Ubuntu
lxc package

lxc.mount.entry fails into mnt/subdir

Bug #986385 reported by Serge Hallyn
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
lxc (Ubuntu)
Fix Released
Low
Unassigned
Precise
Fix Released
Undecided
Unassigned

Bug Description

=========== SRU Justification ===============
Impact: containers configured to have host directories bind mounted under
 subdirectories of /mnt will not see those mounts
Development fix: change the directory which lxc uses (in ubuntu templates)
 for pivot_root from mnt to mnt.putold.
Stable fix: same as development fix.
Test case:
 Create a container:
  sudo apt-get -y install lxc
 sudo lxc-create -t ubuntu -n p1
 Create a bind mount under an /mnt subdir of the container:
  sudo mkdir -b /var/lib/lxc/p1/rootfs/mnt/etc
 cat << EOF | sudo tee -a /var/lib/lxc/p1/config
 lxc.mount.entry = /etc mnt/etc none bind 0 0
 EOF
 Start the container, and look under /mnt
  sudo lxc-start -n p1
 #(log in as user ubuntu, password ubuntu, and do)
  ls /mnt/etc

Regression potential: this simply uses an existing, working lxc configuration
 variable to use a more sensible location for the pivot_root put_old directory.
 There should be no regression.
=============================================

A lxc.mount.entry line like

lxc.mount.entry = /var/lib mnt/series none bind 0 0

fails to mount the host's /var/lib under the container's /mnt/series, while

lxc.mount.entry = /var/lib mnt none bind 0 0

works.

See original description
Serge Hallyn (serge-hallyn)
Changed in lxc (Ubuntu):
status: New → Confirmed
importance: Undecided → Medium
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

The reason this happens is that by default 'mnt' is the directory used as pivotdir, where the old_root is placed during pivot_root(). After that, everything under pivotdir is unmounted.

A workaround is to specify an alternate 'lxc.pivotdir' in the container configuration file.

The code should be changed to use a tempdir as pivotroot. However, that can wait for Q and an SRU, since there is a workaround

Changed in lxc (Ubuntu):
status: Confirmed → Triaged
importance: Medium → Low
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.8.0~rc1-4ubuntu10

---------------
lxc (0.8.0~rc1-4ubuntu10) quantal; urgency=low

  [ Serge Hallyn ]
  * 0084-lxc-ubuntu-drop-duplicate-code.patch: drop some duplicate code from
    the ubuntu template. (LP: #1004118)
  * 0085-pivot-dir: use a directory other than /mnt to put the pivot_root
    old dir into (LP: #986385)

  [ Stéphane Graber ]
  * Ship /etc/dnsmasq.d/lxc to configure an eventual system wide
    dnsmasq daemon not to listen on the LXC bridge interface. (LP: #928524)
  * Drop rm calls from postrm for apparmor rules, these were in the purge
    target so didn't really serve any purpose.
 -- Stephane Graber <email address hidden> Tue, 29 May 2012 16:56:25 -0400

Changed in lxc (Ubuntu):
status: Triaged → Fix Released
Serge Hallyn (serge-hallyn)
description: updated
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Serge, or anyone else affected,

Accepted lxc into precise-proposed. The package will build now and be available in a few hours. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in lxc (Ubuntu Precise):
status: New → Fix Committed
tags: added: verification-needed
Revision history for this message
Stéphane Graber (stgraber) wrote :

Confirmed to work fine here.

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 0.7.5-3ubuntu59

---------------
lxc (0.7.5-3ubuntu59) precise-proposed; urgency=low

  [ Serge Hallyn ]
  * 0085-pivot-dir: use a directory other than /mnt to put the pivot_root
    old dir into (LP: #986385)
  * 0086-lxc-unshare-zero-args: fix lxc-unshare segfaulting when no command
    is given (LP: #1011603)
  * 0087-lxc-ls-dash: fix lxc-ls for containers whose names start with a
    dash (LP: #1006332)
  * 0088-ubuntu-template-flock: don't fail when flock is busy, just wait,
    so concurrent lxc-creates don't break. (LP: #1007483)
  * debian/rules, debian/lxc.apport: install apport hook (LP: #1011644)

  [ Stéphane Graber ]
  * Ship /etc/dnsmasq.d/lxc to configure an eventual system wide
    dnsmasq daemon not to listen on the LXC bridge interface. (LP: #928524)
 -- Serge Hallyn <email address hidden> Mon, 11 Jun 2012 19:56:30 -0500

Changed in lxc (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.