[libvirt-users] Libvirt-lxc and systemd question

Matt Hicks mhicks at redhat.com
Mon Jul 22 15:08:07 UTC 2013 

Warning - I'm fairly new to libvirt, lxc and systemd so there is a good 
chance I'm doing something terribly wrong here.  However, instead of 
continuing to struggle, I figured I would mail the list for some 
advice.  What I'm trying to accomplish is a libvirt-lxc, systemd-based 
container running on my system (Fedora 19).  I've read that sharing the 
underlying OS filesystem with the containers doesn't work, so I've 
installed a minimal Fedora 19 install in /srv/mycontainer.  Everything 
seems to work okay but what I'm struggling with is how to setup the 
initial accounts.  I've tried to attach to the container using 'nsenter' 
(entering all the namespaces) but it doesn't appear that the bind mounts 
are in place.  For example, I see the /etc/passwd for my host OS, not 
the container.  Is there a better way to setup the initial accounts on 
the container?

Here is what I have installed:

$ rpm -qa | grep lxc
libvirt-daemon-driver-lxc-1.0.5.2-1.fc19.x86_64
libvirt-daemon-lxc-1.0.5.2-1.fc19.x86_64

$ rpm -qa | grep systemd
systemd-libs-204-9.fc19.x86_64
systemd-python-204-9.fc19.x86_64
systemd-sysv-204-9.fc19.x86_64
systemd-libs-204-9.fc19.i686
systemd-204-9.fc19.x86_64


Here is the scenario I'm trying to go through:

$ export LIBVIRT_DEFAULT_URI=lxc:///
$ getenforce
Enforcing

$ sudo yum -y --releasever=19 --nogpg --installroot=/srv/mycontainer 
--disablerepo='*' --enablerepo=fedora install systemd passwd yum 
fedora-release vim-minimal
... lots of output

$ ls /srv/mycontainer/
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root run  
sbin  srv  sys  tmp  usr  var

$ cat test2.xml
<domain type='lxc'>
   <name>test2</name>
   <memory>102400</memory>
   <os>
     <type arch='x86_64'>exe</type>
     <init>/bin/systemd</init>
   </os>
   <devices>
     <console type='pty'/>
     <filesystem type='mount'>
       <source dir='/srv/mycontainer'/>
       <target dir='/'/>
     </filesystem>
   </devices>
</domain>

$ virsh define test2.xml
Domain test2 defined from test2.xml

$ virsh start test2
Domain test2 started

# Attach to container to set account passwords
$ sudo nsenter -m -u -i -n -p -t `pgrep -f test2`
[sudo] password for mhicks:
[root at localhost /]# diff -q /srv/mycontainer/etc/passwd /etc/passwd
Files /srv/mycontainer/etc/passwd and /etc/passwd differ

Any ideas?

-Matt

More information about the libvirt-users mailing list