[lxc-users] Unable to Start Unprivileged Containers on Debian / Jessie

Chris berzerkatives at gmail.com
Tue Sep 30 14:46:31 UTC 2014

On 29/09/14 21:46, Serge Hallyn wrote:
> Hm, sorry, not looking deeper right now, but :
>>        lxc-start 1411807327.953 ERROR    lxc_conf - Permission denied - WARNING: Failed to create symlink '/home/osmium/.local/share/lxc/osmium/rootfs.dev'->'/dev/.lxc/user/osmium.3c68b3f0c5eeec7d'
> Something will need to set that up.  I can't recall offhand
> what is supposed to do that.  Michael (cc:d), is that done
> through the init script?
> -serge
That might make sense, as I created this container through 
debootstrapping the filesystem into 
/home/osmium/.local/share/lxc/osmium/rootfs and then chown/grping all 
the files to the appropriate users in this user's subuid/gid range... 
pasted below in case anyone finds it useful. Please let me know if there 
are further steps required to make this template/container valid.

Incidentally, I just fixed the "invalid mount point" warnings, they were 
just the LXC mount paths not being complete.

$ cat shift_chid.py
#!/usr/bin/env python

import sys
import os

path = sys.argv[1]
offset = int(sys.argv[2])

def logic(path, offset):
     stat = os.lstat(path)
     o_u = stat.st_uid
     o_g = stat.st_gid
     n_u = o_u + offset
     n_g = o_g + offset
     return(path, o_u, o_g, n_u, n_g)

def report(path, offset):
     print("Path: %s. Current UID/GID: %s/%s. Proposed UID/GID: %s/%s." 
% logic(path, offset))

def chid(path, offset):
     p, _, _, u, g = logic(path, offset)
     os.lchown(path, u, g)

def verbose(path, offset):
     report(path, offset)
     chid(path, offset)
     report(path, offset)

for cur, dirs, files in os.walk(path):
     for x in files:
             verbose(os.path.join(cur, x), offset)
         except Exception as E:
             sys.stderr.write("Error reported: %s" % E)

More information about the lxc-users mailing list