Hello,
I have a privileged LXD container in which I run a third-party app which at some point mounts a fuse filesystem, and I’d like to be able to access that filesystem from the host.
I’ve tried using “shared” and “rshared” propagation options in the “disk” device config with no success.
Would be grateful for any suggestions.
LXD version 5.0.0-b0287c1 (snap)
I wouldn’t be surprised at all if FUSE was somehow special cased to not propagate the normal way as this would likely open the door to a number of security issues since unprivileged users can create such mounts…
An alternative, assuming you want to access it from the root user on the host would be to peak at the container’s filesystem through /proc/PID/root where PID is the init 1 PID showed in lxc info NAME.
Thanks for the reply!
I just checked and it seems that even if I manually mount some other filesystem - I tried tmpfs - I still get no propagation. So maybe the problem is not related to fuse, and its just me doing something wrong?
Here’s what I did:
host# mkdir /test
host# lxc config device add container test disk \
path=/test \
source=/test \
propagation=rshared \
recursive=true
container# mkdir /test/mnt
container# mount -t tmpfs tmpfs /test/mnt
container# touch /test/mnt/file
host# ls -l /test/mnt
total 0
I also tried making /test a bind mount using mount --bind /test /test on the host before adding the device, but that didn’t make a difference.
What am I missing?