Quoting [email protected] ([email protected]): > Howdy! > > I am trying to make lxc containers with readonly root "/" > > I bind mount a "common" rootfs and make it readonly to use as a > readonly container root file system. > > mount --bind /srv/common/ /srv/test/ > mount -o remount,ro /srv/test > > lxc.rootfs = /srv/test ( in container config) > > lxc-start fails because /usr is readonly and /usr/lib64/lxc > is needed to be rw, I guess.. > > lxc-start: utils.c: mkdir_p: 202 Read-only file system - failed to create > directory '/usr/lib64/lxc/rootfs/lx > c_putold' > > So, I set lxc.pivotdir in container config ( I have a rw /var > in the container ) > > lxc.pivotdir = /var/mnt > > And it boots perfectly and I have a readonly "/", Yeay!! but > then I notice that the entire host filesystem is mounted read/write in > the container > under /var/mnt... > > Why does this mount not go away? Ideas about what I have to do?? > > lxc 1.0.8 on centos6.7... tried both building from source tarball > from linuxcontainers.org
FWIW if you switch to newer lxc it no longer needs the pivot_root dir. _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
