Bug 1067489

Summary: libvirt_lxc namespace and umount in global namespace
Product: [Community] Virtualization Tools Reporter: Olivier Nicaise <oliviernicaise>
Component: libvirtAssignee: Libvirt Maintainers <libvirt-maint>
Status: CLOSED DEFERRED QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: crobinso, oliviernicaise, rbalakri
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-05-02 14:28:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Olivier Nicaise 2014-02-20 14:29:11 UTC 
Description of problem:

I am currently having an issue with the libvirt_lxc binary that is launched when starting a lxc instance using libvirt. This process seems to have its own namespace for mounts. 
What happens is that if I umount something in the global namespace, it stays mounted in the libvirt_lxc namespace.
I'm working with drbd, and after unmounting the mount point, I want to change the state of the drbd resource as Secondary. But if fails. Indeed, libvirt_lxc has still the resource which is mounted in its namespace.

Version-Release number of selected component (if applicable):
1.1.1

How reproducible:
Everytime

Steps to Reproduce:
- Mount a drbd file system
- Start a lxc instance with libvirt (which does not involve the drbd file system mounted in point 1)
- Umount the drbd file system
- Set the drbd resource as secondary. => Does not work
I think it should also fail with other device types that can be unloaded but I did not test it (LVM, loop devices,...)

Expected results:
Drbd resource successfully changes state to secondary 

Additional info:
Confirmed as a bug by Daniel P. Berrange on the user mailing list:

Ahh, interesting scenario that I'd not considered. With LXC there are
in fact 3 mounts namespaces in play

 - The host OS namespace
 - The libvirt_lxc namespace
 - The actual container namespace

The libvirt_lxc namespace is basically the same as the host namespace,
but with the addition of a devpts for the container's /dev/pts.

We explicitly don't allow dynamic changes to propagate from the host
OS to the container namespace, however, it sounds like we *should*
allow host OS changes to propagage to the libvirt_lxc process
namespace.
Comment 1 Cole Robinson 2016-04-10 17:51:38 UTC 
Sorry this bug never received a response Olivier. Do you know if this is still relevant with newer libvirt?
Comment 2 Cole Robinson 2016-05-02 14:28:11 UTC 
Since there's no response, closing as DEFERRED. But if anyone is still affected with newer libvirt versions, please re-open and we can triage from there