[lxc-users] Debian and unprivileged LXC not working...
Dirk Geschke
dirk at lug-erding.de
Wed Dec 13 19:16:14 UTC 2017
Hi Christian,
> > > Older liblxc version used system() instead of run_command(). For
> > > system() POSIX leaves it unspecified whether pthread_atfork() handlers
> > > are called but glibc's implementation of system() guarantees that they
> > > are not. But there's no requirement. So this might be why we have been
> > > fine - by chance - all of the time.
> >
> > I don't think so. The previous system did not use system(), it just
> > did a clone() followed by calling the fn directly.
>
> This commit is present at least in 1.0.11 until at least 2.0.4 and it
> has lxc_map_ids() call system() when new{g,u}idmap is used:
>
> commit cf3ef16dc479c102433a82b8ddbb4265d3818cce
> Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> Date: Wed Oct 23 01:02:57 2013 +0000
just for the record, lxc-2.0.8 is still working this way, but it
stops starting with lxc-2.0.9 and the whole lxc-2.1.x branch.
I have no idea, what happened to break it nor do I have any clue
to fix it. But since I like to use unprivileged containers, it
would be nice to get it running again.
Can I help in any way?
Best regards
Dirk
--
+----------------------------------------------------------------------+
| Dr. Dirk Geschke / Plankensteinweg 61 / 85435 Erding |
| Telefon: 08122-559448 / Mobil: 0176-96906350 / Fax: 08122-9818106 |
| dirk at geschke-online.de / dirk at lug-erding.de / kontakt at lug-erding.de |
+----------------------------------------------------------------------+
More information about the lxc-users
mailing list