Re: [vserver] Issue with OverlayFS in 3.18

From: Corey Wright <undefined_at_pobox.com>
Date: Sun 22 Feb 2015 - 20:42:56 GMT
Message-Id: <20150222144256.6aa54fc1c16e6d754f486834@pobox.com>

On Sun, 22 Feb 2015 21:10:45 +0100
Oliver Welter <mail@oliwel.de> wrote:

> Am 22.02.2015 um 20:05 schrieb Corey Wright:
> > On Sun, 22 Feb 2015 17:10:20 +0100
> > Oliver Welter <mail@oliwel.de> wrote:
> >
> >> Am 22.02.2015 um 17:01 schrieb Herbert Poetzl:
> >>
> >> --snipped--
> >>
> >>> Documentation says it should be a character device with
> >>> major/minor 0/0, so allowing that device should do the
> >>> job, no further modification required.
> >>>
> >> Yes that is correct - is there a way to do so with the current kernel
> >> patches or do we(you) need to modify the patch.
> >
> > i would guess:
> >
> > mknod ${WHITEOUT} c 0 0
> >
> > which seems to be confirmed by the script attached to the end of this
> > email [1], though i'm not sure where this whiteout device is suppose to
> > reside (same directory as mount point for overlay?).
> >
> > you should be able to mknod the whiteout device from the host in the vserver
> > (eg "mknod /vservers/${VNAME}/mnt/whiteout c 0 0") or allow the guest to
> > create it (using cgroup device whitelist controller or vdevmap).
> >
> There is no single whiteout device, overlayfs creates a 0/0 item for
> each deleted item ( using the name of the deleted file )

yeah, it would have helped if i would have not stopped short with the first
search hit, but read the kernel documentation [1]. :)

as a simple test, you could try giving the vserver MKNOD ("echo MKNOD >>
/etc/vservers/${VSERVER}/bcapabilities"; as compared to the all-powerful
CAP_SYS_ADMIN) and if that works, then whitelist the char 0:0 device with
cgroup device whitelisting (eg this paste [2], as i previously referenced on
irc [3]).

[1] Documentation/filesystems/overlayfs.txt
[2] http://pastebin.com/SqCMmkpA
[3] http://irc.13thfloor.at/LOG/2014-11/LOG_2014-11-28.txt

corey

--
undefined@pobox.com
> Oli
> 
> 
> -- 
> Protect your environment -  close windows and adopt a penguin!
Received on Sun Feb 22 20:43:10 2015
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 22 Feb 2015 - 20:43:10 GMT by hypermail 2.1.8