[lxc-users] unprivileged container with systemd?
Dirk Geschke
dirk at lug-erding.de
Thu Nov 20 21:23:42 UTC 2014
Hi all,
I just to follow
https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/
once more to install a new container and it fails. First of all it
was a problem with the access to the directory
~/.local/share/lxc/jessie1
The owner changed to a mapped one -> 100000 and then there was no
access for the lxcuser, which has uid 1001. I fixed this via setting
write access for the users group.
But then I installed a download template:
lxc-create -t download -n jessie1 -- -d debian -r jessie -a amd64
which worked without problems (except warnings regarding reopen tty).
If I try to start the container it ends up with:
~$ lxc-start -n jessie1
lxc_container: Permission denied - Unable to create /dev/.lxc for autodev
Failed to mount cgroup at /sys/fs/cgroup/systemd: Operation not permitted
Here it ends, nothing more happens and only a kill -9 works...
And yes, /sbin/init in the container is now a link to systemd:
/sbin/init -> /lib/systemd/systemd
I suspect, this does not work at all without cgroup namespace support
in the kernel? Or am I missing something else?
Best regards
Dirk
--
+----------------------------------------------------------------------+
| Dr. Dirk Geschke / Plankensteinweg 61 / 85435 Erding |
| Telefon: 08122-559448 / Mobil: 0176-96906350 / Fax: 08122-9818106 |
| dirk at geschke-online.de / dirk at lug-erding.de / kontakt at lug-erding.de |
+----------------------------------------------------------------------+
More information about the lxc-users
mailing list