[lxc-devel] Howto user namespaces?
richard -rw- weinberger
richard.weinberger at gmail.com
Thu Apr 11 15:36:15 UTC 2013
On Thu, Apr 11, 2013 at 5:03 PM, Eric W. Biederman
<ebiederm at xmission.com> wrote:
> richard -rw- weinberger <richard.weinberger at gmail.com> writes:
>
>> On Thu, Apr 11, 2013 at 7:03 AM, Eric W. Biederman
>> <ebiederm at xmission.com> wrote:
>>> richard -rw- weinberger <richard.weinberger at gmail.com> writes:
>>>> {st_mode=S_IFCHR|0644, st_rdev=makedev(5, 1), ...}) = 0
>>>> [pid 3100] chmod("/dev/pts/5", 020644) = -1 EPERM (Operation not permitted)
>>>
>>> I am puzzled why we don't see something to create /dev/pts/5 in this trace.
>>
>> I have also no idea.
>> Please see both attached strace logs (linux v3.9-rc6, lxc 0.9.0).
>> One with lxc.autodev = 0, the other with = 1.
>
> I have read through and I can see why you are failing.
> With autodev you are failing with mknod /dev/null.
> Without autodev you are creating pts (I assume to represent /dev/ttyN)
> before creating the user namespace and then there is a permission
> problem with chmod.
>
> Both of which seem like correct behavior from the kernels standpoint.
>
>> My lxc config:
>> ----
>> lxc.network.type = empty
>> lxc.rootfs = /var/lib/lxc/test2/rootfs
>> lxc.utsname = test2
>> lxc.autodev = 0
>> lxc.tty = 4
>
> Let me suggest setting lxc.tty = 0. So you don't get tty creation
> and see how far that goes.
Both lxc.tty = 0 and lxc.pts = 0 trigger the same error.
lxc-start: Operation not permitted - failed to set mode '020644' to '/dev/pts/1'
To me it looks like lxc is trying to chmod /dev/pts/1 outside of the container.
Thanks,
//richard
More information about the lxc-devel
mailing list