Re: [Lxc-users] read only rootfs

2011-07-19 Thread Michael H. Warfield
On Wed, 2011-07-20 at 02:21 +, Serge E. Hallyn wrote: > Quoting Michael H. Warfield (m...@wittsend.com): > > > > But... I got this for the root system on Alcove. > > > > > > > > 106 55 8:17 /lxc/private/Alcove / rw,relatime master:1 - ext4 /dev/sdb1 > > > > rw,barrier=1,data=ordered > > > >

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Serge E. Hallyn
Quoting Michael H. Warfield (m...@wittsend.com): > > > But... I got this for the root system on Alcove. > > > > > > 106 55 8:17 /lxc/private/Alcove / rw,relatime master:1 - ext4 /dev/sdb1 > > > rw,barrier=1,data=ordered > > > > > > Ok... That now says "master:1". Not sure what it signifies...

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 17:28 -0500, C Anthony Risinger wrote: > On Tue, Jul 19, 2011 at 4:17 PM, Michael H. Warfield > wrote: > > On Tue, 2011-07-19 at 15:32 -0500, Serge E. Hallyn wrote: > >> Quoting Michael H. Warfield (m...@wittsend.com): > >> > On Tue, 2011-07-19 at 13:34 -0500, Serge E. Hall

Re: [Lxc-users] read only rootfs

2011-07-19 Thread C Anthony Risinger
On Tue, Jul 19, 2011 at 4:17 PM, Michael H. Warfield wrote: > On Tue, 2011-07-19 at 15:32 -0500, Serge E. Hallyn wrote: >> Quoting Michael H. Warfield (m...@wittsend.com): >> > On Tue, 2011-07-19 at 13:34 -0500, Serge E. Hallyn wrote: >> > > Quoting C Anthony Risinger (anth...@xtfx.me): >> > > > t

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 15:32 -0500, Serge E. Hallyn wrote: > Quoting Michael H. Warfield (m...@wittsend.com): > > On Tue, 2011-07-19 at 13:34 -0500, Serge E. Hallyn wrote: > > > Quoting C Anthony Risinger (anth...@xtfx.me): > > > > there it would seem. however, while i could *maybe* see the rootf

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 16:50 -0400, Michael H. Warfield wrote: > On Tue, 2011-07-19 at 15:32 -0500, Serge E. Hallyn wrote: > > Quoting Michael H. Warfield (m...@wittsend.com): > > > On Tue, 2011-07-19 at 13:34 -0500, Serge E. Hallyn wrote: > > > > Quoting C Anthony Risinger (anth...@xtfx.me): > >

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 15:32 -0500, Serge E. Hallyn wrote: > Quoting Michael H. Warfield (m...@wittsend.com): > > On Tue, 2011-07-19 at 13:34 -0500, Serge E. Hallyn wrote: > > > Quoting C Anthony Risinger (anth...@xtfx.me): > > > > there it would seem. however, while i could *maybe* see the rootf

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Serge E. Hallyn
Quoting Michael H. Warfield (m...@wittsend.com): > On Tue, 2011-07-19 at 13:34 -0500, Serge E. Hallyn wrote: > > Quoting C Anthony Risinger (anth...@xtfx.me): > > > there it would seem. however, while i could *maybe* see the rootfs > > > being an unconditional slave, i would NOT want to see any l

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 14:51 -0500, Serge E. Hallyn wrote: > Quoting Michael H. Warfield (m...@wittsend.com): > > On Tue, 2011-07-19 at 12:59 -0500, Serge E. Hallyn wrote: > > > Quoting Michael H. Warfield (m...@wittsend.com): > > > > I think the problem is that you are only doing this on the root

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Serge E. Hallyn
Quoting Michael H. Warfield (m...@wittsend.com): > On Tue, 2011-07-19 at 12:59 -0500, Serge E. Hallyn wrote: > > Quoting Michael H. Warfield (m...@wittsend.com): > > > I think the problem is that you are only doing this on the rootfs and > > > that flag does not automagically propagate to the subm

