[libvirt-users] Libvirt-lxc and systemd question
Daniel P. Berrange
berrange at redhat.com
Mon Jul 22 15:12:52 UTC 2013
On Mon, Jul 22, 2013 at 11:08:07AM -0400, Matt Hicks wrote:
> Warning - I'm fairly new to libvirt, lxc and systemd so there is a
> good chance I'm doing something terribly wrong here. However,
> instead of continuing to struggle, I figured I would mail the list
> for some advice. What I'm trying to accomplish is a libvirt-lxc,
> systemd-based container running on my system (Fedora 19). I've read
> that sharing the underlying OS filesystem with the containers
> doesn't work, so I've installed a minimal Fedora 19 install in
> /srv/mycontainer. Everything seems to work okay but what I'm
> struggling with is how to setup the initial accounts. I've tried to
> attach to the container using 'nsenter' (entering all the
> namespaces) but it doesn't appear that the bind mounts are in place.
> For example, I see the /etc/passwd for my host OS, not the
> container. Is there a better way to setup the initial accounts on
> the container?
>
> Here is what I have installed:
>
> $ rpm -qa | grep lxc
> libvirt-daemon-driver-lxc-1.0.5.2-1.fc19.x86_64
> libvirt-daemon-lxc-1.0.5.2-1.fc19.x86_64
>
> $ rpm -qa | grep systemd
> systemd-libs-204-9.fc19.x86_64
> systemd-python-204-9.fc19.x86_64
> systemd-sysv-204-9.fc19.x86_64
> systemd-libs-204-9.fc19.i686
> systemd-204-9.fc19.x86_64
>
>
> Here is the scenario I'm trying to go through:
>
> $ export LIBVIRT_DEFAULT_URI=lxc:///
> $ getenforce
> Enforcing
>
> $ sudo yum -y --releasever=19 --nogpg --installroot=/srv/mycontainer
> --disablerepo='*' --enablerepo=fedora install systemd passwd yum
> fedora-release vim-minimal
> ... lots of output
>
> $ ls /srv/mycontainer/
> bin boot dev etc home lib lib64 media mnt opt proc root
> run sbin srv sys tmp usr var
>
> $ cat test2.xml
> <domain type='lxc'>
> <name>test2</name>
> <memory>102400</memory>
> <os>
> <type arch='x86_64'>exe</type>
> <init>/bin/systemd</init>
> </os>
> <devices>
> <console type='pty'/>
> <filesystem type='mount'>
> <source dir='/srv/mycontainer'/>
> <target dir='/'/>
> </filesystem>
> </devices>
> </domain>
>
> $ virsh define test2.xml
> Domain test2 defined from test2.xml
>
> $ virsh start test2
> Domain test2 started
>
> # Attach to container to set account passwords
> $ sudo nsenter -m -u -i -n -p -t `pgrep -f test2`
> [sudo] password for mhicks:
> [root at localhost /]# diff -q /srv/mycontainer/etc/passwd /etc/passwd
> Files /srv/mycontainer/etc/passwd and /etc/passwd differ
>
> Any ideas?
Your pgrep is probably selecting the wrong process. You want to attach
to the 'systemd' process, but I think your pgrep will find the 'libvirt_lxc'
process instead.
You shoudn't really use nsenter at all - use
virsh -c lxc:/// lxc-enter-namespace test2 /bin/sh
and it should "do the right thing" automatically finding the processes
and namespaces.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvirt-users
mailing list