(sorry, just realized postfix has been messing up my email)
Quoting Michael H. Warfield (m...@wittsend.com):
> Unfortunately, I also still find that if there's a -o remount,ro in the
> halt/reboot script, it still sets /dev/pts to ro and that still
> propagates to the host and to the other containers triggering random
Wow.
Did a quick grep; is there any reason why lxc-start doesn't turn on
MS_SLAVE for the client's root? Something like:
>From 7fbc3ec940403605c53b253d8630c3f47fad154c Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hal...@ubuntu.com>
Date: Mon, 18 Jul 2011 07:29:57 -0500
Subject: [PATCH 1/1] (untested) turn container rootfs into MS_SLAVE
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
---
src/lxc/conf.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 2eb598b..d36fe47 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -732,6 +732,11 @@ static int setup_rootfs(const struct lxc_rootfs *rootfs)
return -1;
}
+ if (mount(rootfs->path, rootfs->path, "none", MS_SLAVE, 0)) {
+ ERROR("failed to turn child rootfs into slave");
+ return -1;
+ }
+
DEBUG("mounted '%s' on '%s'", rootfs->path, rootfs->mount);
return 0;
--
1.7.4.1
> The kernel should also prohibit, totally, the propagation of remount
The kernel doesn't know about containers, so it's up to userspace :)
-serge
------------------------------------------------------------------------------
Storage Efficiency Calculator
This modeling tool is based on patent-pending intellectual property that
has been used successfully in hundreds of IBM storage optimization engage-
ments, worldwide. Store less, Store more with what you own, Move data to
the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
_______________________________________________
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
