[lxc-users] Help needed: lxc unpriv. containers and debian buster sysvinit

mlftp at pep.foundation mlftp at pep.foundation
Mon Jan 27 16:04:01 UTC 2020


Hi, 

I am currently trying to figure out how to run lxc on debian with sysvinit.
I am stuck at the lxc.conf file respectively on /usr/share/lxc/config.

I get a error when try to launch my container: 

lxc-start: test: cgroups/cgfsng.c: cg_hybrid_get_controllers: 746 Found hierarchy not under /sys/fs/cgroup: "/sys/fs/cgroup rw,relatime - cgroup cgroup rw,cpuset,cpu,cpuacct,blkio,memory,devices,freezer,net_cls,perf_event,net_prio,pids,rdma "
 lxc-start: test: lsm/apparmor.c: make_apparmor_namespace: 761 Permission denied - Error creating AppArmor namespace: /sys/kernel/security/apparmor/policy/namespaces/lxc-test_<-home-melodie-.local-share-lxc>
lxc-start: test: lsm/apparmor.c: apparmor_prepare: 980 Failed to load generated AppArmor profile
lxc-start: test: start.c: lxc_init: 899 Failed to initialize LSM
lxc-start: test: start.c: __lxc_start: 1917 Failed to initialize container “test"

Usually systemd does the the cgroup stuff, said documentation and research. Before I had lxc running on Debian with sysvinit but as privileged containers.

Has anyone made similar experiences?
Is there some documentation about manually working with cgroups and unprivileged containers on debian buster?
Can anyone point me to the right documentation please?

I hope to save some time.

Thank you!
Cheers, 

Mlftp


More information about the lxc-users mailing list