,relatime,gid=100005,mode=620,ptmxmode=666,max=1)
devpts on /dev/tty1 type devpts
(rw,nosuid,noexec,relatime,gid=100005,mode=620,ptmxmode=666,max=1)
/ #
/ #
/ #
/ #
/ # cat /proc/mounts
/dev/loop0 / squashfs ro,relatime 0 0
none /dev tmpfs rw,relatime,size=492k,mode=755,uid=100000,gid=100000 0 0
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
proc /proc/sys/net proc rw,nosuid,nodev,noexec,relatime 0 0
proc /proc/sys proc ro,nosuid,nodev,noexec,relatime 0 0
proc /proc/sysrq-trigger proc ro,nosuid,nodev,noexec,relatime 0 0
sysfs /sys sysfs ro,nosuid,nodev,noexec,relatime 0 0
sysfs /sys/devices/virtual/net sysfs rw,relatime 0 0
sysfs /sys/devices/virtual/net sysfs rw,nosuid,nodev,noexec,relatime 0 0
udev /dev/full devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/null devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/random devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/tty devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/urandom devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/zero devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/tty0 devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/tty1 devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/null devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
udev /dev/urandom devtmpfs
rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0
/dev/sda1 /lib ext4 ro,relatime,errors=remount-ro,data=ordered 0 0
/dev/sda1 /usr/lib ext4 ro,relatime,errors=remount-ro,data=ordered 0 0
/dev/sda1 /lib64 ext4 ro,relatime,errors=remount-ro,data=ordered 0 0
securityfs /sys/kernel/security securityfs ro,nosuid,nodev,noexec,relatime
0 0
devpts /dev/console devpts
rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0
devpts /dev/pts devpts
rw,nosuid,noexec,relatime,gid=100005,mode=620,ptmxmode=666,max=1 0 0
devpts /dev/ptmx devpts
rw,nosuid,noexec,relatime,gid=100005,mode=620,ptmxmode=666,max=1 0 0
devpts /dev/tty1 devpts
rw,nosuid,noexec,relatime,gid=100005,mode=620,ptmxmode=666,max=1 0 0
/ #
/ #
On Mon, Feb 25, 2019 at 2:07 PM Yasoda Padala <padala.yasoda at gmail.com>
wrote:
> yasoda at yasoda-HP-Z600-Workstation:~/.local/share/lxc/busybox$ lxc-attach
> -n busybox
> lxc-attach: busybox: utils.c: get_ns_uid: 548 No such file or directory -
> Failed to open uid_map
> lxc-attach: busybox: utils.c: get_ns_gid: 579 No such file or directory -
> Failed to open gid_map
>
> BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
> Enter 'help' for a list of built-in commands.
>
>
> */ # mount cat /proc/mountsmount: mounting cat on /proc/mounts failed: No
> such file or directory*
> / #
> / #
>
> Please find attached container config
>
> On Mon, Feb 25, 2019 at 2:01 PM Tomasz Chmielewski <tch at virtall.com>
> wrote:
>
>> On 2019-02-25 17:27, Yasoda Padala wrote:
>>
>> > Actual results: dev folder of container rootfs is read-only on host
>> > machine but inside container, it is writable.
>> >
>> > Please help with inputs on why the dev folder permissions are changed
>> > on lxc-attach.
>>
>> Can you paste the output of:
>>
>> mount
>> cat /proc/mounts
>>
>> from the container?
>>
>>
>> Tomasz Chmielewski
>> https://lxadm.com
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20190226/278e4b3f/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: busybox-config
Type: application/octet-stream
Size: 1774 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20190226/278e4b3f/attachment.obj>
More information about the lxc-users
mailing list