[lxc-users] Building LXC 1.1 on Debian 8

Joshua Schaeffer jschaeffer0922 at gmail.com
Thu Apr 2 21:14:29 UTC 2015 

Serge, I did have that sysctl, but it was set to 0. I changed it to 1 and
now I get a new error:

lxcuser at thinkhost:~$ lxc-create -t download -n c2
lxc: conf.c: lxc_map_ids: 3145 Missing newuidmap/newgidmap
error mapping child
setgid: Invalid argument
lxc_container: lxccontainer.c: do_create_container_dir: 772 Failed to chown
container dir
lxc_container: lxc_create.c: main: 274 Error creating container c2

I have assigned lxcuser to the following uid/gid range: 165536 65536 and I
have that set in ~/.config/lxc/default.conf

lxcuser at thinkhost:~$ cat ~/.config/lxc/default.conf
lxc.network.type = veth
lxc.network.link = lxcbr0
lxc.network.name = eth0
lxc.id_map = u 0 165536 65536
lxc.id_map = g 0 165536 65536

root at thinkhost:~# cat /etc/sub* | grep lxcuser
lxcuser:165536:65536
lxcuser:165536:65536

Thanks,
Joshua

On Thu, Apr 2, 2015 at 2:49 PM, Serge Hallyn <serge.hallyn at ubuntu.com>
wrote:

> Quoting Joshua Schaeffer (jschaeffer0922 at gmail.com):
> > I've been using LXC's on Debian 7 for over a year now and everything has
> > been working great, but I've just been using the version that is packaged
> > with the distro and I figured it's probably time to get up to date and
> > start taking advantage of the newer features and unprivileged containers.
> > So I've created a VM with Debian 8 on it and downloaded the source for
> LXC
> > 1.1.1.
> >
> > I configured, compiled, and installed the software without any issues,
> but
> > when I try to run lxc-create as a regular user I get the following error:
> >
> >
> --------------------------------------------------------------------------
> > lxcuser at thinkhost:~$ lxc-create -t download -n c1
> > unshare: Operation not permitted
>
> Since unshare failed, your kernel seems to not be allowing unprivileged
> CLONE_NEWUSER.  Check whether there is a sysctl called
> /proc/sys/kernel/unprivileged_userns_clone, and if so set it to 1.
>
> > read pipe: Success
> > lxc_container: lxccontainer.c: do_create_container_dir: 772 Failed to
> chown
> > container dir
> > lxc_container: lxc_create.c: main: 274 Error creating container c2
> >
> --------------------------------------------------------------------------
> >
> > I've set execute rights on the home directory for that user. Seems like
> I'm
> > missing something obvious. Below is the configure parameters I used.
> make,
> > make check, and make install reported no problems or errors:
> >
> > ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
> > --enable-doc --enable-capabilities --with-distro=debian
> >
> > I can run the above command as root and it successfully downloads the
> > template and creates the container which I can then attach to.
> >
> > Thanks,
> > Joshua
>
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150402/a57f8628/attachment.html>

More information about the lxc-users mailing list