[Lxc-users] Permission problem with /dev/net/tun (despite echoes to cgroup)
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Jul 1 14:47:54 UTC 2013
Quoting Thomas Karcher (thkarcher at gmx.de):
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi folks,
>
> the symptom my libvirt LXC container suffers from is:
Note this mailing list is for "lxc" (lxc.sf.net,
https://github.com/lxc/lxc), which is a different userspace
implementation of containers than libvirt lxc.
Libvirt lxc doesn't allow CAP_MKNOD inside a container. AFAICS
this is not configurable. With "lxc", it is configurable with
lxc.cap.drop (see lxc.conf(5)) and by default allowed in Ubuntu
raring.
Are you using this with openstack?
-serge
More information about the lxc-users
mailing list