[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] LXC: mount a fresh /run directory for container

On Wed, Aug 21, 2013 at 04:22:29PM +0800, Gao feng wrote:
> The unix socket file /run/systemd/private is used to
> send reboot/shutdown messages. and since this type of
> unix sockets are not per net namespace , they are
> global resources. systemctl in container can use
> this unix socket to send shutdown message to the
> systemd-shutdownd running on host. finally the
> host will be poweroff.
> this problem occurs when container shares the same
> root directory with host.
> this patch umount host's /run directory and mount
> the /run directory of container as tmpfs.
> Signed-off-by: Gao feng <gaofeng cn fujitsu com>
> ---
>  src/lxc/lxc_container.c | 5 +++++
>  1 file changed, 5 insertions(+)

I don't think we should be doing this by default. IMHO this is something
the mgmt app / admin should take care of it they want to have separate

You may be preventing access to the systemd socket by doing this, but
equally you can be breaking any number of other valid use cases by
hiding the host's /run

Ultimately user namespace should prevent access to the systemd
sockets for people wanting a secure setup without replacing /run

|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]