[Lxc-users] containers always seem to lock the host's X session
Joerg Gollnick
code4lxc+list at wurzelbenutzer.de
Sat Jun 16 06:28:05 UTC 2012
Am Samstag, 16. Juni 2012, 00:01:53 schrieb Ramez Hanna:
On Fri, Jun 15, 2012 at 5:50 PM, Fajar A. Nugraha <list at fajar.net> wrote:
On Fri, Jun 15, 2012 at 7:26 PM, John Maclean <jayeola at gmail.com> wrote:
> Hello all,
>
> I have built lxc from the git hub repo and have been able to create
> containers using the stock templates for fedora. However, whenever I
> start a container it always locks the hosts, X session.
>
> a - How can i diagnose this?
> b - How can i prevent this?
The easy way would be just to use ubuntu precise for your host. Seriously :)
The hard way, I think your guest is accessing your hosts's tty. You
can probably prevent that by something like this on your guests'
config file:
#==========
lxc.cgroup.devices.deny = a
# Allow any mknod (but not using the node)
lxc.cgroup.devices.allow = c *:* m
lxc.cgroup.devices.allow = b *:* m
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
#lxc.cgroup.devices.allow = c 4:0 rwm
#lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rwm
#fuse
lxc.cgroup.devices.allow = c 10:229 rwm
#tun
lxc.cgroup.devices.allow = c 10:200 rwm
#full
lxc.cgroup.devices.allow = c 1:7 rwm
#hpet
lxc.cgroup.devices.allow = c 10:228 rwm
#kvm
lxc.cgroup.devices.allow = c 10:232 rwm
#==================
--
Fajar
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Lxc-users mailing list
Lxc-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
here is what i do
i always start the container form a terminalnot frommy x session
i also use the following script to start the container this fixes all problem
====
# cat /home/rhanna/bin/lxc-start-fedora
#! /bin/bash
options=$(getopt -o n: -l name: -- "$@")
eval set -- "$options"
while true
do
case "$1" in
-n|--name) name=$2; shift 2;;
--) shift
break;;
*) break ;;
esac
done
if [ -z $name ]; then
echo "container name must be set, use -n|--name"
exit 1
fi
lxc-ls |grep $name >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "Container does not exist"
exit 1
fi
lxc-info -s -n$name|grep RUNNING >/dev/null 2>&1
if [ $? -eq 0 ]; then
echo "container already started"
exit 1
fi
mount |grep /tmp/lxc/$name > /dev/null 2>&1
if [ $? -eq 0 ]; then
umount /tmp/lxc/$name
fi
rm -rf /tmp/lxc/$name
mkdir -p /tmp/lxc/$name
mount none /tmp/lxc/$name -t tmpfs
rsync -a /var/lib/lxc/$name/rootfs/dev/ /tmp/lxc/$name
mount /tmp/lxc/$name /var/lib/lxc/$name/rootfs/dev/ -obind
lxc-start $* -n $name
=====--
BR
RH
http://informatiq.org
If you start the container in a screen you can work around this.
/usr/bin/screen -dmS init-${container} /usr/bin/lxc-start -n ${container} -f
/etc/lxc/${container}.conf
With best regards Joerg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20120616/36c7aad2/attachment.html>
More information about the lxc-users
mailing list