Arun Chandran: > "sudo mount .." gives correct labels. I can't use it because the > containers don't get sudo inside ; container might be running with the > lowest possible privileges.
Our discussion about the smack label is almost done. Thank you. But I'd suggest you to consider other docker storage drivers, especially devicemapper because your usecase looks wasting the disk space a lot. As you might know, aufs executes a file-based-copyup while devicemapper operates a block-based. In other words, setting a smack label changes just a small part of an inode, but aufs has to copyup the whole file. Devmapper changes the inode block only which should be much smaller than aufs' file-copyup. You are going to have N sets of files. All file-data are same. Just a label is different. That is why I suggest re-consider using aufs. Of course, it depends upon the file sizies and the number of files, or branch fs' inode block layout. Also I am not sure how you can setup the containers without sudo. Anyway "b.path" will be refined and released in next aufs release. J. R. Okajima ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi
