[lxc-users] Failing to create unprivileged container due to wrong /run/user/XXX/lock directory
Ranjib Dey
dey.ranjib at gmail.com
Mon Jan 5 23:37:15 UTC 2015
Hi serge,
when i execute `cgm movepid all go $(pid)` as root, i get the following
error
MovePid: Client fd is: 6 (pid=16139, uid=0, gid=0)
cgmanager:do_move_pid_main: victim's cgroup is not under proxy's (p.uid 0)
Disconnected from private client
if i try sudo -u go cgm movepid all go $(pid), it picks up correct p.uid,
but still fails
Connection from private client
MovePid: Client fd is: 6 (pid=16612, uid=111, gid=117)
cgmanager:do_move_pid_main: victim's cgroup is not under proxy's (p.uid 111)
Disconnected from private client
regards
ranjib
On Mon, Jan 5, 2015 at 12:11 PM, Serge Hallyn <serge.hallyn at ubuntu.com>
wrote:
> Quoting Ranjib Dey (dey.ranjib at gmail.com):
> > following is the debug log:
> >
> > MovePid: Client fd is: 6 (pid=10783, uid=111, gid=117)
> > cgmanager: Invalid path
> > /run/cgmanager/fs/hugetlb/user/1001.user/83.session/go
> > cgmanager:do_move_pid_main: Invalid path
> > /run/cgmanager/fs/hugetlb/user/1001.user/83.session/go
> > Disconnected from private client
> >
> > 1001 is wrong user (my login user), not `go` user's UID, which is 100.
>
> I assume you're running this using sudo from uid 1001. Since that is
> also how you did the create and chown, that should be ok. I'm not
> understanding why the cg does not exist.
>
> The least confusing thing to do might be to have root do
> something like
>
> cgm movepidabs all / $$
> cgm create all go
> cgm chown all go $(id -u go) $(id -g go)
> cgh movepid all go $(pid)
>
> > /run/cgmanager/fs/hugetlb/ directory is empty,
>
> It's in a private namespace. You'd have to mount it yourself to
> see.
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150105/89f43024/attachment.html>
More information about the lxc-users
mailing list