<div dir="ltr">Thanks for the tip about Oracle Linux, that's good to know.<div><br></div><div>Jake</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Aug 22, 2016 at 1:00 AM, Fajar A. Nugraha <span dir="ltr"><<a href="mailto:list@fajar.net" target="_blank">list@fajar.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class="">On Mon, Aug 22, 2016 at 1:47 AM, Janjaap Bos <span dir="ltr"><<a href="mailto:janjaapbos@gmail.com" target="_blank">janjaapbos@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><p dir="ltr">If installing the package in unprivileged mode was the problem, could you then run the image unprivileged after installing the package in privileged mode?</p>
<div class="gmail_extra"><br></div></blockquote><div><br></div><div><br></div></span><div>Yup, that should be one way to workaround that issue. Switching between priv <-> unpriv is easy enough in lxd: lxc stop, lxc config edit, lxc start.</div><div><br></div><div>Another workaround would be to switch to oracle 7 container (lxc launch images:oracle/7/amd64 o7). just tested, http-2.4.6-40.0.1.el7_2.4 installs fine in the default unpriv container. Not sure why.</div><div><br></div><div>Probably because the image contains lxc-patch plugin for yum, or because oracle has rebuild their httpd rpm to disable filecap?</div><span class="HOEnZb"><font color="#888888"><div><br></div><div>-- </div><div>Fajar</div></font></span><span class=""><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="gmail_extra"><div class="gmail_quote">Op 21 aug. 2016 19:11 schreef "jjs - mainphrame" <<a href="mailto:jjs@mainphrame.com" target="_blank">jjs@mainphrame.com</a>>:<div><div><br type="attribution"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Running postfix in and of itself did not appear to be problematic, but the maia mailguard antispam system as a whole includes postfix, clamd, spamassassin, maiad, httpd, perl and mysql, not all of which were happy running unprivileged. The factor that pushed me to a privileged container was the inability to install a package which set capabilities. Unfortunately I had a lot to do, and wasn't able to devote a lot of time to the issue; the easy answer was to go to a privileged container. <div><br></div><div>Jake<br><div><br></div><div><br></div></div></div></blockquote></div></div></div></div></blockquote></span></div></div></div>
<br>______________________________<wbr>_________________<br>
lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.<wbr>linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.<wbr>org/listinfo/lxc-users</a><br></blockquote></div><br></div>