[lxc-users] Building LXC 1.1 on Debian 8

Serge Hallyn serge.hallyn at ubuntu.com
Fri Apr 3 01:19:53 UTC 2015 

Quoting Joshua Schaeffer (jschaeffer0922 at gmail.com):
> Serge, I did have that sysctl, but it was set to 0. I changed it to 1 and
> now I get a new error:
> 
> lxcuser at thinkhost:~$ lxc-create -t download -n c2
> lxc: conf.c: lxc_map_ids: 3145 Missing newuidmap/newgidmap

The newuidmap and newgidmap programs are not installed.  You need the 'uidmap'
package.

> error mapping child
> setgid: Invalid argument
> lxc_container: lxccontainer.c: do_create_container_dir: 772 Failed to chown
> container dir
> lxc_container: lxc_create.c: main: 274 Error creating container c2
> 
> I have assigned lxcuser to the following uid/gid range: 165536 65536 and I
> have that set in ~/.config/lxc/default.conf
> 
> lxcuser at thinkhost:~$ cat ~/.config/lxc/default.conf
> lxc.network.type = veth
> lxc.network.link = lxcbr0
> lxc.network.name = eth0
> lxc.id_map = u 0 165536 65536
> lxc.id_map = g 0 165536 65536
> 
> root at thinkhost:~# cat /etc/sub* | grep lxcuser
> lxcuser:165536:65536
> lxcuser:165536:65536
> 
> Thanks,
> Joshua
> 
> On Thu, Apr 2, 2015 at 2:49 PM, Serge Hallyn <serge.hallyn at ubuntu.com>
> wrote:
> 
> > Quoting Joshua Schaeffer (jschaeffer0922 at gmail.com):
> > > I've been using LXC's on Debian 7 for over a year now and everything has
> > > been working great, but I've just been using the version that is packaged
> > > with the distro and I figured it's probably time to get up to date and
> > > start taking advantage of the newer features and unprivileged containers.
> > > So I've created a VM with Debian 8 on it and downloaded the source for
> > LXC
> > > 1.1.1.
> > >
> > > I configured, compiled, and installed the software without any issues,
> > but
> > > when I try to run lxc-create as a regular user I get the following error:
> > >
> > >
> > --------------------------------------------------------------------------
> > > lxcuser at thinkhost:~$ lxc-create -t download -n c1
> > > unshare: Operation not permitted
> >
> > Since unshare failed, your kernel seems to not be allowing unprivileged
> > CLONE_NEWUSER.  Check whether there is a sysctl called
> > /proc/sys/kernel/unprivileged_userns_clone, and if so set it to 1.
> >
> > > read pipe: Success
> > > lxc_container: lxccontainer.c: do_create_container_dir: 772 Failed to
> > chown
> > > container dir
> > > lxc_container: lxc_create.c: main: 274 Error creating container c2
> > >
> > --------------------------------------------------------------------------
> > >
> > > I've set execute rights on the home directory for that user. Seems like
> > I'm
> > > missing something obvious. Below is the configure parameters I used.
> > make,
> > > make check, and make install reported no problems or errors:
> > >
> > > ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
> > > --enable-doc --enable-capabilities --with-distro=debian
> > >
> > > I can run the above command as root and it successfully downloads the
> > > template and creates the container which I can then attach to.
> > >
> > > Thanks,
> > > Joshua
> >
> > > _______________________________________________
> > > lxc-users mailing list
> > > lxc-users at lists.linuxcontainers.org
> > > http://lists.linuxcontainers.org/listinfo/lxc-users
> >
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list