Hello all, I am trying to use LXC to run Ubuntu Lucid Lynx containers on Lucid Lynx hosts. I have succeeded in configuring the container properly so it starts, connects to the network etc.
However, as described in [1], my container can remount the /srv partition read-only. I tried to fix it using the fstab entry that was given at [1] but in the end mount gives: r...@lemon:~$ mount /dev/mapper/fridge-srv on / type ext4 (rw) ... "Ok, it might not work", I thought. However, after some time I decided to bind-mount /var/cache/apt to container's /var/cache/apt and now my fstab is: /srv/vm/lxc/lemon/rootfs /srv/vm/lxc/rootfs none bind 0 0 /var/cache/apt /srv/vm/lxc/lemon/rootfs/var/cache/apt none bind 0 0 During startup the debug output has the following lines: lxc-start 1270888370.767 DEBUG lxc_conf - mounted /srv/vm/lxc/lemon/rootfs on /srv/vm/lxc/rootfs, type none lxc-start 1270888370.767 DEBUG lxc_conf - mounted /var/cache/apt on /srv/vm/lxc/lemon/rootfs/var/cache/apt, type none So I guess it does mount something, however later on I see the following: lxc-start 1270888370.773 DEBUG lxc_conf - umounted '/lxc-oldrootfs-ib3iB1/srv/vm/lxc/lemon/rootfs/var/cache/apt' I am not quite sure it should umount that directory, but here's how my mount looks when the system is booted: r...@lemon:/var/cache/apt$ mount /dev/mapper/fridge-srv on / type ext4 (rw) none on /proc type proc (rw,noexec,nosuid,nodev) none on /sys type sysfs (rw,noexec,nosuid,nodev) none on /dev/console type devpts (rw,noexec,nosuid,relatime,gid=5,mode=620,ptmxmode=000) none on /dev/tty1 type devpts (rw,noexec,nosuid,relatime,gid=5,mode=620,ptmxmode=000) none on /sys/fs/fuse/connections type fusectl (rw) none on /sys/kernel/debug type debugfs (rw) none on /sys/kernel/security type securityfs (rw) none on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620) none on /dev/shm type tmpfs (rw,nosuid,nodev) none on /var/run type tmpfs (rw,nosuid,mode=0755) none on /var/lock type tmpfs (rw,noexec,nosuid,nodev) none on /lib/init/rw type tmpfs (rw,nosuid,mode=0755) Is there anything wrong with my set up? It looks like my first attempt to protect /srv fails due to the same issue - bind mounts do not work in the container for me. I am using the version of lxc userspace tools that is bundled with Lucid Lynx, 0.6.5-1 on 2.6.32-19-server kernel. [1] http://www.mail-archive.com/lxc-de...@lists.sourceforge.net/msg00126.html -- Roman Yepishev <roman.yepis...@yandex.ua>
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev
_______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
