|
|
zulip example
|
data/db1.bench.vol.cloud18 /docker-entrypoint-initdb.d zfs rw,relatime,xattr,noacl 0 0
|
data/db1.bench.vol.cloud18 /etc/mysql zfs rw,relatime,xattr,noacl 0 0
|
data/db1.bench.vol.cloud18 /run/mysqld zfs rw,relatime,xattr,noacl 0 0
|
/dev/md127 /usr/share/zoneinfo/Etc/UTC ext4 ro,relatime 0 0
|
/dev/zd0 /etc/resolv.conf ext4 rw,relatime,stripe=2 0 0
|
/dev/zd0 /etc/hostname ext4 rw,relatime,stripe=2 0 0
|
/dev/zd0 /etc/hosts ext4 rw,relatime,stripe=2 0 0
|
data/db1.bench.vol.cloud18/data /var/lib/mysql zfs rw,relatime,xattr,noacl 0 0
|
data/db1.bench.vol.cloud18/tmp /var/lib/mysql/.system/tmp zfs rw,relatime,xattr,noacl 0 0
|
data/db1.bench.vol.cloud18/binlog /var/lib/mysql/.system/repl zfs rw,relatime,xattr,noacl 0 0
|
data/db1.bench.vol.cloud18/redo /var/lib/mysql/.system/innodb/redo zfs rw,relatime,xattr,noacl 0 0
|
$ podman run --rm mariadb mount
|
fuse-overlayfs on / type fuse.fuse-overlayfs (rw,noatime,user_id=0,group_id=0,default_permissions,allow_other)
|
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime,seclabel)
|
tmpfs on /dev type tmpfs (rw,nosuid,context="system_u:object_r:container_file_t:s0:c336,c955",size=65536k,mode=755,uid=1000,gid=1000,inode64)
|
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
|
tmpfs on /etc/hostname type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=1608208k,nr_inodes=402052,mode=700,uid=1000,gid=1000,inode64)
|
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime,seclabel)
|
shm on /dev/shm type tmpfs (rw,relatime,context="system_u:object_r:container_file_t:s0:c336,c955",size=64000k,uid=1000,gid=1000,inode64)
|
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,context="system_u:object_r:container_file_t:s0:c336,c955",gid=100004,mode=620,ptmxmode=666)
|
tmpfs on /run/.containerenv type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=1608208k,nr_inodes=402052,mode=700,uid=1000,gid=1000,inode64)
|
tmpfs on /run/secrets type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=1608208k,nr_inodes=402052,mode=700,uid=1000,gid=1000,inode64)
|
tmpfs on /etc/resolv.conf type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=1608208k,nr_inodes=402052,mode=700,uid=1000,gid=1000,inode64)
|
tmpfs on /etc/hosts type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=1608208k,nr_inodes=402052,mode=700,uid=1000,gid=1000,inode64)
|
cgroup2 on /sys/fs/cgroup type cgroup2 (ro,nosuid,nodev,noexec,relatime,seclabel,nsdelegate,memory_recursiveprot)
|
/dev/mapper/fedora_localhost--live-home on /var/lib/mysql type ext4 (rw,nosuid,nodev,relatime,seclabel)
|
devtmpfs on /dev/null type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
devtmpfs on /dev/zero type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
devtmpfs on /dev/full type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
devtmpfs on /dev/tty type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
devtmpfs on /dev/random type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
devtmpfs on /dev/urandom type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
tmpfs on /proc/acpi type tmpfs (ro,relatime,context="system_u:object_r:container_file_t:s0:c336,c955",size=0k,uid=1000,gid=1000,inode64)
|
devtmpfs on /proc/kcore type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
devtmpfs on /proc/keys type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
devtmpfs on /proc/latency_stats type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
devtmpfs on /proc/timer_list type devtmpfs (rw,nosuid,seclabel,size=4096k,nr_inodes=131072,mode=755,inode64)
|
tmpfs on /proc/scsi type tmpfs (ro,relatime,context="system_u:object_r:container_file_t:s0:c336,c955",size=0k,uid=1000,gid=1000,inode64)
|
tmpfs on /sys/firmware type tmpfs (ro,relatime,context="system_u:object_r:container_file_t:s0:c336,c955",size=0k,uid=1000,gid=1000,inode64)
|
tmpfs on /sys/fs/selinux type tmpfs (ro,relatime,context="system_u:object_r:container_file_t:s0:c336,c955",size=0k,uid=1000,gid=1000,inode64)
|
tmpfs on /sys/dev/block type tmpfs (ro,relatime,context="system_u:object_r:container_file_t:s0:c336,c955",size=0k,uid=1000,gid=1000,inode64)
|
proc on /proc/asound type proc (ro,relatime)
|
proc on /proc/bus type proc (ro,relatime)
|
proc on /proc/fs type proc (ro,relatime)
|
proc on /proc/irq type proc (ro,relatime)
|
proc on /proc/sys type proc (ro,relatime)
|
proc on /proc/sysrq-trigger type proc (ro,relatime)
|
The df mechanism ref, df's filtering mechanism seems a little too elaborate.
So if instead of ^/ inclusive filtering, if start by excluding:
- ro mounts
- mount points that aren't a directory (i.e. files and devices)
- /proc and /sys
Anything else?
|