[lxc-users] (Semi) Unprivileged Linux Containers on Debian 7 Stable
roszenrami at gmail.com
Mon Apr 28 10:29:15 UTC 2014
Thanks for this great tutorial!
Two short comments:
1) You can disable the udhcpc error by commenting the
/bin/udhcpc line in the container configuration file; for example, if
the container name is busyboxCT and it is installed under
simply open /var/lib/lxc/busyboxCT/rootfs/etc/init.d/rcS and comment
the /bin/udhcpc line inside it.
2) Did "lxc-stop -n containerName" work for you with the busybox container?
When I last tried it, it did not work. The reason was that the
lxc-stop sends a SIGPWR signal, and the busybox version I used did not
stop the container when getting a SIGPWR.
The workarounds that worked for me were:
- call "lxc-stop containerName -k" (this sends a SIGKILL, which
kills the container)
- Use most recent busybox from git. There is a patch,
"init: halt on SIGPWR too", which makes the busybox init process halt
when receiving SIGPWR.
BTW, there is a third way, which I did not try with busybox: define
lxc.stopsignal to be SIGKILL in the config file of the container.
On Sun, Apr 27, 2014 at 8:59 PM, Assaf Gordon <assafgordon at gmail.com> wrote:
> I got semi-unprivileged containers to work on Debian 7 stable (with only a
> kernel upgrade to 3.12 from Debian Backports).
> It requires "sudo" to start the container, but inside it runs as a non-root
> If anyone is interested, I summarized it here:
> Comments are welcomed,
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
More information about the lxc-users