[lxc-users] Unprivileged containers and reboot of base

Serge Hallyn serge.hallyn at ubuntu.com
Wed Sep 10 18:33:20 UTC 2014


All right, can you bump the sleep 5 up to say 200, then while it's
sleeping, look at /proc/pid/cgroup for (a) the script itself, (b)
the container, and then (c) in another shell try to lxc-attach to
the container using the lxc-attach command itself?

Quoting Medhamsh V (medhamsh at gmail.com):
> Sure. Here it is https://dpaste.de/aVfv
> 
> Commented the attach method.
> 
> 
> On 5 September 2014 22:44, Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> 
> > Quoting Medhamsh V (medhamsh at gmail.com):
> > > Hi,
> > >
> > >
> > >
> > >
> > > On 5 September 2014 19:51, Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> > >
> > > > > "sudo cgm create all goatos && sudo cgm chown all user $(id -u user)
> > $(id
> > > > > -g user)"
> > > >
> > > > do you mean cgm chown all goatos $(id -u user) $(id -g user) ?
> > > >
> > > > if not then that'll be your problem.
> > > >
> > > >
> > > Aaah. Sorry. I wrote it wrong way. I am doing cgm chown all goatis $(id
> > -u
> > > goatos) $(id -g goatos) and
> > > this is fine though.
> > >
> > >
> > > >
> > > > What is /proc/self/cgroup in one of those containers
> > > >
> > > >
> > > The name of the container is "attach" and following is the content of
> > > /proc/self/cgroup
> > >
> > > 11:hugetlb:/goatos/attach
> > > 10:perf_event:/goatos/attach
> > > 9:blkio:/goatos/attach
> > > 8:freezer:/goatos/attach
> > > 7:devices:/goatos/attach
> > > 6:memory:/goatos/attach
> > > 5:cpuacct:/goatos/attach
> > > 4:cpu:/goatos/attach
> > > 3:cpuset:/goatos/attach
> > > 2:name=systemd:/user/1001.user/5.session/attach
> > >
> > >
> > > Also, I dint mention in my previous mail that those errors occur only
> > when
> > > I use "attach" in my container creation script. The script is in ruby
> > and I
> > > use ruby-lxc. If I dont use "attach" method I dont get any errors.
> >
> > Wow, that's funky.  I'd like to say it must be a bug in the ruby
> > bindings, but that doesn't seem likely.  Could you give us the
> > script, or a minimal subset thereof (that just creates and does
> > the attach that breaks things)?
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> >
> 
> 
> 
> -- 
> Medhamsh,
> 
> GPG Finger Print: BD16 E32E CA4D 83A3 1270  725D D766 7997 0ABC 20E9
> http://pascal.iiit.ac.in/~medhamsh/medhamsh.gpg

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users



More information about the lxc-users mailing list