Raw.mount.options not accepted in block device mount of ext4 disk device

/dev/sda10 contains an existing ext4 filesystem not mounted in the host (to maintain isolation between host and container)

Trying to start an instance containing this disk device:

  sda10_block_mount:
    path: /top
    raw.mount.options: nosuid,nodev,noexec
    source: /dev/sda10
    type: disk

fails with this error message:

Error: Failed to start device "sda10_block_mount": Unable to mount "/proc/self/fd/32" at "/var/snap/lxd/common/lxd/devices/test-ext4-block-mount/disk.sda10_block_mount.top" with filesystem "ext4": invalid argument
Try `lxc info --show-log test-ext4-block-mount` for more info

If I edit the instance configuration to delete the raw.mount.options line, the mount works fine.

Any idea what I’m doing wrong?

-------- Further details and instance config: --------

running lxd 5.0.1 from snap stable channel
both host and container running debian bullseye
lxd default storage pool is a dedicated zfs partition

$ lxc info --show-log test-ext4-block-mount
Name: test-ext4-block-mount
Status: STOPPED
Type: container
Architecture: x86_64
Created: 2023/01/17 21:29 CST

Log:

(no further output following Log: above)

$ lxc config show test-ext4-block-mount -e
architecture: x86_64
config:
  image.architecture: amd64
  image.description: Debian bullseye amd64 (20221104_05:24)
  image.name: debian-bullseye-amd64-default-20221104_05:24
  image.os: debian
  image.release: bullseye
  image.serial: "20221104_05:24"
  image.variant: default
  volatile.apply_template: copy
  volatile.base_image: 529880cbdb026ec961d93a90ec7d21137a3649f515e25dc8503fff30c565468c
  volatile.cloud-init.instance-id: 30643e42-a0d2-454f-8f55-62f019b24376
  volatile.eth0.hwaddr: 00:16:3e:dd:0e:be
  volatile.idmap.base: "0"
  volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},{"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.uuid: ad8d0c83-f79c-4c70-849c-b5ac8b68d2ae
devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: br0lower
    type: nic
  root:
    path: /
    pool: default
    type: disk
  sda10_block_mount:
    path: /top
    raw.mount.options: nosuid,nodev,noexec
    source: /dev/sda10
    type: disk
ephemeral: false
profiles:
- default
stateful: false
description: ""

Have you identified which of those raw mount options causes the error?

I have run 8 different test cases with this instance (test-ext4-block-mount with config shown in my original post).

In 6 of these test cases, I replaced the 'raw.mount.options` line in the original instance with one of the following lines, respectively:

raw.mount.options: nosuid
raw.mount.options: nodev
raw.mount.options: noexec
raw.mount.options: relatime
raw.mount.options: ro
raw.mount.options: rw

In each of these cases starting the instance failed with exactly the same error message shown in my original post

The the remaining 2 test cases, I replaced the 'raw.mount.options` line with one of the following lines, respectively:

readonly: "true"
readonly: "false"

In each of these last 2 cases, the instance started up fine, and the mount worked, as indicated by these respective lines from the output of findmnt run in the instance

/top                       /proc/self/fd/35       ext4       ro,relatime
/top                       /proc/self/fd/90       ext4       rw,relatime

In summary, the 'raw.mount.options` line does not seem to be accepted regardless of which option it specifies.

There are some automated tests for this option but only using the uid and gid mount options. Please can you open an issue on github. Thanks

Will do – thanks

Issue opened on github:
https://github.com/lxc/lxd/issues/11303