[Lxc-users] fedora template
Serge E. Hallyn
serge.hallyn at ubuntu.com
Wed Mar 30 13:20:26 UTC 2011
Quoting Justin Cormack (justin at specialbusservice.com):
> On Tue, 2011-03-29 at 18:19 -0500, Serge E. Hallyn wrote:
>
> > As for trouble with init - is your fedora using systemd? How does it
> > actually start runlevel changes? Upstart uses dbus over abstract unix
> > socket (which is containerized with netns), sysvinit uses ioctl over
> > /dev/init which is a distinct file from the one in the container...
> > Does systemd do something we're not containerizing right now?
>
> When I tried Ubuntu on Ubuntu (using upstart), the abstract socket was
> not containerized, and it was changing runlevels on the host, which was
> a complete pain. How do I make sure that it is? Is it an lxc version
> issue (I was using the lxc that ships with Ubuntu 10.10, 0.7.2)?
No, you must have created a container without private network namespace.
Since upstart uses an abstact unix domain socket, you can only keep
root in a container from being able to reboot by either (1) starting
the container as a user who is not root and having a private user
namespace (which is not currently recommended since userns is going
through churn), or (2) having a private network namespace.
-serge
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110330/e4f28963/attachment.pgp>
More information about the lxc-users
mailing list