Is it possible to override the list of bindMounts setup by LXD at container startup?


#1

I’m having a problem where lxd is applying the following bindMounts to all containers at startup, however on CentOS 5 containers, most of these mounts don’t work, and when stopping a CentOS 5 container, the mounts on the host end up going read only, requiring a reboot of the host to rectify.

In container_lxc.go I see that the following mounts are setup for ALL containers:

    bindMounts := []string{
        "/dev/fuse",
        "/dev/net/tun",
        "/proc/sys/fs/binfmt_misc",
        "/sys/firmware/efi/efivars",
        "/sys/fs/fuse/connections",
        "/sys/fs/pstore",
        "/sys/kernel/debug",
        "/sys/kernel/security"}

Is there anyway to override this on a container-by-container basis? This is on LXD 3.11 and 3.13. I had logged https://github.com/lxc/lxcfs/issues/281 however I’m realizing the issue isn’t with LXCFS, but with LXD instead. But more details can be found there.

Thanks in advance!

t.


#2

Actually, never mind. The problem was in the halt script on centos 5. I removed the section that was blindly unmounting stuff, and stopping a centos 5 container no longer causes host mounts to go read only.