[lxc-users] how to run unprivileged containers on Debian stable (+backports)
roszenrami at gmail.com
Fri Apr 4 21:56:09 UTC 2014
>"A version of PAM with a loginuid patch that's yet to be in any released
>version"? What version, what patch?
I think that this is the patch:
Author: Stéphane Graber <stgraber at ubuntu.com>
Date: Tue Jan 7 16:12:03 2014 -0800
pam_loginuid: Ignore failure in user namespaces
On Fri, Apr 4, 2014 at 5:38 PM, Thomas Koch <thomas at koch.ro> wrote:
> I've found stgrabers article on running lxc unprivileged containers. But
> he's using ubuntu and I'd like to know, whether anybody tried it on Debian and
> which packages would need to be backported to current Debian stable.
>  https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers
> He explicitly mentions "A very recent version of shadow that supports
> subuid/subgid". Is version 220.127.116.11 recent enough? But I can't find information
> on subuid support in this version and there's no more recent version of shadow
> "A version of PAM with a loginuid patch that's yet to be in any released
> version"? What version, what patch?
> "Kernel: 3.13 + a couple of staging patches (which Ubuntu has in its kernel)".
> So 3.14 should be good?
> I already compiled lxc 1.0.1 myself on Debian stable.
> Thank you, Thomas Koch
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
More information about the lxc-users