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Serge E. Hallyn
Quoting Michael H. Warfield (m...@wittsend.com): > On Tue, 2011-07-19 at 12:59 -0500, Serge E. Hallyn wrote: > > Quoting Michael H. Warfield (m...@wittsend.com): > > > I think the problem is that you are only doing this on the rootfs and > > > that flag does not automagically propagate to the subm

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 13:34 -0500, Serge E. Hallyn wrote: > Quoting C Anthony Risinger (anth...@xtfx.me): > > there it would seem. however, while i could *maybe* see the rootfs > > being an unconditional slave, i would NOT want to see any lxc > > default/enforcement preventing container -> host p

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 13:34 -0500, Serge E. Hallyn wrote: > Quoting C Anthony Risinger (anth...@xtfx.me): > > there it would seem. however, while i could *maybe* see the rootfs > > being an unconditional slave, i would NOT want to see any lxc > > default/enforcement preventing container -> host p

Re: [Lxc-users] read only rootfs

2011-07-19 Thread Serge E. Hallyn
Quoting C Anthony Risinger (anth...@xtfx.me): > there it would seem. however, while i could *maybe* see the rootfs > being an unconditional slave, i would NOT want to see any lxc > default/enforcement preventing container -> host propagation on a > globally recursive scale. im of the opinion that

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 12:59 -0500, Serge E. Hallyn wrote: > Quoting Michael H. Warfield (m...@wittsend.com): > > I think the problem is that you are only doing this on the rootfs and > > that flag does not automagically propagate to the submounts. That's > D'oh! Yeah, what you want is MS_REC |

Re: [Lxc-users] read only rootfs

2011-07-19 Thread C Anthony Risinger
On Mon, Jul 18, 2011 at 7:36 AM, Serge E. Hallyn wrote: > Quoting C Anthony Risinger (anth...@xtfx.me): >> On Jul 15, 2011 12:01 PM, "Michael H. Warfield" wrote: >> > >> > Unfortunately, I also still find that if there's a -o remount,ro in the >> > halt/reboot script, it still sets /dev/pts to ro

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Serge E. Hallyn
Quoting Michael H. Warfield (m...@wittsend.com): > I think the problem is that you are only doing this on the rootfs and > that flag does not automagically propagate to the submounts. That's D'oh! Yeah, what you want is MS_REC | MS_SLAVE. The rest should be fine as I had it? --

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Michael H. Warfield
On Mon, 2011-07-18 at 07:31 -0500, Serge E. Hallyn wrote: > Quoting Michael H. Warfield (m...@wittsend.com): > > Unfortunately, I also still find that if there's a -o remount,ro in the > > halt/reboot script, it still sets /dev/pts to ro and that still > > propagates to the host and to the other c

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Michael H. Warfield
On Tue, 2011-07-19 at 09:55 -0400, Michael H. Warfield wrote: > On Mon, 2011-07-18 at 07:31 -0500, Serge E. Hallyn wrote: > > Quoting Michael H. Warfield (m...@wittsend.com): > > > Unfortunately, I also still find that if there's a -o remount,ro in the > > > halt/reboot script, it still sets /dev

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Michael H. Warfield
On Mon, 2011-07-18 at 07:31 -0500, Serge E. Hallyn wrote: > Quoting Michael H. Warfield (m...@wittsend.com): > > Unfortunately, I also still find that if there's a -o remount,ro in the > > halt/reboot script, it still sets /dev/pts to ro and that still > > propagates to the host and to the other c

Re: [Lxc-users] [PATCH] Re: read only rootfs

2011-07-19 Thread Serge E. Hallyn
Quoting Michael H. Warfield (m...@wittsend.com): > On Mon, 2011-07-18 at 07:31 -0500, Serge E. Hallyn wrote: > > Quoting Michael H. Warfield (m...@wittsend.com): > > > Unfortunately, I also still find that if there's a -o remount,ro in the > > > halt/reboot script, it still sets /dev/pts to ro and