Hi Serge, On Wed, Oct 29, 2014 at 08:30:16PM +0000, Serge Hallyn wrote: > Quoting Luka Perkov ([email protected]): > > The check is not needed and it breaks lxc-destroy when container is > > installed > > on top of overlayfs. More information why this is a problem on overlayfs > > can be > > found here: > > > > https://kernel.googlesource.com/pub/scm/linux/kernel/git/mszeredi/vfs/+/overlayfs.current/Documentation/filesystems/overlayfs.txt > > Hm, not sure how I feel about this. You say "it's not needed", > but removing it invalidates the "_onedev" part of the function > name. > > I realize that in most cases the is-one-device part isn't > needed. But in those rare cases where admin has messed up and > left a pointer to host's / or /etc in the container > somehow, it'll be missed.
I'm not sure I understand the above. Lets say you have container called foo, then: /var/lib/lxc/foo/rootfs/mylink -> /etc The link called mylink points to /etc. With the patch proposed the link will be removed but /etc on the host will not. The directory /var/lib/lxc/foo/rootfs/etc will be removed (if it exists of course). I thought that this was desired behavior. > Really I don't know that I'd recommend running containers on top > of overlayfs. This is not the usual overlayfs-container use-case, > and it overlayfs has enough niggles that it'd worry me. Still, > if we can fix this in a safe way then I'm open to it. > > Maybe we should detect whether the underlying fs is overlayfs, > and ignore the device if it is? I'll see if there is an elegant way to do this ;) Luka _______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
