On Mon, Jul 22, 2013 at 11:08:07AM -0400, Matt Hicks wrote: > Warning - I'm fairly new to libvirt, lxc and systemd so there is a > good chance I'm doing something terribly wrong here. However, > instead of continuing to struggle, I figured I would mail the list > for some advice. What I'm trying to accomplish is a libvirt-lxc, > systemd-based container running on my system (Fedora 19). I've read > that sharing the underlying OS filesystem with the containers > doesn't work, so I've installed a minimal Fedora 19 install in > /srv/mycontainer. Everything seems to work okay but what I'm > struggling with is how to setup the initial accounts. I've tried to > attach to the container using 'nsenter' (entering all the > namespaces) but it doesn't appear that the bind mounts are in place. > For example, I see the /etc/passwd for my host OS, not the > container. Is there a better way to setup the initial accounts on > the container? > > Here is what I have installed: > > $ rpm -qa | grep lxc > libvirt-daemon-driver-lxc-1.0.5.2-1.fc19.x86_64 > libvirt-daemon-lxc-1.0.5.2-1.fc19.x86_64 > > $ rpm -qa | grep systemd > systemd-libs-204-9.fc19.x86_64 > systemd-python-204-9.fc19.x86_64 > systemd-sysv-204-9.fc19.x86_64 > systemd-libs-204-9.fc19.i686 > systemd-204-9.fc19.x86_64 > > > Here is the scenario I'm trying to go through: > > $ export LIBVIRT_DEFAULT_URI=lxc:/// > $ getenforce > Enforcing > > $ sudo yum -y --releasever=19 --nogpg --installroot=/srv/mycontainer > --disablerepo='*' --enablerepo=fedora install systemd passwd yum > fedora-release vim-minimal > ... lots of output > > $ ls /srv/mycontainer/ > bin boot dev etc home lib lib64 media mnt opt proc root > run sbin srv sys tmp usr var > > $ cat test2.xml > <domain type='lxc'> > <name>test2</name> > <memory>102400</memory> > <os> > <type arch='x86_64'>exe</type> > <init>/bin/systemd</init> > </os> > <devices> > <console type='pty'/> > <filesystem type='mount'> > <source dir='/srv/mycontainer'/> > <target dir='/'/> > </filesystem> > </devices> > </domain> > > $ virsh define test2.xml > Domain test2 defined from test2.xml > > $ virsh start test2 > Domain test2 started > > # Attach to container to set account passwords > $ sudo nsenter -m -u -i -n -p -t `pgrep -f test2` > [sudo] password for mhicks: > [root@localhost /]# diff -q /srv/mycontainer/etc/passwd /etc/passwd > Files /srv/mycontainer/etc/passwd and /etc/passwd differ > > Any ideas? Your pgrep is probably selecting the wrong process. You want to attach to the 'systemd' process, but I think your pgrep will find the 'libvirt_lxc' process instead. You shoudn't really use nsenter at all - use virsh -c lxc:/// lxc-enter-namespace test2 /bin/sh and it should "do the right thing" automatically finding the processes and namespaces. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
