[lxc-users] failed to start container on centos
Serge Hallyn
serge.hallyn at ubuntu.com
Tue Feb 11 15:37:06 UTC 2014
Quoting Mingjiang Shi (mrjewes at gmail.com):
> Hi Alvaro,
> Thanks for your reply and suggestion. It still doesn't work.
>
> [root at devmachine rootfs]# service cgconfig status
> Running
>
> [root at devmachine rootfs]# service libvirtd status
> libvirtd (pid 2671) is running...
>
> [root at devmachine rootfs]# lxc-start -n c1 -d
> lxc-start: command get_cgroup failed to receive response
>
> [root at devmachine rootfs]# lxc-start -n c1
> lxc-start: unknown capability mac_admin
> lxc-start: failed to drop capabilities
> lxc-start: failed to setup the container
> lxc-start: invalid sequence number 1. expected 2
> lxc-start: failed to spawn 'c1'
>
> Any idea about this error message: "lxc-start: unknown capability
> mac_admin"?
Either your kernel is very old and doesn't support it, or your
header files are.
You might want to grab the libcap2 source
(https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/),
build it, and do 'capsh --print'. see if cap_admin shows up.
Actually, it looks like your package was built with
HAVE_SYS_CAPABILITY_H unset. You should install your libcap
headers and rebuild.
-serge
More information about the lxc-users
mailing list