<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    On 16/11/17 14:58, Saint Michael wrote:<br>

    <blockquote type="cite"

cite="mid:CAC9cSOBVAURVEFoOug33f3GVVigriXUzaP3mBi7STHBPz50PSw@mail.gmail.com">

      <div dir="ltr">

        <div class="gmail_default" style="font-size:small">lxc.mount.entry

          = proc proc proc nodev,noexec,nosuid 0 0<br>

          lxc.mount.entry = sysfs sys sysfs defaults  0 0<br>

          lxc.mount.entry = /cdr cdr none bind 0 0<br>

          lxc.mount.auto = cgroup:mixed<br>

          lxc.tty = 10<br>

          lxc.pts = 1024<br>

          lxc.cgroup.devices.deny = a<br>

          lxc.cgroup.devices.allow = c 1:3 rwm<br>

          lxc.cgroup.devices.allow = c 1:5 rwm<br>

          lxc.cgroup.devices.allow = c 5:1 rwm<br>

          lxc.cgroup.devices.allow = c 5:0 rwm<br>

          lxc.cgroup.devices.allow = c 4:0 rwm<br>

          lxc.cgroup.devices.allow = c 4:1 rwm<br>

          lxc.cgroup.devices.allow = c 1:9 rwm<br>

          lxc.cgroup.devices.allow = c 1:8 rwm<br>

          lxc.cgroup.devices.allow = c 136:* rwm<br>

          lxc.cgroup.devices.allow = c 5:2 rwm<br>

          lxc.cgroup.devices.allow = c 254:0 rwm<br>

          lxc.cgroup.devices.allow = c 10:137 rwm # loop-control<br>

          lxc.cgroup.devices.allow = b 7:* rwm    # loop*<br>

          lxc.cgroup.devices.allow = c 10:229 rwm #fuse<br>

          lxc.autodev = 0<br>

          lxc.aa_profile = unconfined<br>

          lxc.cap.drop=</div>

        <div class="gmail_default" style="font-size:small">lxc.network.type

          = phys<br>

          lxc.network.flags = up<br>

          lxc.network.link = eth6<br>

          <a href="http://lxc.network.name" moz-do-not-send="true">lxc.network.name</a>

          = eth0<br>

          lxc.network.ipv4 = <a href="http://0.0.0.0/27"

            moz-do-not-send="true">0.0.0.0/27</a></div>

        <div class="gmail_default" style="font-size:small">lxc.network.type

          = macvlan<br>

          lxc.network.flags = up<br>

          lxc.network.link = eth3<br>

          <a href="http://lxc.network.name" moz-do-not-send="true">lxc.network.name</a>

          = eth1<br>

          lxc.network.macvlan.mode = bridge<br>

          lxc.network.ipv4 = <a href="http://0.0.0.0/24"

            moz-do-not-send="true">0.0.0.0/24</a></div>

        <div class="gmail_default" style="font-size:small"><br>

          lxc.start.auto = 1<br>

          lxc.start.delay = 5<br>

          lxc.start.order = 0<br>

          lxc.rootfs = /data/iplinkcdr/rootfs<br>

          lxc.rootfs.backend = dir<br>

          lxc.utsname = iplinkcdr<br>

        </div>

      </div>

    </blockquote>

    <br>

    It does not look as config created by lxc-create. Does same thing

    happen if you use `lxc-create -t download`?<br>

    <br>

    Looking at your config, I most notably don't see `lxc.devttydir =

    lxc`. Although according to man it should not directly cause effect

    you described, but I'd still try to add it and see. `lxc.console` is

    also a good thing to try, although it is not set in my system too.

    Probably it can be the easiest fix.<br>

    <br>

    I don't run with `lxc.aa_profile = unconfined` and `lxc.cap.drop=`,

    so in your system container can do more things than it can do here.<br>

    <br>

    <div class="moz-signature">

      --<br>

      <br>

      With Best Regards,<br>

      Marat Khalili<br>

    </div>

    <br>

  </body>

</html>