4

I created a lxc container with sudo lxc-create -n ubuntu-trusty-amd64 -t ubuntu -- --arch amd64 --release trusty on Ubuntu 14.04 with lxc 1.0.5-0ubuntu0.1 and realized that there're no device files in /dev/ for my HDDs. How can I make them available (via device file or a similar workaround) in the lxc so that I can mount the device?

I figured (with muru's link in comments) that adding

lxc.hook.autodev = /path/to/script

to a config file (which BTW?) is necessary and script contains a mknod statement, but I don't understand the usage of mknod.

ls -a /dev/ in the lxc gives

.         dsp1   loop3   midi03      port   ram15   rmidi0     stderr  tty7
..        dsp2   loop4   midi1       ptmx   ram16   rmidi1     stdin   tty8
agpgart   dsp3   loop5   midi2       pts    ram2    rmidi2     stdout  tty9
audio     fd     loop6   midi3       ram    ram3    rmidi3     tty     urandom
audio1    full   loop7   mixer       ram0   ram4    sequencer  tty0    zero
audio2    kmem   lxc     mixer1      ram1   ram5    shm        tty1
audio3    kmsg   mem     mixer2      ram10  ram6    smpte0     tty2
audioctl  log    midi0   mixer3      ram11  ram7    smpte1     tty3
console   loop0  midi00  mpu401data  ram12  ram8    smpte2     tty4
core      loop1  midi01  mpu401stat  ram13  ram9    smpte3     tty5
dsp       loop2  midi02  null        ram14  random  sndstat    tty6

I tried to mount the device file (although it seems strange). Therefore the mountpoint under /var/lib/lxc/<name>/rootfs/dev/ has to be created. Creating a file with touch doesn't work because the host can't mount a device file under a file. Creating a directory with mkdir on the host works, but doesn't allow to mount it in the lxc because it's recognized as directory.

It should be possible to create a dd image of the device using the device file inside the lxc, for example.

Kalle Richter
  • 6,180
  • 21
  • 70
  • 103
  • If you can make sense of it, see what the Arch Wiki has to say: https://wiki.archlinux.org/index.php/Linux_Containers#Add_non-default_devices – muru Sep 25 '14 at 01:45
  • @muru I get the idea, see edits. – Kalle Richter Sep 25 '14 at 02:00
  • Just checking, what if you do something like lxc.cgroup.devices.allow = b 8:* rwm in the LXC configuration? – muru Sep 25 '14 at 02:07
  • I added it exactly to /var/lib/lxc/<name>/config and started the lxc, but no HDD device files in /dev/. – Kalle Richter Sep 25 '14 at 02:15
  • In that case, I think you'll have to go roundabout: http://unix.stackexchange.com/q/69072 – muru Sep 25 '14 at 02:17
  • That explains how to mount a folder, but for device file it's different (a device can't be mounted at another location as far as I'm concerned), see edits. – Kalle Richter Sep 25 '14 at 02:27

2 Answers2

3

fstab option

You probably want to use the fstab file:

$ cat /var/lib/lxc/ubuntu-trusty-amd64/fstab
/dev/sdc1   mnt/sdc ext4    noatime 0 0

It's important that the mountpoint (2nd argument) doesn't begin with a slash, otherwise the LXC script tries to mount the filesystem in the host os.

On Ubuntu, the file should aready exist but empty. If not, just create it and make sure you have the following line in your config file:

$ grep fstab /var/lib/lxc/ubuntu-trusty-amd64/config
lxc.mount = /var/lib/lxc/ubuntu-trusty-amd64/fstab

device option

If you really need access to your device, you can make it available in your container:

$ grep devices /var/lib/lxc/ubuntu-trusty-amd64/config
lxc.cgroup.devices.allow = b 8:1 rwm

This will make /dev/sda1 available in your container (8:1 is the block device major:minor).

But this will not be enough. Your container normally doesn't have the permission to mount any file system. You will need to use the following line or a similar trick too:

$ grep profile /var/lib/lxc/ubuntu-trusty-amd64/config
lxc.aa_profile = unconfined

Warning: this allows much more than just mounting

shared directory option

If you want to access your data from multiple containers (and the host os), you may want to use the most common solution: Similar to the first option, use the fstab to bind-mount a aready-mounted directory to your container:

$ cat /var/lib/lxc/ubuntu-trusty-amd64/fstab
/mnt/mydata mnt/mydata  none bind 0 0

Again: the first argument is the source, the directory in your host os. The second argument is the directory in your container, relative to its root. Again: DONT PUT A SLASH IN FRONT OF THE SECOND ARGUMENT.

If you don't want to create the directory in your container, you can do this automatically be using the options bind,create=dir instead of simply bind

Daniel Alder
  • 2,426
0

There are two methods. I only mention the easiest one. Everything is done in the host but you will find your device mounted in the container!

Mount the device somewhere in the host as usual, e.g use the following command to mount /dev/sdb1 in /mnt/myharddisk:

mount /dev/sdb1 /mnt/myharddisk

Create mount point of the container in the host:

mkdir /var/lib/lxc/ubuntu-trusty-amd64/rootfs/media/myfiles

To mount it in container temporarily use this in the host:

mount -o bind /mnt/myharddisk /var/lib/lxc/ubuntu-trusty-amd64/rootfs/media/myfiles

To mount it permanently add the following line at the end of container's fstab (/var/lib/lxc/ubuntu-trusty-amd64/fstab):

/mnt/myharddisk /var/lib/lxc/ubuntu-trusty-amd64/rootfs/media/myfiles none bind 0 0
SuB
  • 4,229
  • 5
  • 24
  • 33