[Lxc-users] Permission denied on lxc-console login
Daniel Lezcano
daniel.lezcano at free.fr
Sun Mar 6 21:16:18 UTC 2011
On 03/05/2011 11:10 PM, Milan Zamazal wrote:
> I've found where the problem originates:
>
> The "Permission denied" message is caused by the error code returned
> from pam_open_session call in /bin/login. When I commented out the
> following line in /etc/pam.d/login, the problem disappeared:
>
> session required pam_limits.so
>
> This is weird as I can't see any reason why this should fail. So I
> debugged the pam_limit module and found it returns failure because of
> the following call:
>
> status = setpriority(PRIO_PROCESS, 0, pl->priority);
>
> where pl->priority is 0.
>
> I commented out the following line in the container configuration
>
> lxc.cap.drop = sys_nice
>
> and now I can log in even with pam_limits enabled.
>
> Considering the fact the problem appears somewhat irregularly as I've
> described in my previous posts, I guess there must be a bug somewhere,
> otherwise it makes no sense to me.
>
> What do you think?
Hi Milan,
Nice analysis. Sorry for the dumb question but are you sure the
'setpriority' call is done when the login succeed ?
More information about the lxc-users
mailing list