[Lxc-users] Restoring a process fails under lxc 1.0.0.alpha1
Frederico Araujo
araujof at gmail.com
Thu Sep 19 23:20:04 UTC 2013
Hi,
I've been using checkpoint/restore (CRIU 0.7) under lxc containers on
Ubuntu Saucy for a while and everything was running smoothly until I
updated my lxc from version 0.9 to the new release (1.0.0.alpha1). After
the update, restoring even a simple program (no sockets, just a simple
infinite loop printing some text) returns:
"Error (cr-restore.c:894): 475: Can't open /proc/sys/kernel/ns_last_pid:
Permission denied"
My container was configured using the lxc template for Ubuntu, using the
default configuration. So, my question is: did the new version of lxc
changed anything related to access permission to the
/proc/sys/kernel/ns_last_pid file? I am running CRIU restore as root inside
the container. I made a small test running CRIU restore on the host machine
and it works fine; my best guess is that something has changed in the way
LXC handles the container's root permissions. If not, am I missing
something? Is there a way to allow a container root to open ns_last_pid
with R/W permissions from inside the container (I checked CRIU source code
and this is where it fails)?
I am running host and container on Ubuntu Saucy (3.11.0-7). Also, 'sysctl
kernel.ns_last_pid' works fine from inside the container.
Any help will be appreciated!
Thanks,
Fred
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130919/4376923e/attachment.html>
More information about the lxc-users
mailing list