[lxc-users] monitoring containers using lxc-info (without being root)

Stéphane Graber stgraber at ubuntu.com
Mon May 11 18:35:15 UTC 2015


On Mon, May 11, 2015 at 08:11:16PM +0200, Harald Dunkel wrote:
> H folks,
> 
> I would like to monitor my containers using lxc-info (lxc 1.1.2)
> run by an unprivileged user. Problem:
> 
> % lxc-info -P /var/lib/lxc -n sample -c lxc.start.auto
> Insufficent privileges to control sample
> % ls -al /var/lib/lxc/sample 
> total 16
> drwxr-xr-x  3 root root 4096 May 11 19:40 .
> drwxr-xr-x 16 root root 4096 Aug 14  2014 ..
> -rwxr-xr-x  1 root root 2113 Aug  8  2014 config
> drwxr-x--- 25 root root 4096 Oct  8  2014 rootfs
> -rw-------  1 root root    0 Mar  2  2013 rootfs.hold
> 
> How comes? Looking at the access permissions lxc-info -c lxc.something 
> should work. Surely I don't want to "control" the container.
> 
> 
> Every helpful comment is highly appreciated
> Harri

lxc-info -c doesn't read the container configuration, instead it
connects to the container's command socket and asks the container what's
the running configuration.

That means that you need to run lxc-info as the same user which started
the container for it to be able to contact the command socket.

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150511/b5021abb/attachment.sig>


More information about the lxc-users mailing list