[Lxc-users] setrlimit(3) and containers
Daniel Lezcano
daniel.lezcano at free.fr
Fri Apr 2 21:04:58 UTC 2010
Mikhail Gusarov wrote:
> Twas brillig at 09:47:33 01.04.2010 UTC-05 when serue at us.ibm.com did gyre and gimble:
>
> >> Here process drops root privileges, setuids to uid=103 and limits itself
> >> to 3 processes with this uid. Clone fails due to fact there are two
> >> processes with uid=103 running in another container.
> >>
> >> Is it a known limitation, or maybe this is already handled in newer
> >> kernels? (I use 2.6.32)
>
> SEH> Hmm, you'll need to unshare the user namespace. Try adding
> SEH> CLONE_NEWUSER to the list assigned to clone_flags at
> SEH> lxc/src/lxc/start.c line 353.
>
> I tried, and was hit by the following problem:
>
> [dottedmag at vertex:~]255% sudo lxc-start -n cf
> lxc-start: Device or resource busy - could not unmount old rootfs
> lxc-start: failed to pivot_root to '/var/lib/lxc/cf/rootfs'
> lxc-start: failed to set rootfs for 'cf'
> lxc-start: failed to setup the container
>
Did you try with the git head ?
More information about the lxc-users
mailing list