[lxc-users] Executing a command inside a running container? (ng)
Fajar A. Nugraha
list at fajar.net
Mon Jun 9 14:01:05 UTC 2014
On Mon, Jun 9, 2014 at 8:47 PM, frodox <frodox at zoho.com> wrote:
> yup, lxc-attach starts a process inside a running container. But it can starts only processes/programs that already exists (installed) inside a container.
>
> May be I misunderstand Dominik Schulz,
Reading at the archive, Dominik pretty much wanted lxc-attach.
> but what I mean -- how to execute/move a process from host OS inside a running container
It was Marco who wanted something that. And for that requirement, I
have no idea whether it's possible.
> (i.e. without installing it inside; like run it in sandbox or move already running process).
> It is very close to recent thread "Howto/Tutorial wanted: Running an application inside a container"
That's different. Stephane's article installs the program inside the container.
> (btw, I succeeded your tutorial in that thread, except gui apps.)
... and the problem is ...?
IIRC I had some problems as well (using bind-mounted existing root and
overlayfs as container root), and it turns out part of the startup
process inside the container removes /tmp/.X11-unix/* . The
"workaround" was to disable (or uninstall) lightdm (or whatever
display manager you use) inside the container, so the hosts's
/tmp/.X11-unix/X0 stays intact.
> And, well, related question.
> I read a lot, that it's not good to run lxc-execute, and also you said
> > ... Again, personally I prefer to simply use full OS in the container(even with the consequence oh having to update it separately from thehost) combined with lxc-start and lxc-attach.
I did say "personally" :)
Other people might find lxc-execute useful for their needs.
>
> is there any security issues, except
not that I know of there are specific to lxc-execute.
--
Fajar
> > For the network interface part you can work around it by specifying it in the container config file, but you might need other things configured as well (e.g. iptables, dependent services like mysql,etc),
>> which is why I would recommend lxc-start and lxc-attach over lxc-execute.
>
> while use lxc-execute?
> may be, we can improve lxc-execute in that way..?
>
> --
> Regards, Christian.
>
>
> > ---- On Mon, 09 Jun 2014 17:19:15 +0400 Fajar A. Nugraha<list at fajar.net> wrote ----
> >
> > On Mon, Jun 9, 2014 at 5:53 PM, frodox <frodox at zoho.com> wrote:
> > > Hi all.
> > >
> > > A few years ago there was a thread about executing a command inside a
> > > running container [1].
> >
> > > But how about nowadays?
> > > Is it possible now, since we have a new system call setns(2), which looks
> > > like does exactly necessary thing?
> >
> > http://manpages.ubuntu.com/manpages/trusty/man1/lxc-attach.1.html
> >
> > --
> > Fajar
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
More information about the lxc-users
mailing list