Would it not be better to use a stacked file system, such as overlayfs or aufs, then discard the changes?
Cal On Thu, Dec 19, 2013 at 12:49 AM, Antonin Bas <[email protected]> wrote: > Hi, > > I am trying to run an application container with lxc-execute. I am > going to run "untrusted" student codes in this container and I want > the root file system to be shared with the host but read-only. I > thought this would be as easy as using the following configuration > file: > > # Container with new network withtout network devices > lxc.utsname = omega > lxc.network.type = empty > lxc.network.flags = up > > lxc.rootfs = /tmp/guest/rootfs > lxc.mount.entry=/ /tmp/guest/rootfs/ none ro,bind 0 0 > > However, when I run `sudo lxc-execute -n test -f grader.conf > --logpriority=DEBUG -- /bin/bash`, I get the following message: > > lxc-execute: Read-only file system - error unlinking > /usr/lib/x86_64-linux-gnu/lxc/dev/kmsg > > lxc-execute: failed to setup kmsg for 'test' > lxc-execute: Read-only file system - failed to create directory > '/usr/lib/x86_64-linux-gnu/lxc/lxc_putold' > > lxc-execute: Read-only file system - failed to create pivotdir > '/usr/lib/x86_64-linux-gnu/lxc/lxc_putold' > lxc-execute: failed to setup pivot root > lxc-execute: failed to set rootfs for 'test' > lxc-execute: failed to setup the container > lxc-execute: invalid sequence number 1. expected 2 > lxc-execute: failed to spawn 'test' > > > Is it possible to have some insight on what the problem is here? > I am using Ubuntu 13.10, and my lxc is the one from the official repo > (1.0.0.alpha1). > > Thanks you in advance for your help, > > Antonin > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users >
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
