lxc.mount.entry fails into mnt/subdir

Bug #986385 reported by Serge Hallyn on 2012-04-20
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
lxc (Ubuntu)
Low
Unassigned
Precise
Undecided
Unassigned

Bug Description

=========== SRU Justification ===============
Impact: containers configured to have host directories bind mounted under
 subdirectories of /mnt will not see those mounts
Development fix: change the directory which lxc uses (in ubuntu templates)
 for pivot_root from mnt to mnt.putold.
Stable fix: same as development fix.
Test case:
 Create a container:
  sudo apt-get -y install lxc
 sudo lxc-create -t ubuntu -n p1
 Create a bind mount under an /mnt subdir of the container:
  sudo mkdir -b /var/lib/lxc/p1/rootfs/mnt/etc
 cat << EOF | sudo tee -a /var/lib/lxc/p1/config
 lxc.mount.entry = /etc mnt/etc none bind 0 0
 EOF
 Start the container, and look under /mnt
  sudo lxc-start -n p1
 #(log in as user ubuntu, password ubuntu, and do)
  ls /mnt/etc

Regression potential: this simply uses an existing, working lxc configuration
 variable to use a more sensible location for the pivot_root put_old directory.
 There should be no regression.
=============================================

A lxc.mount.entry line like

lxc.mount.entry = /var/lib mnt/series none bind 0 0

fails to mount the host's /var/lib under the container's /mnt/series, while

lxc.mount.entry = /var/lib mnt none bind 0 0

works.

Changed in lxc (Ubuntu):
status: New → Confirmed
importance: Undecided → Medium
Serge Hallyn (serge-hallyn) wrote :

The reason this happens is that by default 'mnt' is the directory used as pivotdir, where the old_root is placed during pivot_root(). After that, everything under pivotdir is unmounted.

A workaround is to specify an alternate 'lxc.pivotdir' in the container configuration file.

The code should be changed to use a tempdir as pivotroot. However, that can wait for Q and an SRU, since there is a workaround

Changed in lxc (Ubuntu):
status: Confirmed → Triaged
importance: Medium → Low
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.8.0~rc1-4ubuntu10

---------------
lxc (0.8.0~rc1-4ubuntu10) quantal; urgency=low

  [ Serge Hallyn ]
  * 0084-lxc-ubuntu-drop-duplicate-code.patch: drop some duplicate code from
    the ubuntu template. (LP: #1004118)
  * 0085-pivot-dir: use a directory other than /mnt to put the pivot_root
    old dir into (LP: #986385)

  [ Stéphane Graber ]
  * Ship /etc/dnsmasq.d/lxc to configure an eventual system wide
    dnsmasq daemon not to listen on the LXC bridge interface. (LP: #928524)
  * Drop rm calls from postrm for apparmor rules, these were in the purge
    target so didn't really serve any purpose.
 -- Stephane Graber <email address hidden> Tue, 29 May 2012 16:56:25 -0400

Changed in lxc (Ubuntu):
status: Triaged → Fix Released
description: updated

Hello Serge, or anyone else affected,

Accepted lxc into precise-proposed. The package will build now and be available in a few hours. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in lxc (Ubuntu Precise):
status: New → Fix Committed
tags: added: verification-needed
Stéphane Graber (stgraber) wrote :

Confirmed to work fine here.

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.7.5-3ubuntu59

---------------
lxc (0.7.5-3ubuntu59) precise-proposed; urgency=low

  [ Serge Hallyn ]
  * 0085-pivot-dir: use a directory other than /mnt to put the pivot_root
    old dir into (LP: #986385)
  * 0086-lxc-unshare-zero-args: fix lxc-unshare segfaulting when no command
    is given (LP: #1011603)
  * 0087-lxc-ls-dash: fix lxc-ls for containers whose names start with a
    dash (LP: #1006332)
  * 0088-ubuntu-template-flock: don't fail when flock is busy, just wait,
    so concurrent lxc-creates don't break. (LP: #1007483)
  * debian/rules, debian/lxc.apport: install apport hook (LP: #1011644)

  [ Stéphane Graber ]
  * Ship /etc/dnsmasq.d/lxc to configure an eventual system wide
    dnsmasq daemon not to listen on the LXC bridge interface. (LP: #928524)
 -- Serge Hallyn <email address hidden> Mon, 11 Jun 2012 19:56:30 -0500

Changed in lxc (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers