[Lxc-users] connecting lxc-console is impossible after deny cgroup by default activated
Thierry
mysolo at cynetek.com
Fri Nov 2 11:49:39 UTC 2012
Hello,
lxc-console not functionnal after activate lxc.cgroup.devices.deny = a
not using cgroup
tigra ~ # lxc-start -l DEBUG -o /var/log/lxc/debian-dev.log -n
debian-dev -f /etc/lxc/debian-dev/config -d
tigra ~ # lxc-console -n debian-dev
Type <Ctrl+a q> to exit the console
Password:
Debian GNU/Linux 6.0 debian-dev tty1
debian-dev login:
after activate lxc.cgroup.devices.deny = a
tigra ~ # lxc-start -l DEBUG -o /var/log/lxc/debian-dev.log -n
debian-dev -f /etc/lxc/debian-dev/config -d
tigra ~ # lxc-console -n debian-dev
Type <Ctrl+a q> to exit the console
not logging prompt
You are a idea for resolve access by lxc-console ?
host is gentoo
tigra ~ # uname -a
Linux tigra.cynetek.com 3.6.2-hardened-xxxx-grs-ipv6-64-1
tigra ~ # lxc-version
lxc version: 0.8.0-rc2
guest is debian squeeze
tigra ~ # cat /sys/fs/cgroup/devices/lxc/debian-dev/devices.list
c 1:3 rwm
c 1:5 rwm
c 1:8 rwm
c 1:9 rwm
c 5:0 rwm
c 5:1 rwm
c 254:0 rwm
c 4:0 rwm
c 4:1 rwm
c 4:2 rwm
c 4:3 rwm
c 136:* rwm
c 5:2 rwm
tigra ~ # cat /etc/lxc/debian-dev/conf
lxc.tty = 4
lxc.pts = 1024
lxc.utsname = debian-dev
lxc.cgroup.devices.deny = a
#lxc.console = /dev/console
# Device configuration:
# Deny access to all devices:
# lxc.cgroup.devices.deny = a
# Allow only the following devices to be opened:
lxc.cgroup.devices.allow = c 1:3 rwm # dev/null
lxc.cgroup.devices.allow = c 1:5 rwm # dev/zero
lxc.cgroup.devices.allow = c 1:8 rwm # dev/random
lxc.cgroup.devices.allow = c 1:9 rwm # dev/urandom
lxc.cgroup.devices.allow = c 5:0 rwm # /dev/tty - allows
ssh-add/password input
lxc.cgroup.devices.allow = c 5:1 rwm # /dev/console - allows lxc-start
output
lxc.cgroup.devices.allow = c 254:0 rwm # rtc
# # TTYs - we create only 3 TTYs: tty0, tty1, tty2, tty3 - you can
create up to 12 (see lxc.tty = 12)
lxc.cgroup.devices.allow = c 4:0 rwm # /dev/tty0
lxc.cgroup.devices.allow = c 4:1 rwm # /dev/tty1
lxc.cgroup.devices.allow = c 4:2 rwm # /dev/tty2
lxc.cgroup.devices.allow = c 4:3 rwm # /dev/tty3
# pts namespaces
lxc.cgroup.devices.allow = c 136:* rwm # dev/pts/*
lxc.cgroup.devices.allow = c 5:2 rwm # dev/pts/ptmx
lxc.rootfs = /dev/vg1/debian-dev
lxc.rootfs.mount = /usr/lib/lxc/rootfs
lxc.network.type=veth
lxc.network.link=br0
lxc.network.flags=up
lxc.network.ipv4=10.0.1.1
lxc.network.veth.pair=veth-10.0.1.1
-
More information about the lxc-users
mailing list