[lxc-users] monitoring containers using lxc-info (without being root)

Yonsy Solis yonsy.s.p at gmail.com
Mon May 11 18:31:49 UTC 2015



On Mon, May 11, 2015 at 1:11 PM, Harald Dunkel 
<harald.dunkel at aixigo.de> wrote:
> H folks,
> 
> I would like to monitor my containers using lxc-info (lxc 1.1.2)
> run by an unprivileged user. Problem:
> 
> % lxc-info -P /var/lib/lxc -n sample -c lxc.start.auto
> Insufficent privileges to control sample
> % ls -al /var/lib/lxc/sample
> total 16
> drwxr-xr-x  3 root root 4096 May 11 19:40 .
> drwxr-xr-x 16 root root 4096 Aug 14  2014 ..
> -rwxr-xr-x  1 root root 2113 Aug  8  2014 config
> drwxr-x--- 25 root root 4096 Oct  8  2014 rootfs
> -rw-------  1 root root    0 Mar  2  2013 rootfs.hold
> 
> How comes? Looking at the access permissions lxc-info -c lxc.something
> should work. Surely I don't want to "control" the container.

Your user is unprivileged but your container is not. If you create your 
container with sudo lxc-create/sudo lxc-clone then you need ALWAYS sudo 
for lxc-info, lxc-clone, lxc-destroy, etc.

You only can work with unprivileged user AND unprivileged containers, 
more info you can see here [1], read "Basic unprivileged usage".

[1] https://help.ubuntu.com/lts/serverguide/lxc.html#lxc-basic-usage


Yonsy Solis



More information about the lxc-users mailing list