[lxc-users] Debian and unprivileged LXC not working...

Dirk Geschke dirk at lug-erding.de
Sun Dec 31 14:11:33 UTC 2017


Hi Serge,

> > If you build without cgmanager, and your system has the cgroups
> > individually mounted under /sys/fs/cgroup, then cgfsng will be
> > automatically used.

I just tested it by compiling and installing lxcfs. If I add to 
/etc/pam.d/common-session and /etc/pam.d/common-session-noninteractive 
this line

   session optional  /usr/local/lib/security/pam_cgfs.so -c freezer,memory,name=systemd

and mount /sys/fs/cgroup manually (I use the cgroup-mounts script from
Ubuntu's cgroup-lite-1.9 package) LXC works completely unprivileged.
There seems to be no need for cgmanager any longer. I just tested LXC
version 2.0.9, probably 2.1.x will work, too.

Maybe one should adjust the documentation?

   https://linuxcontainers.org/lxc/getting-started/
   
Best regards and many thanks for your help!

Dirk

-- 
+----------------------------------------------------------------------+
| Dr. Dirk Geschke       / Plankensteinweg 61    / 85435 Erding        |
| Telefon: 08122-559448  / Mobil: 0176-96906350 / Fax: 08122-9818106   |
| dirk at geschke-online.de / dirk at lug-erding.de  / kontakt at lug-erding.de |
+----------------------------------------------------------------------+


More information about the lxc-users mailing list