Thanks. These containers are running as a web-hosting container for our user sites (we host one site per container). Does your security statement below mean I could run into security issues if we enable the security.nesting option? One of the primary drivers for containers is for security - we don’t want one site “bleeding” into another.
Thanks! On Jun 14, 2016, at 7:13 AM, Fajar A. Nugraha <[email protected]> wrote: On Tue, Jun 14, 2016 at 5:47 PM, Ron Kelley <[email protected]> wrote: > > Greetings, > > Looking to setup a bind mount inside a CentOS-6 container for ~user-a/WWW > pointing to /var/www/html. However, each time I run “bind —mount > /home/user-a/www /var/www/html” I get a read-only error message and the bind > mount is not created. This works just fine inside a “normal” VM. > > Any pointers? > https://github.com/lxc/lxd/blob/master/doc/configuration.md stop your container, set security.nesting (and probably security.privileged) to true, start it again. Note that it pretty much negates some of the additional security protections present in lxd, so make sure you trust your container admin (e.g. you use it yourself, not for a shared hosting setup). -- Fajar _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
