Hi, I am trying to run an application container with lxc-execute. I am going to run "untrusted" student codes in this container and I want the root file system to be shared with the host but read-only. I thought this would be as easy as using the following configuration file:
# Container with new network withtout network devices lxc.utsname = omega lxc.network.type = empty lxc.network.flags = up lxc.rootfs = /tmp/guest/rootfs lxc.mount.entry=/ /tmp/guest/rootfs/ none ro,bind 0 0 However, when I run `sudo lxc-execute -n test -f grader.conf --logpriority=DEBUG -- /bin/bash`, I get the following message: lxc-execute: Read-only file system - error unlinking /usr/lib/x86_64-linux-gnu/lxc/dev/kmsg lxc-execute: failed to setup kmsg for 'test' lxc-execute: Read-only file system - failed to create directory '/usr/lib/x86_64-linux-gnu/lxc/lxc_putold' lxc-execute: Read-only file system - failed to create pivotdir '/usr/lib/x86_64-linux-gnu/lxc/lxc_putold' lxc-execute: failed to setup pivot root lxc-execute: failed to set rootfs for 'test' lxc-execute: failed to setup the container lxc-execute: invalid sequence number 1. expected 2 lxc-execute: failed to spawn 'test' Is it possible to have some insight on what the problem is here? I am using Ubuntu 13.10, and my lxc is the one from the official repo (1.0.0.alpha1). Thanks you in advance for your help, Antonin _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
