[lxc-users] (Semi) Unprivileged Linux Containers on Debian 7 Stable

Assaf Gordon assafgordon at gmail.com
Mon Apr 28 14:36:36 UTC 2014


On 04/28/2014 06:29 AM, Rami Rosen wrote:
> Two short comments:
> 1) You can disable the udhcpc error by commenting the
> /bin/udhcpc line in the container configuration file; for example, if
> the container name is busyboxCT and it is installed under
> /var/lib/lxc,
> simply open  /var/lib/lxc/busyboxCT/rootfs/etc/init.d/rcS and comment
> the /bin/udhcpc line inside it.

Thanks, I'll update it.
I was about to use it to explain simple network settings, but the tutorial got too long...

> 2) Did "lxc-stop -n containerName" work for you with the busybox container?
> When I last tried it, it did not work. The reason was that the
> lxc-stop sends a SIGPWR signal, and the busybox version I used did not
> stop the container when getting a SIGPWR.
> The workarounds that worked for me were:
> -   call "lxc-stop containerName -k"  (this sends a SIGKILL, which
> kills the container)
> - Use most recent busybox from git. There is a patch,
> "init: halt on SIGPWR too", which makes the busybox init process halt
> when receiving SIGPWR.
> see:
> http://lists.busybox.net/pipermail/busybox-cvs/2013-November/034290.html

I've used busybox-1.22.1 which is fairly recent and already contains this patch.

I did notice some strange behaviour regarding "lxc-stop" with Busybox, but I did not fully investigate.
Mainly, with some combinations of kernel version, and other settings, 'lxc-stop" will take a long time (up to a minute or so) from the moment I initiated it and until the container actually stopped.

But with the final setup I've used (kernel 3.12, Busybox 1.22.1, default LXC options + user mapping), it takes about two seconds for the container to terminate.


More information about the lxc-users mailing list