[lxc-users] Debian and unprivileged LXC not working...
Dirk Geschke
dirk at lug-erding.de
Sun Dec 31 14:11:33 UTC 2017
Hi Serge,
> > If you build without cgmanager, and your system has the cgroups
> > individually mounted under /sys/fs/cgroup, then cgfsng will be
> > automatically used.
I just tested it by compiling and installing lxcfs. If I add to
/etc/pam.d/common-session and /etc/pam.d/common-session-noninteractive
this line
session optional /usr/local/lib/security/pam_cgfs.so -c freezer,memory,name=systemd
and mount /sys/fs/cgroup manually (I use the cgroup-mounts script from
Ubuntu's cgroup-lite-1.9 package) LXC works completely unprivileged.
There seems to be no need for cgmanager any longer. I just tested LXC
version 2.0.9, probably 2.1.x will work, too.
Maybe one should adjust the documentation?
https://linuxcontainers.org/lxc/getting-started/
Best regards and many thanks for your help!
Dirk
--
+----------------------------------------------------------------------+
| Dr. Dirk Geschke / Plankensteinweg 61 / 85435 Erding |
| Telefon: 08122-559448 / Mobil: 0176-96906350 / Fax: 08122-9818106 |
| dirk at geschke-online.de / dirk at lug-erding.de / kontakt at lug-erding.de |
+----------------------------------------------------------------------+
More information about the lxc-users
mailing list