[lxc-users] Building LXC 1.1 on Debian 8

Joshua Schaeffer jschaeffer0922 at gmail.com
Thu Apr 2 21:15:09 UTC 2015


Thanks Xavier, I'll check this out.

On Thu, Apr 2, 2015 at 3:10 PM, Xavier Gendre <gendre.reivax at gmail.com>
wrote:

> If it can help you, i have summarized all the Serge's advices (the
> CLONE_NEWUSER trick, in particular) about containers in Debian in a little
> script to handle user-owned unprivileged containers and make them
> autostart. This is called mithlond,
>
> https://github.com/Meseira/mithlond
>
> This is build for Debian Jessie, thus you should find some useful things
> inside, i hope ;-)
>
> Xavier
>
>
> Le 02/04/2015 22:49, Serge Hallyn a écrit :
>
>> Quoting Joshua Schaeffer (jschaeffer0922 at gmail.com):
>>
>>> I've been using LXC's on Debian 7 for over a year now and everything has
>>> been working great, but I've just been using the version that is packaged
>>> with the distro and I figured it's probably time to get up to date and
>>> start taking advantage of the newer features and unprivileged containers.
>>> So I've created a VM with Debian 8 on it and downloaded the source for
>>> LXC
>>> 1.1.1.
>>>
>>> I configured, compiled, and installed the software without any issues,
>>> but
>>> when I try to run lxc-create as a regular user I get the following error:
>>>
>>> ------------------------------------------------------------
>>> --------------
>>> lxcuser at thinkhost:~$ lxc-create -t download -n c1
>>> unshare: Operation not permitted
>>>
>>
>> Since unshare failed, your kernel seems to not be allowing unprivileged
>> CLONE_NEWUSER.  Check whether there is a sysctl called
>> /proc/sys/kernel/unprivileged_userns_clone, and if so set it to 1.
>>
>>  read pipe: Success
>>> lxc_container: lxccontainer.c: do_create_container_dir: 772 Failed to
>>> chown
>>> container dir
>>> lxc_container: lxc_create.c: main: 274 Error creating container c2
>>> ------------------------------------------------------------
>>> --------------
>>>
>>> I've set execute rights on the home directory for that user. Seems like
>>> I'm
>>> missing something obvious. Below is the configure parameters I used.
>>> make,
>>> make check, and make install reported no problems or errors:
>>>
>>> ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
>>> --enable-doc --enable-capabilities --with-distro=debian
>>>
>>> I can run the above command as root and it successfully downloads the
>>> template and creates the container which I can then attach to.
>>>
>>> Thanks,
>>> Joshua
>>>
>>
>>  _______________________________________________
>>> lxc-users mailing list
>>> lxc-users at lists.linuxcontainers.org
>>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>>
>>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>
>>  _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150402/9c2aa60b/attachment-0001.html>


More information about the lxc-users mailing list