[lxc-users] Autostart Unpriviledged Containers

Paul Jones spacefreak18 at gmail.com
Fri Oct 9 00:19:47 UTC 2015


I have tried this but for some reason I am having trouble.

I have pastebins for my systemd unit file and the bash script it calls.
http://pastebin.com/FLtLWaih
http://pastebin.com/b9qM2a9J

It appears as though it succesfully creates the cgroup "me", i see it, and
i own it and have seemingly correct permission to it. But as my normal user
I cannot move the current tty to that cgroup. I cannot even do it as root!

On Tue, Oct 6, 2015 at 1:14 AM, Xavier Gendre <gendre.reivax at gmail.com>
wrote:

> Le 06/10/2015 06:03, Paul Jones a écrit :
>
>> Hi.
>>
>> I'm using Debian Stretch. And I would like to use unpriviledged
>> containers.
>>
>> It seems by default, there is one cgroup owned by root. In order to
>> start an unpriviledged container I need to create a new cgroup, chown it
>> to the unpriviledged user and then move the current tty process into
>> that cgroup. Then start the container from there.
>>
>> If this is the case, how will it be possible to autostart containers on
>> boot?
>>
>> Or am I going about this all wrong?
>>
>
> Hi Paul,
>
> to start an unprivileged container on boot, you run some steps similar to
> what you describe but in a script that you call through a systemd service.
>
> Here are the step i do:
> - set clone_children to 1
> - create a dedicated cgroup and give it to my user
> - start the container
>
> Xavier
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users




-- 
Time To Get an EKG, G!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20151008/7c925730/attachment.html>


More information about the lxc-users mailing list