Thanks again. Is there a good place to look for an explanation of the settings you gave me before?
lxc.cgroup.devices.allow = c 10:236 rwm lxc.cgroup.devices.allow = b 252:* rwm On Thu, Jan 16, 2014 at 2:02 PM, Serge Hallyn <[email protected]>wrote: > Quoting Jeremiah Snapp ([email protected]): > > Thanks Serge! I actually just found out in IRC that further in my > config I > > was denying access. Once I allowed access it works fine. > > > > Yours is the second warning I've received about using LVM in a container. > > I don't know the details of the concern but can you tell me if it would > > require human error to cause problems? > > Well human error would help :) But also allowing the container to have > all the privileges it needs to do lvm+mounting means that anything in > the continer could mess with the host. > > > I'm not using this in production by > > the way. These are throw away test containers. > > If it's also a throw away test host, then there's nothing to worry > about. > > > The app installed inside > > requires an LVM volume. > > Nothing *should* go wrong :) It's just that by having access to the > host disk devices, any malware/bugs in the container can easily hose > your host, replace your /sbin/init, etc. > > -serge > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users >
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
