hi,
I'm trying to provide a crypted volume to a container :
- So i have added it to the container's fstab :
r...@ksxxx:~# cat /var/lib/lxc/newzer.ovh2.p.zitta.fr/fstab
/lxc/root/newzer.ovh2.p.zitta.fr
/var/lib/lxc/newzer.ovh2.p.zitta.fr/rootfs none rbind 0 0
/dev/mapper/crypt_newzer
/var/lib/lxc/newzer.ovh2.p.zitta.fr/rootfs/home ext4 defaults 0 0
- Looked which minor/major to allow
r...@ksxxx:~# ls -l /dev/mapper/
total 0
crw-rw---- 1 root root 10, 60 2010-02-13 14:22 control
brw-rw---- 1 root disk 252, 3 2010-03-02 12:51 crypt_newzer
brw-rw---- 1 root disk 252, 3 2010-03-02 12:51
crypt_newzer_unformatted
brw-rw---- 1 root disk 252, 1 2010-02-13 14:22 vg0-backup_restore
brw-rw---- 1 root disk 252, 2 2010-03-02 12:22 vg0-cr_newzer
brw-rw---- 1 root disk 252, 0 2010-02-13 14:22 vg0-lxc
- I have allowed it (i have deduced it from exemples)
r...@ksxxx:~# cat /var/lib/lxc/newzer.ovh2.p.zitta.fr/config |
grep 252:3
lxc.cgroup.devices.allow = b 252:3 rwm
- And plouf, an error :(
r...@ksxxx:~# lxc-start -n newzer.ovh2.p.zitta.fr
lxc-start: Operation not permitted - failed to mount
'/dev/mapper/crypt_newzer' on
'/var/lib/lxc/newzer.ovh2.p.zitta.fr/rootfs/home'
lxc-start: failed to setup the mounts for 'newzer.ovh2.p.zitta.fr'
lxc-start: failed to setup the container
So I'm wondering if it is possible, if i have made a mistake... Voila
Any idea?
Thanks
Guillaume ZITTA
French sysadmin
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
