[Lxc-users] connecting lxc-console is impossible after deny cgroup by default activated

Serge Hallyn serge.hallyn at canonical.com
Wed Nov 7 14:13:10 UTC 2012 

Quoting Thierry (mysolo at cynetek.com):
> Le 05/11/2012 23:36, Serge Hallyn a écrit :
> > Quoting Thierry (mysolo at cynetek.com):
> >> Le 05/11/2012 22:25, Serge Hallyn a écrit :
> >>> Quoting Thierry (mysolo at cynetek.com):
> >>>>       lxc-start 1352149909.205 DEBUG    lxc_conf - trying to mount '/dev/vg1/debian-dev'->'/usr/lib/lxc/rootfs' with fstype '# /etc/filesystems'
> >>>>       lxc-start 1352149909.205 DEBUG    lxc_conf - mount failed with error: No such device
> >>> (And a bunch more)  Does /dev/vg1/debian-dev exist on the host?
> >>>
> >>> -serge
> >>>
> >> yes. This device /dev/vg1/debian-dev is idem for config working and
> >> config not working.
> > Heh, sorry, I see :)  Bogus fstype.  I'm shuttling between too many things.
> >
> > Anyway I'm guessing the answer is in the kernel-hardened patches.  Can you
> > find anything in the audit logs?
> 
> Hello,
> 
> I'm testing with gentoo-sources kernel ( not patching with grsecurity)
> and lxc-console not working.
> 
> tigra linux # zcat /proc/config.gz |grep -i 3.6.2
> # Linux/x86_64 3.6.2-gentoo Kernel Configuration
> 
> tigra ~ # lxc-console -n debian-dev
> 
> Type <Ctrl+a q> to exit the console
> 
> Not prompt for logging.
> 
> >
> > When you log in over ssh (when using devices.deny = a), what does
> > 'ls -l /dev/tty?
> root at debian-dev:~# ls -l /dev/tty*
> crw-rw-rw- 1 root root 5, 0 Nov  1 16:41 /dev/tty
> crw-rw-rw- 1 root root 4, 0 Nov  6 17:47 /dev/tty0
> crw--w---- 1 root tty  3, 1 Nov  6 15:28 /dev/tty1
> crw--w---- 1 root tty  3, 2 Nov  6 15:28 /dev/tty2
> crw--w---- 1 root tty  3, 3 Nov  6 15:28 /dev/tty3
> crw--w---- 1 root tty  3, 4 Nov  6 15:28 /dev/tty4
> 
> >  /dev/console' show? 
> 
> root at debian-dev:~# ls -l /dev/console
> crw------- 1 root tty 3, 5 Nov  6 15:28 /dev/console

That's wrong.  What do they look like in the good case?

is devtmpfs mounted in the container?

I don't know why /dev/ttyN would NOT be overmounted in this
case.

More information about the lxc-users mailing list