[lxc-users] Failure to start a container with 'lxc.seccomp' option set
Nels Nelson
nels.n.nelson at gmail.com
Mon Apr 28 19:03:42 UTC 2014
On Mon, Apr 28, 2014 at 1:47 PM, Serge Hallyn <serge.hallyn at ubuntu.com>wrote:
>
> Drat. just to make sure, you don't have any start hooks defined do you?
> What distro/release is the guest running? My guess is that init is
> running mknod, and immediately getting killed.
>
I don't think I have any start hooks defined, no. I'm just using the
default lxc-ubuntu template.
So, black-listing mknod without 'errno 0' does allow the instance to start.
Upon testing, I can confirm that the instance which is now running with the
seccomp black-list
is not capable of creating devices manually with mknod.
Thanks,
-Nels
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140428/2246294b/attachment-0001.html>
More information about the lxc-users
mailing list