Fix dirsrv restart when pod is restarted

[avisiedo]

Fix the error message at dirsrv log:

Error - Problem accessing the lockfile /var/lock/dirsrv/slapd-.../lock

By mounting '/var/lock/dirsrv' as tmpfs.

[openshift-ci[bot]]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: avisiedo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/freeipa/freeipa-operator/blob/master/OWNERS)~~ [avisiedo] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[tiran]

On my system /var/lock is a symlink to /run/lock and the entire /run directory is mounted as tmpfs. In theory it should be sufficient to mount /run as tmpfs and let system-tmpfiles create the symlinks on start.

[avisiedo]

Thanks @tiran ; adding systemd-tmpfiles --create here (https://github.com/freeipa/freeipa-openshift-container/pull/23/files).

Closing this ticket.

[frasertweedale]

FYI, systemd-tmpfiles does not work in user namespace (for tmpfs filesystems, because the owner is root on the host and is unmapped in the user namespace).

[frasertweedale]

I might look into whether we can modify runc to chown tmpfs mounts to the host UID corresponding to UID 0 (or the process UID) in the container's user namespace. (Similar to what we have done for cgroupfs).