[lxc-users] LXC, unprivileged containers and glusterfs
Dirk Geschke
dirk at lug-erding.de
Thu Oct 17 07:50:43 UTC 2019
Hi all,
maybe someone has an idea how to solve this problem with glusterfs
and unprivileged lxc.
My idea was to start the container on a glusterfs filesystem, so I
have the data available, even if one gluster node fails.
I would be able to even start the container on another host without
copying the data.
It seemed to work, until I tried to access a directory as user root
within the LXC:
root at lxc-playground:/var/spool# ls -l
total 12
drwxr-xr-x 3 root root 4096 May 27 16:34 cron
drwxr-x--- 5 Debian-exim Debian-exim 4096 May 27 16:34 exim4
lrwxrwxrwx 1 root root 7 May 27 05:25 mail -> ../mail
drwx------ 2 root root 4096 Jan 18 2017 rsyslog
root at lxc-playground:/var/spool# cd exim4/
root at lxc-playground:/var/spool/exim4# ls
ls: cannot open directory '.': Permission denied
I thought first, it is a problem with LXC, but then I found in the
gluster logs:
W [fuse-bridge.c:1132:fuse_fd_cbk] 0-glusterfs-fuse: 1185751: OPENDIR() /playground/.local/share/lxc/lxc-playground/rootfs/var/spool/exim4 => -1 (Permission denied)
Does anyone have an idea what is going wrong here and how to fix
this?
Would it be possible to use an unprivileged container on a glusterfs?
Best regards
Dirk
--
+----------------------------------------------------------------------+
| Dr. Dirk Geschke / Plankensteinweg 61 / 85435 Erding |
| Telefon: 08122-559448 / Mobil: 0176-96906350 / Fax: 08122-9818106 |
| dirk at geschke-online.de / dirk at lug-erding.de / kontakt at lug-erding.de |
+----------------------------------------------------------------------+
More information about the lxc-users
mailing list