Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Rainer Weikusat <rweikusat@talktalk.net>
Newsgroups: alt.os.linux.slackware,comp.os.linux.misc,comp.os.linux.development.apps,comp.unix.programmer
Subject: Re: Need advice about fixing PROC mount failures in a DIY Linux container
Date: Mon, 09 Jan 2023 19:27:13 +0000
Lines: 30
Message-ID: <87mt6ry0dq.fsf@doppelsaurus.mobileactivedefense.com>
References: <tpahpv$3a27i$1@dont-email.me> <tpaker$3advh$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: individual.net jJrSaswAZ5HPWeVOjLS7qg1s5YsDbKz7XkyeC9s1eTwN63wHE=
Cancel-Lock: sha1:jJdV7dlGbEkGGlM4bJkYAWulrw0= sha1:cPph/9Q9TBi8/PNruz8oOLjz9SA=
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
Xref: csiph.com alt.os.linux.slackware:33974 comp.os.linux.misc:36673 comp.os.linux.development.apps:920 comp.unix.programmer:14133

Lew Pitcher <lew.pitcher@digitalfreehold.ca> writes:

[...]

> Well, I can answer my own question, now. But the answer
> leads to more questions.
>
> The reason I get "Operation not permitted" on the
> container /proc mount on my "production" system is that
> I also run an nfs server on my "production" system (and
> do not run one on my development system), and is nfs
> server maintains two mountpoints within the /proc
> filesystem.
>
> Apparently, the attempt to mount /proc within my container
> was blocked by the existance of these two mount points
> (/proc/fs/nfs and /proc/fs/nfsd), as when I shut down my
> rpc and nfs servers, and umounted these two mounts, I could
> successfully run my demo container.
>
> /Now/ the question is: how do I get my container /proc mount
> to ignore or bypass these two nfsd mounts?

Instead of doing a bind mount of a proc filesystem already mounted
somewhere, you could mount a new instance of it. The command for this
would be

mount -t proc proc <mount point>

You'll generally also want to mount sysfs, BTW.