[lxc-users] capabilities requirement change with new filesystem?
Ede Wolf
listac at nebelschwaden.de
Mon Jun 8 14:20:07 UTC 2020
Hi,
So I've migrated my whole system via rsync from f2fs to btrfs on a new
drive, and, after rebooting, all my unpriviledged lxc containers refused
to start.
Example:
lxc-start ... ERROR conf - conf.c:lxc_map_ids:2779 - newuidmap failed
to write mapping "newuidmap: Could not set caps": newuidmap 2413 0
4000000 1 1 4000001 65534
lxc-start ... ERROR start - start.c:lxc_spawn:1690 - Failed to set up
id mapping.
Granting more rights after some searching in their unit files:
AmbientCapabilities=CAP_SETGID
AmbientCapabilities=CAP_SETUID
made them work again. Being curios, I then booted from the old f2fs
drive again and the containers are coming up without above capability
additions.
Back to btrfs and those are needed.
Any idea, what may be going on here?
Thanks Ede
More information about the lxc-users
mailing list