Closed avisiedo closed 2 years ago
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: avisiedo
The full list of commands accepted by this bot can be found here.
The pull request process is described here
On my system /var/lock
is a symlink to /run/lock
and the entire /run
directory is mounted as tmpfs. In theory it should be sufficient to mount /run
as tmpfs and let system-tmpfiles
create the symlinks on start.
Thanks @tiran ; adding systemd-tmpfiles --create
here (https://github.com/freeipa/freeipa-openshift-container/pull/23/files).
Closing this ticket.
FYI, systemd-tmpfiles does not work in user namespace (for tmpfs filesystems, because the owner is root on the host and is unmapped in the user namespace).
I might look into whether we can modify runc to chown tmpfs mounts to the host UID corresponding to UID 0 (or the process UID) in the container's user namespace. (Similar to what we have done for cgroupfs).
Fix the error message at dirsrv log:
By mounting '/var/lock/dirsrv' as tmpfs.