[lxc-users] problems or only warning (!?) with lxc-clone
Serge Hallyn
serge.hallyn at ubuntu.com
Thu May 7 19:36:49 UTC 2015
Quoting Yonsy Solis (yonsy.s.p at gmail.com):
> Hi
>
> i create a base container with the minimal needed for works: zsh,
> oh-my-zsh, updated Ubuntu 14.04.2 packages, user with admin/sudo
> rights, bye root ssh logins, ssh only by certificate, no ssh
> passwords, cleaned apt archives, cleaned logs, etc a little paranoid
> in security.
>
> for new containers i clone all from this base container, and I get
> this message:
> ===
> host15 :: ~ » lxc-clone -s baseserver testserver
> newgidmap: gid range [100000-100001) -> [200000-200001) not allowed
You're trying to map 200000 on the host to 100000 in the container,
but you're not allowed by /etc/subgid to use 200000 on the host.
I suspect you have something like
lxc.id_map = g 100000 200000 1
when you want maybe
lxc.id_map = g 0 100000 1
Guess it depends on exactly what you are trying to do - do you want
uid 0 in the container to be uid 100000 on the host?
> error mapping child
> setgid: Invalid argument
> Created container testserver as snapshot of base
> ===
>
> With this warning, the container is cloned. I work this with user
> lazarus
> ===
> host15 :: ~ » cat /etc/subgid /etc/subuid
> 1 ↵
> root:100000:65536
> lazarus:100000:65536
> root:100000:65536
> lazarus:100000:65536
> ===
>
> is normal this warning or a possible error is growing without notice
> ? somebody can explain me why this warning ?
>
>
> Yonsy Solis
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
More information about the lxc-users
mailing list