[libvirt] [PATCH v3 00/12] Add user namespace support for libvirt lxc

Richard Weinberger richard at sigma-star.at
Thu Jun 13 13:30:29 UTC 2013


Am 11.06.2013 08:17, schrieb Gao feng:
>>> :)
>>> have fun with user namespace & libvirt.
>>> And thanks for your test.

Found an nasty issue.
It looks like libvirt execs the lxc init within the wrong rootfs context.

My container's rootfs contains the script named /xxx.
If I try to use it as init, libvirt fails.

2013-06-13 13:18:04.499+0000: 1: error : lxcContainerChild:1941 : cannot find init path '/xxx' relative to container root: No such file or directory

It fails because it looks in the rootfs of the host.
If I create /xxx within my hostfs it works.

Nobody noticed so far because in 99.9% of all case you have /bin/bash, /sbin/init and friends in both filesystems.

---cut---
<domain type='lxc'>
   <name>c_test1</name>
   <memory>102400</memory>
   <os>
     <type>exe</type>
     <init>/xxx</init>
   </os>
   <idmap>
         <uid start='0' target='100000' count='100000'/>
         <gid start='0' target='100000' count='100000'/>
   </idmap>
   <devices>
         <console type='pty'/>
         <filesystem type='mount'>
           <source dir='/home/container/c_test1/rootfs/'/>
           <target dir='/'/>
         </filesystem>
         <filesystem type='ram'>
           <source usage='1024' />
           <target dir='/sys/fs/cgroup/systemd'/>
         </filesystem>
         <interface type='bridge'>
          <source bridge='br0'/>
          <mac address='52:54:00:be:49:be'/>
        </interface>
   </devices>
</domain>
---cut---

Thanks,
//richard




More information about the libvir-list mailing list