[lxc-users] 'cap_sys_admin' in ephemeral container doesn't allow 'mount'?
Jason Harley
jharley at redmind.ca
Sat Jul 26 15:11:14 UTC 2014
> On Jul 25, 2014, at 13:15, Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
>
> Quoting Jason Harley (jharley at redmind.ca):
>>> On Jul 24, 2014, at 12:49, Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
>>>
>>> Does cat /proc/self/attr/current show the same thing for both?
>>
>> Yes, both report "unconfined".
>>
>> http://pastebin.com/vh9vqZXD
>>
>> ./JRH
>
> Yeah I can reproduce this, and have no idea why. Will wait for Stéphane
> to reply, he may know offhand.
I'm glad it's at least reproducible, it seems like an odd behavior.
For the moment I've got a workaround wrapper script that makes a ramfs mount and clones the container into it and mounts work fine.
./JRH
More information about the lxc-users
mailing list