[lxc-users] Something changed between 1.1.2 and 1.1.4 for unprivileged containers?
Fajar A. Nugraha
list at fajar.net
Fri Oct 16 07:36:07 UTC 2015
On Fri, Oct 16, 2015 at 1:16 PM, Dirk Geschke <dirk at lug-erding.de> wrote:
>> > That works fine with 1.1.2, but not with 1.1.4...
>>
>> su (and sudo) by default does not assign a new tty. So your user ends
>> up with a tty owned by root, thus the tty-related errors.
>
> yes and this works with 1.1.2. However, I tried it with sudo and
Probably the change is intended to secure the system more.
> now the tty belongs to the user starting the container. But it
> still does not work:
>
> lxc-start 1444975546.122 ERROR lxc_utils - utils.c:open_without_symlink:1575 - No such file or directory - Error examining fuse in /usr/local/lib/lxc/rootfs/sys/fs/fuse/connections
> lxc-start 1444975546.122 ERROR lxc_utils - utils.c:open_without_symlink:1575 - No such file or directory - Error examining fuse in /usr/local/lib/lxc/rootfs/sys/fs/fuse/connections
> lxc-start 1444975546.123 ERROR lxc_utils - utils.c:open_without_symlink:1575 - No such device or address - Error examining tty in /usr/local/lib/lxc/rootfs/dev/tty
> lxc-start 1444975546.123 ERROR lxc_conf - conf.c:mount_entry:1731 - No such device or address - failed to mount '/dev/tty' on '/usr/local/lib/lxc/rootfs/dev/tty'
>
> I'm a little bit irritated, shouldn't it be something like
>
> /home/${USER}/.local/share/lxc/${CONTAINER}/rootfs
>
> for an unprivileged user?
What is your exact sudo line? My guess is some old root environment is
still there? Using "-i" with sudo should prevent that.
If that STILL doesn't work, AND running unpriv container from a user
ssh session works, then try to compare the difference between what you
get when you ssh to that user and your su/sudo session, starting with
environment variable and cgroup.
--
Fajar
More information about the lxc-users
mailing list