[lxc-users] Device node in LXC is not accessible when connected via SSH
Tim Jaacks
tim.jaacks at garz-fricke.com
Mon Feb 3 14:16:07 UTC 2020
> -----Ursprüngliche Nachricht-----
> Von: Serge E. Hallyn <serge at hallyn.com>
> Gesendet: Montag, 3. Februar 2020 12:36
> An: Tim Jaacks <tim.jaacks at garz-fricke.com>
> Cc: Serge E. Hallyn <serge at hallyn.com>; LXC users mailing-list <lxc-users at lists.linuxcontainers.org>
> Betreff: Re: [lxc-users] Device node in LXC is not accessible when connected via SSH
>
> On Mon, Feb 03, 2020 at 10:02:27AM +0000, Tim Jaacks wrote:
> > OK, this shows me "/lxc/mylxc/init.scope", which sounds reasonable. So do you have any idea, which using "sudo lxc-attach" results in the wrong cgroup "/user.slice"?
>
> You can check for an 'lxc.cgroup.keep' entry in your container configuration.
Nope, I don't have that option set.
> The lxc-attach manpages has a note from Feb 2016 about how "previous versions"
> "suffered a bug whereby a user could attach to a containers namespace without being placed in a writeable cgroup for some critical subsystems." If you're on an older version, it could be that.
I am running LXC version 3.0.3, which is the default on Debian Buster:
https://packages.debian.org/buster/lxc
Is that an "older version"?
I have tried the same commands on an Ubuntu 18.04 machine, also running LXC 3.0.3:
sudo lxc-create -q -t debian -n mylxc -- -r stretch
sudo lxc-start -n mylxc
sudo lxc-attach -n mylxc
It puts the lxc-attach process into the /user.slice device cgroup as well. So I can reproduce this behavior on two different machines with different Linux distributions, both running LXC 3.0.3. Can anybody try to reproduce it with a newer LXC version?
> Otherwise, I'd say it's a bug.
>
> -serge
>
More information about the lxc-users
mailing list