[lxc-users] Building LXC 1.1 on Debian 8

[Serge Hallyn]

Quoting Joshua Schaeffer (jschaeffer0922 at gmail.com):
> I've been using LXC's on Debian 7 for over a year now and everything has
> been working great, but I've just been using the version that is packaged
> with the distro and I figured it's probably time to get up to date and
> start taking advantage of the newer features and unprivileged containers.
> So I've created a VM with Debian 8 on it and downloaded the source for LXC
> 1.1.1.
> 
> I configured, compiled, and installed the software without any issues, but
> when I try to run lxc-create as a regular user I get the following error:
> 
> --------------------------------------------------------------------------
> lxcuser at thinkhost:~$ lxc-create -t download -n c1
> unshare: Operation not permitted

Since unshare failed, your kernel seems to not be allowing unprivileged
CLONE_NEWUSER.  Check whether there is a sysctl called
/proc/sys/kernel/unprivileged_userns_clone, and if so set it to 1.

> read pipe: Success
> lxc_container: lxccontainer.c: do_create_container_dir: 772 Failed to chown
> container dir
> lxc_container: lxc_create.c: main: 274 Error creating container c2
> --------------------------------------------------------------------------
> 
> I've set execute rights on the home directory for that user. Seems like I'm
> missing something obvious. Below is the configure parameters I used. make,
> make check, and make install reported no problems or errors:
> 
> ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
> --enable-doc --enable-capabilities --with-distro=debian
> 
> I can run the above command as root and it successfully downloads the
> template and creates the container which I can then attach to.
> 
> Thanks,
> Joshua

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users