Quoting Xavier Garcia ([email protected]):
> 2012/4/20 Serge Hallyn <[email protected]>
>
> > Quoting Xavier Garcia ([email protected]):
> > > > I don't think patches to make nfs work right in containers have ever
> > > >> made it in. I'd recommend mounting the filesystem someplace on the
> > > >> host, then bind-mounting them into the container through a
> > > >> lxc.mount.entry.
> > > >
> > > >
> > > lxc.mount.entry doesn't work with any host directory that I try.
> >
> > Please show me an example (cut and pasted) of one which failed.
> >
> > > If I disable apparmor containers refuse to start.
> >
> > Look in /var/lib/lxc/container/config for the commented-out line
> > 'aa_profile = unconfined'. Un-comment that.
> >
>
> This is the cut&pasted line
>
> lxc.mount.entry=/tank/series /var/lib/lxc/p2p/rootfs/mnt/series none
> rw,bind 0 0
Well fooi, here's a definate bug. Get rid of '/series', i.e.
lxc.mount.entry=/tank/series /var/lib/lxc/p2p/rootfs/mnt none rw,bind 0 0
And you should find it mounted under /mnt in the container.
(Note also that you can just make it
lxc.mount.entry=/tank/series mnt none rw,bind 0 0
and it'll get mounted in /mnt relative to the container's rootfs.)
Now why can't it get mounted under /mnt/series? I don't know!
> Uncommenting aa_profile gives me an
> lxc-start: No such file or directory - failed to change apparmor profile to
> unconfined
> the container don't start
That shouldn't be happening. If apparmor is not enabled, it should not
be trying to transition at all.
> Thanks Serge for your support
Thanks for bringing these up, there are real bugs here.
-serge
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Lxc-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lxc-users
