[lxc-users] Something changed between 1.1.2 and 1.1.4 for unprivileged containers?

[Fajar A. Nugraha]

On Fri, Oct 16, 2015 at 1:16 PM, Dirk Geschke <dirk at lug-erding.de> wrote:
>> > That works fine with 1.1.2, but not with 1.1.4...
>>
>> su (and sudo) by default does not assign a new tty. So your user ends
>> up with a tty owned by root, thus the tty-related errors.
>
> yes and this works with 1.1.2. However, I tried it with sudo and

Probably the change is intended to secure the system more.


> now the tty belongs to the user starting the container. But it
> still does not work:
>
>   lxc-start 1444975546.122 ERROR    lxc_utils - utils.c:open_without_symlink:1575 - No such file or directory - Error examining fuse in /usr/local/lib/lxc/rootfs/sys/fs/fuse/connections
>   lxc-start 1444975546.122 ERROR    lxc_utils - utils.c:open_without_symlink:1575 - No such file or directory - Error examining fuse in /usr/local/lib/lxc/rootfs/sys/fs/fuse/connections
>   lxc-start 1444975546.123 ERROR    lxc_utils - utils.c:open_without_symlink:1575 - No such device or address - Error examining tty in /usr/local/lib/lxc/rootfs/dev/tty
>   lxc-start 1444975546.123 ERROR    lxc_conf - conf.c:mount_entry:1731 - No such device or address - failed to mount '/dev/tty' on '/usr/local/lib/lxc/rootfs/dev/tty'
>
> I'm a little bit irritated, shouldn't it be something like
>
>   /home/${USER}/.local/share/lxc/${CONTAINER}/rootfs
>
> for an unprivileged user?

What is your exact sudo line? My guess is some old root environment is
still there? Using "-i" with sudo should prevent that.

If that STILL doesn't work, AND running unpriv container from a user
ssh session works, then try to compare the difference between what you
get when you ssh to that user and your su/sudo session, starting with
environment variable and cgroup.

-- 
Fajar