On Sun, Feb 15, 2015 at 05:21:19PM +0100, Christian Brauner wrote:
> Hello,
> 
> I test the newest systemd from git on a regular basis by compiling it
> and installing it into a container and booting it. I did that with the
> several current systemd versions from git for the last couple of weeks.
> It seems that in the next version when booting a container with
> lxc-start, systemd creates a btrfs subvolume under
> 
>     rootfs/var/lib/machines
> 
> in every container. This will cause lxc-destroy for unprivileged containers to
> fail. (Because subvolumes can currently be created but not destroyed by
> unprivileged users.) There either needs to be a way to destroy btrfs 
> subvolumes
> for unprivileged user with lxc-destroy or the creation of btrfs subvolumes
> during container boot needs to be prevented. Is the second option already
> available?
> 
> Best,
> Christian

Add user_subvol_rm_allowed to your fstab and unprivileged users will be
able to remove subvolumes.

> 
> From the man page of machinectl:
> (http://man7.org/linux/man-pages/man1/machinectl.1.html)
>     FILES AND DIRECTORIES         top
> 
>            Machine images are preferably stored in /var/lib/machines/, but are
>            also searched for in /usr/local/lib/machines/ and 
> /usr/lib/machines/.
>            For compatibility reasons the directory /var/lib/container/ is
>            searched, too. Note that images stored below /usr are always
>            considered read-only. It is possible to symlink machines images 
> from
>            other directories into /var/lib/machines/ to make them available 
> for
>            control with machinectl.



> _______________________________________________
> lxc-devel mailing list
> lxc-devel@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel


-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com

Attachment: signature.asc
Description: Digital signature

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to