[lxc-users] Advice for running LXC on a Debian host

[Harald Dunkel]

On Fri, 13 Mar 2015 13:34:22 +0000
Rory Campbell-Lange <rory at campbell-lange.net> wrote:
> 
> Presently the Debian LXC wiki page at https://wiki.debian.org/LXC states
> "LXC may not provide sufficient isolation at this time". 
> 

This is about Wheezy, AFAIK. You should give Jessie a chance. 

Jessie's LXC provides apparmor support and other new 
features. It is based upon LXC 1.0.6 (plus some fixes, e.g.
systemd support introduced for 1.0.7). 

Debian's configure flags for LXC:

                --disable-rpath \
                --enable-doc \
                --enable-api-docs \
                --enable-apparmor \
                --enable-selinux \
                --disable-cgmanager \
                --enable-capabilities \
                --enable-examples \
                --enable-python \
                --disable-mutex-debugging \
                --enable-lua \
                --enable-bash \
                --enable-tests \
                --enable-configpath-log \
                --with-distro=debian \
                --with-init-script=sysvinit,systemd

Once Jessie is released, Debian will most likely move forward 
to LXC version 1.1.x. There is a good chance that this version 
will be backported to Jessie later.

But I always wondered why there are different LXC packages for 
Debian and Ubuntu? Debian's LXC includes several interesting
changes that might be useful for the "Ubuntu" version and
other host platforms as well, e.g using the right debootstrap 
mirror, fixing LSB headers, etc.


Regards
Harri