[lxc-users] monitoring containers using lxc-info (without being root)
Yonsy Solis
yonsy.s.p at gmail.com
Mon May 11 18:31:49 UTC 2015
On Mon, May 11, 2015 at 1:11 PM, Harald Dunkel
<harald.dunkel at aixigo.de> wrote:
> H folks,
>
> I would like to monitor my containers using lxc-info (lxc 1.1.2)
> run by an unprivileged user. Problem:
>
> % lxc-info -P /var/lib/lxc -n sample -c lxc.start.auto
> Insufficent privileges to control sample
> % ls -al /var/lib/lxc/sample
> total 16
> drwxr-xr-x 3 root root 4096 May 11 19:40 .
> drwxr-xr-x 16 root root 4096 Aug 14 2014 ..
> -rwxr-xr-x 1 root root 2113 Aug 8 2014 config
> drwxr-x--- 25 root root 4096 Oct 8 2014 rootfs
> -rw------- 1 root root 0 Mar 2 2013 rootfs.hold
>
> How comes? Looking at the access permissions lxc-info -c lxc.something
> should work. Surely I don't want to "control" the container.
Your user is unprivileged but your container is not. If you create your
container with sudo lxc-create/sudo lxc-clone then you need ALWAYS sudo
for lxc-info, lxc-clone, lxc-destroy, etc.
You only can work with unprivileged user AND unprivileged containers,
more info you can see here [1], read "Basic unprivileged usage".
[1] https://help.ubuntu.com/lts/serverguide/lxc.html#lxc-basic-usage
Yonsy Solis
More information about the lxc-users
mailing list