[lxc-users] Avahi daemon not working in LXC.

Brian Allen Vanderburg II brianvanderburg2 at aim.com
Mon May 4 02:57:05 UTC 2015


System: Debian Jessie amd64
LXC: 1.0.6

I've used LXC for a little while with system containers. After recently
upgraded my system to Debian Jessie I've started working with user
containers.  A problem I seem to be having is that under unprivileged
containers, the Avahi daemon does not seem to work.  It worked as a
system container, only requiring removing the nprocs limit.

Containers are set up using cgmanager: cgm create, cgm chmod, cgm
movepid, lxc-start, and so on.  The network is configured to use veth
bridged with host device br0, which is also the master of eth0.  When I
run Wireshark and monitor the veth interface from the host, if I run
"mdns-scan" in the container, I get MDNS traffic, but if just run "ping
main-machine.local" in the container there is no MDNS traffic.  If I run
"ping guest.local" from the host, I do get MDNS traffic".

I try to debug this by directly running avahi-daemon (avahi-daemon
--debug) in the guest to view the stderr output.  There is no activity
regardless of a ping from the host or the guest.  Running "mdns-scan"
from the guest generates activity.  Somehow the guest finds the host's
_workstation._tcp.local.  Running "mdns-scan" from the host, there is no
activity in the guest stderr output.

After searching online, the closest thing I could find was this post:

http://lists.freedesktop.org/archives/avahi/2015-February/002345.html

This seems to suggest from my minimum understanding that there is some
bug in the kernel code, and that the credentials at line 85 of
avahi-core/netlink.c is seeing the "outside" user id value instead of
the container user id value.  However, there are no work-arounds mentioned.

Has anyone managed to get Avahi working with unprivileged containers or
workarounds to get this to work?

Thanks,

Brian Allen Vanderburg II

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150503/bde79867/attachment.sig>


More information about the lxc-users mailing list