<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/4.2.3">
</HEAD>
<BODY>
I'm glad in the end it worked out for you, I hope this thread helps some other poor soul out there that decided to repeat our mistakes :).<BR>
<BR>
Cheers,<BR>
--ilf<BR>
<BR>
On Wed, 2012-03-07 at 13:01 +0100, Mauras Olivier wrote:<BR>
<BLOCKQUOTE TYPE=CITE>
I can say that it's true now :)<BR>
I did multiple tests, and i've been induced in erroneous conclusions by having "newinstances" flag for devpts on the host.<BR>
You're true you need to remove the devpts entry from the guest to make it work correctly.<BR>
<BR>
Thanks again,<BR>
Olivier<BR>
<BR>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
On Tue, Mar 6, 2012 at 11:06 AM, Iliyan Stoyanov <<A HREF="mailto:ilf@ilf.me">ilf@ilf.me</A>> wrote:
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE>
Hi Mauras,<BR>
<BR>
Do you by any chance have an fstab file in your container's /etc directory that is trying to mount devpts fs also. I had this issue a week ago with some of my SL6.2 containers on a fedora 16 host. After removing everything /dev/pts related from the fstab in the /etc directory of the containers, everything magically worked.<BR>
<BR>
BR,<BR>
--ilf
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE>
<BR>
<BR>
On Tue, 2012-03-06 at 10:54 +0100, Mauras Olivier wrote:<BR>
<BR>
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
Hello,<BR>
<BR>
I've finally successfully migrated my SMACK setup over SElinux to isolate my containers - Thanks to the folks on #selinux@freenode - on a Scientific Linux 6.2 host. (I may share my policy with some details if some of you are interested)<BR>
So far so good, after loads of hits and misses almost everything works correctly.<BR>
<BR>
The only thing that is not, is the multiple devpts instances. It seems that when specifying "lxc.pts" option in the container config, ssh stops working while /dev/pts is correctly mounted _but_ is still showing pts devices from the host.<BR>
There's no specific selinux avc denials, and ssh rejects the shell connection with that kind of errors found when /dev/pts is not correctly mounted:<BR>
<BR>
sshd[552]: error: ssh_selinux_setup_pty: security_compute_relabel: No such file or directory<BR>
sshd[556]: error: ioctl(TIOCSCTTY): Operation not permitted<BR>
sshd[556]: error: open /dev/tty failed - could not set controlling tty: No such device or address<BR>
<BR>
As you may guess /dev/tty is present and /dev/pts is correclty mounted as i can do: ssh root@container "ls -la /dev/pts"<BR>
Only assigning the pts device for the shell doesn't...<BR>
<BR>
<BR>
Have any of you also hit this problem? Did you find a solution?<BR>
<BR>
<BR>
Regards,<BR>
Olivier<BR>
<BR>
<BR>
Ps: Using lxc 0.7.5
</BLOCKQUOTE>
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<PRE>
------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
<A HREF="http://p.sf.net/sfu/learndevnow-d2d">http://p.sf.net/sfu/learndevnow-d2d</A>
_______________________________________________ Lxc-users mailing list <A HREF="mailto:Lxc-users@lists.sourceforge.net">Lxc-users@lists.sourceforge.net</A> <A HREF="https://lists.sourceforge.net/lists/listinfo/lxc-users">https://lists.sourceforge.net/lists/listinfo/lxc-users</A>
</PRE>
</BLOCKQUOTE>
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BR>
</BLOCKQUOTE>
</BODY>
</HTML>