We're looking at changing lxc to show /dev/ptmx as a real file rather than
symlink. This is however not particularly easy because:
- It can't be a bind-mount from the host (or it will interact with the host's
devpts)
- It can't be a straight mknod (because that's not allowed in unprivileged
containers)
So we're looking at re-ordering the liblxc code to setup a bind-mount
from /dev/pts/ptmx to /dev/ptmx INSIDE the container, which should work.
That part of the kernel has changed quite a bit, so making sure we don't
break things for supported kernels (2.6.32 or higher) is going to be a
bit tricky.
Note that there is nothing wrong with /dev/ptmx being a symlink to
/dev/pts/ptmx and I'd argue it's actually "more right" than having it be a
device node. But since that's not what udev/devtmpfs do, we probably should
mimic the host's behavior.
** Changed in: lxd (Ubuntu)
Status: New => Invalid
** Also affects: lxc (Ubuntu)
Importance: Undecided
Status: New
** Changed in: lxc (Ubuntu)
Status: New => Triaged
** Changed in: lxc (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1684481
Title:
KVM guest execution start apparmor blocks on /dev/ptmx now
(regression?)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1684481/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
