Re: [lxc-users] lxc container rootfs dev folder permission are changing from ro to rw inside container
On 2019-02-25 17:27, Yasoda Padala wrote: Actual results: dev folder of container rootfs is read-only on host machine but inside container, it is writable. Please help with inputs on why the dev folder permissions are changed on lxc-attach. Can you paste the output of: mount cat /proc/mounts from the container? Tomasz Chmielewski https://lxadm.com ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] lxc container rootfs dev folder permission are changing from ro to rw inside container
On 2019-02-26 13:02, Yasoda Padala wrote: Hi Tomasz, Please find below the output of mount & cat /proc/mounts container config is also attached with this mail yasoda@yasoda-HP-Z600-Workstation:~/.local/share/lxc/busybox$ lxc-attach -n busybox BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash) Enter 'help' for a list of built-in commands. / # mount /dev/loop0 on / type squashfs (ro,relatime) none on /dev type tmpfs This. You have tmpfs mounted over /dev in your container. Why is it an issue for you? I'd say it's perfectly normal behaviour. Tomasz Chmielewski https://lxadm.com ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] lxc container rootfs dev folder permission are changing from ro to rw inside container
Hi Tomasz, Please find below the output of mount & cat /proc/mounts container config is also attached with this mail yasoda@yasoda-HP-Z600-Workstation:~/.local/share/lxc/busybox$ lxc-attach -n busybox BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash) Enter 'help' for a list of built-in commands. / # mount /dev/loop0 on / type squashfs (ro,relatime) none on /dev type tmpfs (rw,relatime,size=492k,mode=755,uid=10,gid=10) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) proc on /proc/sys/net type proc (rw,nosuid,nodev,noexec,relatime) proc on /proc/sys type proc (ro,nosuid,nodev,noexec,relatime) proc on /proc/sysrq-trigger type proc (ro,nosuid,nodev,noexec,relatime) sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime) sysfs on /sys/devices/virtual/net type sysfs (rw,relatime) sysfs on /sys/devices/virtual/net type sysfs (rw,nosuid,nodev,noexec,relatime) udev on /dev/full type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/null type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/random type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/tty type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/urandom type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/zero type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/tty0 type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/tty1 type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/null type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) udev on /dev/urandom type devtmpfs (rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755) /dev/sda1 on /lib type ext4 (ro,relatime,errors=remount-ro,data=ordered) /dev/sda1 on /usr/lib type ext4 (ro,relatime,errors=remount-ro,data=ordered) /dev/sda1 on /lib64 type ext4 (ro,relatime,errors=remount-ro,data=ordered) securityfs on /sys/kernel/security type securityfs (ro,nosuid,nodev,noexec,relatime) devpts on /dev/console type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=15,mode=620,ptmxmode=666,max=1) devpts on /dev/ptmx type devpts (rw,nosuid,noexec,relatime,gid=15,mode=620,ptmxmode=666,max=1) devpts on /dev/tty1 type devpts (rw,nosuid,noexec,relatime,gid=15,mode=620,ptmxmode=666,max=1) / # / # / # / # / # cat /proc/mounts /dev/loop0 / squashfs ro,relatime 0 0 none /dev tmpfs rw,relatime,size=492k,mode=755,uid=10,gid=10 0 0 proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0 proc /proc/sys/net proc rw,nosuid,nodev,noexec,relatime 0 0 proc /proc/sys proc ro,nosuid,nodev,noexec,relatime 0 0 proc /proc/sysrq-trigger proc ro,nosuid,nodev,noexec,relatime 0 0 sysfs /sys sysfs ro,nosuid,nodev,noexec,relatime 0 0 sysfs /sys/devices/virtual/net sysfs rw,relatime 0 0 sysfs /sys/devices/virtual/net sysfs rw,nosuid,nodev,noexec,relatime 0 0 udev /dev/full devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/null devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/random devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/tty devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/urandom devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/zero devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/tty0 devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/tty1 devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/null devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 udev /dev/urandom devtmpfs rw,nosuid,relatime,size=3011264k,nr_inodes=752816,mode=755 0 0 /dev/sda1 /lib ext4 ro,relatime,errors=remount-ro,data=ordered 0 0 /dev/sda1 /usr/lib ext4 ro,relatime,errors=remount-ro,data=ordered 0 0 /dev/sda1 /lib64 ext4 ro,relatime,errors=remount-ro,data=ordered 0 0 securityfs /sys/kernel/security securityfs ro,nosuid,nodev,noexec,relatime 0 0 devpts /dev/console devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0 devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=15,mode=620,ptmxmode=666,max=1 0 0 devpts /dev/ptmx devpts rw,nosuid,noexec,relatime,gid=15,mode=620,ptmxmode=666,max=1 0 0 devpts /dev/tty1 devpts rw,nosuid,noexec,relatime,gid=15,mode=620,ptmxmode=666,max=1 0 0 / # / # On Mon, Feb 25, 2019 at 2:07 PM Yasoda Padala wrote: > yasoda@yasoda-HP-Z600-Workstation:~/.local/share/lxc/busybox$ lxc-attach > -n busybox > lxc-attach: busybox: utils.c: get_ns_uid: 548 No such file or directory - > Failed to open uid_map > lxc-attach: busybox: utils.c: get_ns_gid: 579 No such file or directory - > Failed to open gid_map > > BusyBox
Re: [lxc-users] lxc container rootfs dev folder permission are changing from ro to rw inside container
Please note these are two separate commands: mount cat /proc/mounts Tomasz Chmielewski https://lxadm.com On 2019-02-25 17:37, Yasoda Padala wrote: yasoda@yasoda-HP-Z600-Workstation:~/.local/share/lxc/busybox$ lxc-attach -n busybox lxc-attach: busybox: utils.c: get_ns_uid: 548 No such file or directory - Failed to open uid_map lxc-attach: busybox: utils.c: get_ns_gid: 579 No such file or directory - Failed to open gid_map BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash) Enter 'help' for a list of built-in commands. / # mount cat /proc/mounts mount: mounting cat on /proc/mounts failed: No such file or directory / # / # Please find attached container config On Mon, Feb 25, 2019 at 2:01 PM Tomasz Chmielewski wrote: On 2019-02-25 17:27, Yasoda Padala wrote: Actual results: dev folder of container rootfs is read-only on host machine but inside container, it is writable. Please help with inputs on why the dev folder permissions are changed on lxc-attach. Can you paste the output of: mount cat /proc/mounts from the container? Tomasz Chmielewski https://lxadm.com ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] lxc container rootfs dev folder permission are changing from ro to rw inside container
yasoda@yasoda-HP-Z600-Workstation:~/.local/share/lxc/busybox$ lxc-attach -n busybox lxc-attach: busybox: utils.c: get_ns_uid: 548 No such file or directory - Failed to open uid_map lxc-attach: busybox: utils.c: get_ns_gid: 579 No such file or directory - Failed to open gid_map BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash) Enter 'help' for a list of built-in commands. */ # mount cat /proc/mountsmount: mounting cat on /proc/mounts failed: No such file or directory* / # / # Please find attached container config On Mon, Feb 25, 2019 at 2:01 PM Tomasz Chmielewski wrote: > On 2019-02-25 17:27, Yasoda Padala wrote: > > > Actual results: dev folder of container rootfs is read-only on host > > machine but inside container, it is writable. > > > > Please help with inputs on why the dev folder permissions are changed > > on lxc-attach. > > Can you paste the output of: > > mount > cat /proc/mounts > > from the container? > > > Tomasz Chmielewski > https://lxadm.com > busybox-config Description: Binary data ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
[lxc-users] lxc container rootfs dev folder permission are changing from ro to rw inside container
Hi All, I have created lxc container based out of busybox template Our requirement is to start the container with squashed rootfs. Below are the steps followed to create lxc container, squash rootfs and start 1. lxc-create -n b01 -t busybox 2. mksquashfs rootfs rootfs.sq 3. mv rootfs rootfs.org //take backup of original rootfs 4. mkdir rootfs && sudo mount -o loop -t squashfs rootfs.sq rootfs //mount squashed rootfs to rootfs folder 5. lxc-start -n b01 Container starts successfully and all the folders/files of rootfs on host machine is read-only. Expectation is on start and logging into container, the permissions of rootfs files should remain intact Actual results: dev folder of container rootfs is read-only on host machine but inside container, it is writable. Please help with inputs on why the dev folder permissions are changed on lxc-attach. Thanks for the help, Yasoda ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
