[lxc-users] Setting kernel.shmmax in unprivileged containers.
Serge Hallyn
serge.hallyn at ubuntu.com
Thu Jul 31 14:59:45 UTC 2014
Quoting Tiit Kaeeli (kaeeli at quretec.com):
> On Mon, 28 Jul 2014, Tiit Kaeeli wrote:
>
> >Hi,
> >
> >I am having a little issue setting kernel.shmmax in LXC
> >unprivileged container (lxc=1.0.4-0ubuntu0.1)
> >
> >In https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1021411
> >it is stated, that it should be possible since lxc 0.7.5-3ubuntu60
> >At least there is no information, that it will only apply to
> >privileged containers.
> >
> >I have also tried disabling apparmor and adding
> >lxc.mount.auto = proc:rw sys:rw
> >to container conf.
> >
> >But still
> >sysctl: permission denied on key 'kernel.shmmax'
> >At the same time setting for example
> >net.ipv6.conf.all.disable_ipv6 succeeds!
> >
> >mount -o remount,rw -t proc /proc /proc
> >mount: permission denied
> >
> >/proc/ is owned by nobody.nogroup
> >
> >What am I missing?
>
>
> Any ideas? can this be done at all on unprivileged containers?
Hi,
which kernel are yo uon?
I've just noticed that on my utopic (3.16 kernel) laptop I have the
same problem. All of /proc is owned by nobody:nogroup. On my 3.13
kernel /proc is owned by root, including /proc/sys/kernel/shmmax.
So this looks like a new kernel bug.
-serge
More information about the lxc-users
mailing list