[lxc-users] unprivileged Debian Buster container on Debian Buster host fail to start: no cgroups, no controllers

Lukas Pirl lxc-users at lukas-pirl.de
Mon Jul 22 15:47:08 UTC 2019


On Wed, 2019-05-29 00:11 +0200, Lukas Pirl wrote as excerpted:
> $ lxc-create -n test -f test.config -t download -- --dist debian \
>   --release buster --arch amd64
>> cat: /proc/1/uid_map: No such file or directory

> Apparently, ``lxc-create`` queries ``/proc/1/{u,g}id_map`` which it is not
> allowed to (proc mounted with hidepid=2) instead of
> ``/proc/self/{u,g}id_map``, no?
> 
> $ cat /proc/self/{u,g}id_map
>          0          0 4294967295
>          0          0 4294967295

Turns out this might be a false negative.
For the record, this is now being tracked here:
  https://github.com/lxc/lxc/pull/3097

Best,

Lukas

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20190722/be6f8b14/attachment.sig>


More information about the lxc-users mailing list