[lxc-users] Setting kernel.shmmax in unprivileged containers.
Tiit Kaeeli
kaeeli at quretec.com
Fri Aug 1 14:41:08 UTC 2014
On Fri, 1 Aug 2014, Tiit Kaeeli wrote:
> On Thu, 31 Jul 2014, Serge Hallyn wrote:
>
>> Quoting Tiit Kaeeli (kaeeli at quretec.com):
>>> On Mon, 28 Jul 2014, Tiit Kaeeli wrote:
>>>
>>> >Hi,
>>> >
>>> >I am having a little issue setting kernel.shmmax in LXC
>>> >unprivileged container (lxc=1.0.4-0ubuntu0.1)
>>> >
>>> >In https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1021411
>>> >it is stated, that it should be possible since lxc 0.7.5-3ubuntu60
>>> >At least there is no information, that it will only apply to
>>> >privileged containers.
>>> >
>>> >I have also tried disabling apparmor and adding
>>> >lxc.mount.auto = proc:rw sys:rw
>>> >to container conf.
>>> >
>>> >But still
>>> >sysctl: permission denied on key 'kernel.shmmax'
>>> >At the same time setting for example
>>> >net.ipv6.conf.all.disable_ipv6 succeeds!
>>> >
>>> >mount -o remount,rw -t proc /proc /proc
>>> >mount: permission denied
>>> >
>>> >/proc/ is owned by nobody.nogroup
>>> >
>>> >What am I missing?
>>>
>>>
>>> Any ideas? can this be done at all on unprivileged containers?
>>
>> Hi,
>>
>> which kernel are yo uon?
>>
>> I've just noticed that on my utopic (3.16 kernel) laptop I have the
>> same problem. All of /proc is owned by nobody:nogroup. On my 3.13
>> kernel /proc is owned by root, including /proc/sys/kernel/shmmax.
>>
>> So this looks like a new kernel bug.
>>
>> -serge
>
> I have 3.13.0-32-generic kernel. And have not tested others (yet), but
> will do it.
>
I tried 3.13.0-29.53 and 3.13.0-30.55, but nothing changed. Wich version
of 3.13 do you use?
More information about the lxc-users
mailing list