[prev in list] [next in list] [prev in thread] [next in thread]
List: lxc-users
Subject: [lxc-users] Issue with making a new LXC container from an existing directory
From: Nicholas Clark <nicholas.clark () gmail ! com>
Date: 2016-10-25 20:09:30
Message-ID: CAKNeuBqJcxO0bQs8s0AU6D7_wAv+0oZ_SQ2Yp2MnQhc8X0RcAA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi all,
I'm working on a project that involves generating a bunch of live images,
and I'd love to be able to use LXC to customize the filesystems.
I hacked something together using schroot, but I'd like to migrate it over
to unprivileged LXC containers so that the build is cleaner and needs fewer
root permissions.
In my intended build flow, I'd like to be able to do the following:
1. Mount the baseline .img file as a loop mount (happens with passwordless
sudo)
2. Use bindfs to remount the loop with user-level permissions (passwordless
sudo)
3. Create an unprivileged LXC container using the mounted directory as the
rootdir.
4. Run whatever upgrades/changes are needed inside of the LXC container.
I've been trying to get this work, but I can't get LXC to create a working
unprivileged container from an existing directory. Note that I _can_ use
unprivileged containers in a general sense - downloaded LXC images work
great.
I'm able to reproduce the problem without any bind-mounts or anything like
that - basically, I can reproduce my problem with this set of commands:
$ lxc-create --name=fedora-base --template=download --dir=fedora-base
$ cp -a fedora-base fedora-custom
$ lxc-create --name=fedora-custom --template=none --dir=fedora-custom
$ lxc-start --name=fedora-custom -F
Everything works great until I try to start the 'fedora-custom' container,
which then craps out with the following messages:
lxc-start: utils.c: safe_mount: 1742 Permission denied - Failed to
mount /dev/null onto /dev/null
lxc-start: conf.c: fill_autodev: 1182 Permission denied - Failed bind
mounting device null from host into container
lxc-start: conf.c: lxc_setup: 3783 failed to populate /dev in the
container
lxc-start: start.c: do_start: 834 failed to setup the container
lxc-start: sync.c: __sync_wait: 57 An error occurred in another process
(expected sequence number 3)
lxc-start: start.c: __lxc_start: 1354 failed to spawn 'fedora-custom'
lxc-start: tools/lxc_start.c: main: 344 The container failed to start.
lxc-start: tools/lxc_start.c: main: 348 Additional information can be
obtained by setting the --logfile and --logpriority options.
Can anybody help shed some light on what's going on? I know that I'm doing
_something_ wrong, but I don't have any idea what :(
-Nick
[Attachment #5 (text/html)]
<div dir="ltr"><div><div><div><div><div><div><div><div><div><div>Hi \
all,<br><br>I'm working on a project that involves generating a bunch of live \
images, and I'd love to be able to use LXC to customize the \
filesystems.<br><br></div>I hacked something together using schroot, but I'd like \
to migrate it over to unprivileged LXC containers so that the build is cleaner and \
needs fewer root permissions.<br><br>In my intended build flow, I'd like to be \
able to do the following:<br></div>1. Mount the baseline .img file as a loop mount \
(happens with passwordless sudo)<br></div>2. Use bindfs to remount the loop with \
user-level permissions (passwordless sudo)<br></div>3. Create an unprivileged LXC \
container using the mounted directory as the rootdir.<br></div>4. Run whatever \
upgrades/changes are needed inside of the LXC container.<br><br></div>I've been \
trying to get this work, but I can't get LXC to create a working unprivileged \
container from an existing directory. Note that I _can_ use unprivileged containers \
in a general sense - downloaded LXC images work great.<br><br></div>I'm able to \
reproduce the problem without any bind-mounts or anything like that - basically, I \
can reproduce my problem with this set of commands:<br><br> $ lxc-create \
--name=fedora-base --template=download --dir=fedora-base<br> $ cp -a \
fedora-base fedora-custom<br> $ lxc-create --name=fedora-custom --template=none \
--dir=fedora-custom<br> $ lxc-start --name=fedora-custom \
-F<br><br></div>Everything works great until I try to start the \
'fedora-custom' container, which then craps out with the following \
messages:<br><br> lxc-start: utils.c: safe_mount: 1742 Permission denied - \
Failed to mount /dev/null onto /dev/null<br> lxc-start: conf.c: fill_autodev: \
1182 Permission denied - Failed bind mounting device null from host into \
container<br> lxc-start: conf.c: lxc_setup: 3783 failed to populate /dev in the \
container<br> lxc-start: start.c: do_start: 834 failed to setup the \
container<br> lxc-start: sync.c: __sync_wait: 57 An error occurred in another \
process (expected sequence number 3)<br> lxc-start: start.c: __lxc_start: 1354 \
failed to spawn 'fedora-custom'<br> lxc-start: tools/lxc_start.c: main: \
344 The container failed to start.<br> lxc-start: tools/lxc_start.c: main: 348 \
Additional information can be obtained by setting the --logfile and --logpriority \
options.<br><br></div>Can anybody help shed some light on what's going on? I know \
that I'm doing _something_ wrong, but I don't have any idea what \
:(<br><br></div>-Nick<br></div>
[Attachment #6 (text/plain)]
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic