Prevent LXC container from remounting host file system

Question

Recently, I started looking at LXC as a virtualization platform. I have already created a container, and set it up to use via libvirt.

This works so far, but when I shut down the container, /var/lib/lxc (which is on a separate file system) is remounted as ro on the host.

I have already searched for the problem, and found as a solution to drop some capabilities for LXC (e.g. here, it is suggested to drop sys_module, mac_admin and mac_override). However, even if I keep no capabilities at all (lxc.cap.keep=none), the file system is still remounted.

So how to properly prevent a container from randomly remounting file systems on the host?

bmullan · Accepted Answer · 2018-02-26 22:27:41Z

0

For LXD/LXC questions you might want to join the LXD/LXC user forum.

The LXD/LXC developers as well as many other experiences LXD/LXC users ask/answer questions like this daily.

Just thought I'd make you aware of it if you weren't.

https://discuss.linuxcontainers.org/

Brian

answered Feb 26, 2018 at 22:27

bmullan

1211 bronze badge

Add a comment |

Stack Exchange Network

Prevent LXC container from remounting host file system

1 Answer 1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
mount
shutdown
read-only
lxc
.

Hot Network Questions

Prevent LXC container from remounting host file system

1 Answer 1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged mountshutdownread-onlylxc.

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
mount
shutdown
read-only
lxc
.