[lxc-users] Failure with authorisation of update-manager in Ubuntu Desktop-Container

[Guido Jäkel]

Dear others,

using LXC at work in a server environment for years, this days I start to use it at home. My goal here is to set up a Ubuntu Desktop Container running on the existing vanilla PC acting as my home server. Up to now it was used as a server (router, firewall, NAS, DLNA-server, ...); it was managed "nearly headless" via ssh and on a simple VGA text mode console for emergencies. For the "Desktop Container" project, i have added a simple 3D graphic card and attached an WSXGA-display and a mouse, too.

On the host (running on Gentoo), i have installed LXC 1.0.7 and as the container rootfs, I use a copy of one of my already established and well-working Ubuntu 14.04 Desktop installations.

To do it step-by-step, i have first started with a "Ubuntu-Server" container. With this, i do the basics like a proper network setup. Then, i just add a few more lines to the configuration file an switch the rootfs to the Desktop clone.


	# Template used to create this container: /usr/share/lxc/templates/lxc-download
	# Parameters passed to the template: --no-validate --dist ubuntu --release trusty --arch amd64
	# For additional config options, please look at lxc.container.conf(5)
	
	# Distribution configuration
	lxc.include = /usr/share/lxc/config/ubuntu.common.conf

	[... usual basic and network setup ...]

	# Desktop-Container: Allow direct access to video and input devices
	lxc.mount.entry = /dev/dri	dev/dri		none	bind,optional,create=dir
	lxc.mount.entry = /dev/input	dev/input	none	bind,optional,create=dir
	
	lxc.cgroup.devices.allow = c   4:7 rwm	# /dev/tty7 X Desktop
	lxc.cgroup.devices.allow = c   4:8 rwm	# /dev/tty8 X Desktop
	lxc.cgroup.devices.allow = c   4:9 rwm	# /dev/tty9 X Desktop
	lxc.cgroup.devices.allow = c  29:0 rwm	# /dev/fb0/* framebuffer device
	lxc.cgroup.devices.allow = c 226:* rwm	# /dev/dri/* video card devices
	lxc.cgroup.devices.allow = c  13:* rwm	# /dev/input/* input devices 



After a a few tweaks, this already runs very well: I just disabled some unnecessary services (avahi, bluetooth, cups, udev, ureadahead) in /etc/init/ because they produce a lot of "useless noise". 

To get the keyboard and mouse working, before i have to install the package  xserver-xorg-input-kbd  and have to add the file  /etc/X11/xorg.conf.d/10-input.conf  containing

	Section "ServerFlags"
		Option "AutoAddDevices" "False"
	EndSection
	
	Section "ServerLayout"
		Identifier     "Desktop"
		InputDevice    "Mouse0" "CorePointer"
		InputDevice    "Keyboard0" "CoreKeyboard"
	EndSection
	
	Section "InputDevice"
		Identifier "Keyboard0"
		Driver "kbd"
		Option "XkbLayout" "de"
	EndSection
	
	Section "InputDevice"
		Identifier "Mouse0"
		Driver "mouse"
		Option "Protocol" "auto"
		Option "Device" "/dev/input/mice"
		Option "ZAxisMapping" "4 5 6 7"
	EndSection 

Then I was able to interact with the X server and even switch between the containers X Desktop and the hosts textmode terminals out of the box.



But now I stuck at an issue concerning the GUI versions of software management: The apt commandline tools work, but the GUI program update-manager shows the error message "You are not allowed to perform this action" and fail to work. However, if i start it with 'gksudo update-manager', there is no such message.

In the same way, the software-manager or other GUI methods to install/remove software is not working. May anybody please have a hint what might be missing in the container setup or have to be tweaked inside?


greetings

Guido