Not able to mount a directory in lxc

Requirement : To create an unprivilaged container WITHOUT its own root file system so that i can make host’s directory as containers rootfile sytem

Below are the steps i have followed

1. created a user with useradd command on the host

/etc/subuid has
testuser:231072:65536

/etc/subgid has
testuser:231072:65536

4. I logged in with the “testuser” login

5. created a container(unprivilaged) with( my container name is appA, and config file name is config)
   lxc-create -n appA -t none -f config -P /var/lib/lxc

config file looks like this,

lxc.idmap = u 0 231072 1002
lxc.idmap = g 0 231072 1003
lxc.idmap = u 1002 1002 1
lxc.idmap = g 1003 1003 1
lxc idmap = u 1004 232075 64533
lxc.idmap = g 1005 232076 64532
lxc.console.path = none
lxc.mount.entry = /usr/bin/appfw /var/lib/lxc/appA/shared none ro,bind,0 0

container creation is succesful. I get an error if i change lxc.mount.entry
to
lxc.mount.entry = /usr/bin/appfw shared none ro,bind,0 0

I checked the logs but log says mounted “/usr/bin/appfw” on “/var/lib/lxc/appA/shared” with filesystem type none
, but I am not able to list /usr/bin/appfw inside /var/lib/lxc/appA/shared.

I have executed chmod 777 on /usr/bin/appfw

Note:
Tried with the below config file also
lxc.idmap = u 0 231072 65536
lxc.idmap = g 0 231072 65536
lxc.console.path = none
lxc.mount.entry = /usr/bin/appfw /var/lib/lxc/appA/shared none ro,bind,0 0

Please let me know if i am going wrong anywhere.

Environment details
Working on Ubuntu 18.04 distribution
lxc-checkconfig shows “enabled” for each option

 lxc.mount.entry = /usr/bin/appfw shared none ro,bind,0 0

Should be correct. What’s the startup failure you’re getting?
Note that when successful, you won’t see this mounted from the host, you’ll need to go check from within the container with lxc-attach.

When i use ```
lxc.mount.entry = /usr/bin/appfw shared none ro,bind,0 0

error is
lxc_conf - conf.c:mount_entry:1957 - No Such file or directory - Failed to mount "/usr/bin/apppfw" on /shared

Thank you for the hint. I didnt know that we need to check the shared folder after attaching to container. i was just checking it in thr RFS of container.

I also wanted to know why
lxc.mount.auto = proc:mixed sys
is the mandatory command in config file for get mount working.

What is the significance of proc:mixed sys. i only got lxc.mount working with
lxc.mount.entry = /usr/bin/appfw /var/lib/lxc/appA/shared none ro,bind,0
lxc.mount.auto = proc:mixed sys

Still have Mount error with below command in config file
lxc.mount.entry = /usr/bin/appfw shared none ro,bind,0 0

lxc.mount.auto is used to setup /proc and /sys in your container.
You don’t have to use it, but if you don’t, then you’d need lxc.mount.entry entries for /proc and /sys or LXC will likely run into problems.

Thank you for the input. I am clear with the point

Open point: Relative path of container folder in lxc.mount.entry is not working for me, Absolute path has no problem

@brauner any idea why relative wouldn’t work?

lxc.mount.entry = /usr/bin/appfw shared none ro,bind,0 0

In this line shared is the target mountpoint. Does this mountpoint exist? If not this needs to be:

lxc.mount.entry = /usr/bin/appfw shared none ro,bind,create=dir 0 0

yes, shared is the mount point. And the folder exists.

The same folder i can mount if i use the absolute path

So the logic should actually be and has been for a long time that absolute target paths are ignored and relative paths accepted so this is strange. What’s your LXC version?

lxc version is 3.0.1