[lxc-users] Status: Debian Jessie support for unprivileged containers?

Xavier Gendre gendre.reivax at gmail.com
Wed Oct 14 15:46:39 UTC 2015 

> Although setting it up was not as straightforward as your tutorial:
>
> - Package "python3-all-dev" currently has dependency issues
> (https://bugs.launchpad.net/ubuntu/+source/python3.4/+bug/1503382,
> http://askubuntu.com/a/683604/331398)
>
>    I was able to solve this by adding a time.sleep(120) in
> lxc-ci/__init__.py before self.update(), attaching to the new
> temporary container while the timer was running and downgrading the
> python3-packages (See askubuntu-answer)

I never encounter this problem. What is the version of Ubuntu that you 
are using for building the Jessie image? In my explanations, i use the 
14.04 LTS and everything works.

> - cgroups caused some trouble. Setting them with cgmanager/cgm for the
> specific user helped (See http://unix.stackexchange.com/a/171478/88252
> and http://bit.ly/1jokrFl)
>    If anyone knows a good way to make this permanent, let me know!
>
>    Basically it's:
>
>    sudo service cgmanager start
>    sudo cgm create all $USER
>    sudo cgm chown all $USER $(id -u) $(id -g)
>    sudo cgm movepid all $USER $$
>

If you have to do such things, i think that you try to apply my tutorial 
in a Debian host. It will work but, as you notice, you will have to 
tweak cgroup by hand. On my side, i create the Jessie image in a VM with 
Ubuntu (because there is not such problems with cgroups) and i use this 
image in my Jessie host (where i tweak my cgroups through a custom 
systemd service in order to give ownerships to the unprivileged users).

> - "lxc-attach -n $jessiecontainer" does not set the full
> $PATH-environment-variable which is quite inconvenient when
> unexpected, "export
> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
> helps

When i attach to my unprivileged Jessie container, PATH is properly set. 
I don't remind me if i did something specific for that...

> - The Jessie-template does not include man-db, iputils-ping,
> apt-utils, rsyslog - I found it easier to configure the container with
> these installed, could be added to the debian.json-file (But they
> where probably left out to make the template slimmer)

You can add them in debian.json, this is your custom Jessie image. For 
example, i add rsyslog and vim in such a way. If you want a slim one and 
an enhanced one, you are free to create two images. To use them 
simultaneously in your cache directory, you can use the "variant" option.

> But it looks like this is otherwise working quite ok, thanks a lot!

Welcome, happy to help ;-)

Xavier

More information about the lxc-users mailing list