[lxc-users] not allowed to change kernel parameters inside container

Saint Michael venefax at gmail.com
Sat May 25 18:02:59 UTC 2019 

Thanks to all. I am sorry I touched a heated point. For me using
hard-virtualization for Linux apps is dementia. It should be kept only for
Windows VMs.
For me, the single point of using LXC is to be able to redeploy a complex
app from host to host in a few minutes. I use one-host->one-Container. So
what is the issue of giving all power to the containers?

On Sat, May 25, 2019 at 1:56 PM jjs - mainphrame <jjs at mainphrame.com> wrote:

> Given the developers stance, perhaps a temporary workaround is in order,
> e.g. ssh-key root login to physical host e.g. "ssh <host> sysctl
> key=value..."
>
> Jake
>
> On Mon, May 20, 2019 at 9:25 AM Saint Michael <venefax at gmail.com> wrote:
>
>> I am trying to use sysctl -p inside an LXC container and it says
>> read only file system
>> how do I give my container all possible rights?
>> Right now I have
>>
>> lxc.mount.auto = cgroup:mixed
>> lxc.tty.max = 10
>> lxc.pty.max = 1024
>> lxc.cgroup.devices.allow = c 1:3 rwm
>> lxc.cgroup.devices.allow = c 1:5 rwm
>> lxc.cgroup.devices.allow = c 5:1 rwm
>> lxc.cgroup.devices.allow = c 5:0 rwm
>> lxc.cgroup.devices.allow = c 4:0 rwm
>> lxc.cgroup.devices.allow = c 4:1 rwm
>> lxc.cgroup.devices.allow = c 1:9 rwm
>> lxc.cgroup.devices.allow = c 1:8 rwm
>> lxc.cgroup.devices.allow = c 136:* rwm
>> lxc.cgroup.devices.allow = c 5:2 rwm
>> lxc.cgroup.devices.allow = c 254:0 rwm
>> lxc.cgroup.devices.allow = c 10:137 rwm # loop-control
>> lxc.cgroup.devices.allow = b 7:* rwm    # loop*
>> lxc.cgroup.devices.allow = c 10:229 rwm #fuse
>> lxc.cgroup.devices.allow = c 10:200 rwm #docker
>> #lxc.cgroup.memory.limit_in_bytes = 92536870910
>> lxc.apparmor.profile= unconfined
>> lxc.cgroup.devices.allow= a
>> lxc.cap.drop=
>> lxc.cgroup.devices.deny=
>> #lxc.mount.auto= proc:rw sys:ro cgroup:ro
>> lxc.autodev= 1
>>
>>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20190525/31744c80/attachment.html>

More information about the lxc-users mailing list