Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

BOFH excuse #132: SCSI Chain overterminated

comp / comp.unix.programmer / Re: Need advice about fixing PROC mount failures in a DIY Linux container

SubjectAuthor
o Re: Need advice about fixing PROC mount failures in a DIY Linux containerJohn-Paul Stewart

1
Subject: Re: Need advice about fixing PROC mount failures in a DIY Linux container
From: John-Paul Stewart
Newsgroups: alt.os.linux.slackware, comp.os.linux.misc, comp.os.linux.development.apps, comp.unix.programmer
Followup: comp.os.linux.misc
Date: Sat, 7 Jan 2023 16:41 UTC
References: 1 2
Path: eternal-september.org!news.eternal-september.org!reader01.eternal-september.org!news.szaf.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: jpstewart@personalprojects.net (John-Paul Stewart)
Newsgroups: alt.os.linux.slackware,comp.os.linux.misc,comp.os.linux.development.apps,comp.unix.programmer
Subject: Re: Need advice about fixing PROC mount failures in a DIY Linux
container
Followup-To: comp.os.linux.misc
Date: Sat, 7 Jan 2023 11:41:34 -0500
Lines: 33
Message-ID: <k1tln0F7l9eU1@mid.individual.net>
References: <tpahpv$3a27i$1@dont-email.me> <tpaker$3advh$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Trace: individual.net ZlWikvPPTVdUIhZ9EElu1woN9J7jUWLT/OV7ABEwIvX0Nu18aS
Cancel-Lock: sha1:MDAJOWsnfYzH+XCEWuZ/oUReyCc=
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.6.0
Content-Language: en-CA
In-Reply-To: <tpaker$3advh$1@dont-email.me>
View all headers

[Followups set to comp.os.linux.misc since I don't read any of the other
groups]

On 1/6/23 21:12, Lew Pitcher wrote:
>
> The reason I get "Operation not permitted" on the
> container /proc mount on my "production" system is that
> I also run an nfs server on my "production" system (and
> do not run one on my development system), and is nfs
> server maintains two mountpoints within the /proc
> filesystem.
>
> Apparently, the attempt to mount /proc within my container
> was blocked by the existance of these two mount points
> (/proc/fs/nfs and /proc/fs/nfsd), as when I shut down my
> rpc and nfs servers, and umounted these two mounts, I could
> successfully run my demo container.
>
> /Now/ the question is: how do I get my container /proc mount
> to ignore or bypass these two nfsd mounts?

In your OP you showed that you've got MS_REC in the mountflags field,
which will cause a recursive mount; i.e., you've explicitly asked for
the inclusion of the NFS-related subtrees. Have you tried without that
flag? MS_BIND would seem a more appropriate choice instead, IMHO, since
it doesn't do the recursion. Then, by default, the subtrees will be
excluded.

See also the section on "Changing the propagation type of an existing
mount" in the mount(2) man page for other ways to prevent the NFS
subtrees from being processed recursively. That might be relevant if
you want to recurse into other parts of the /proc tree, just not the two
directories you've named.

1

rocksolid light 0.9.8
clearnet tor