Re: LXC unprivileged containers

To: debian-user@lists.debian.org
Subject: Re: LXC unprivileged containers
From: Johannes Graumann <johannes_graumann@web.de>
Date: Sun, 03 May 2015 09:44:45 +0300
Message-id: <[🔎] mi4g4r$fbo$2@ger.gmane.org>
References: <[🔎] 1304481430490309@web5j.yandex.ru>

Darren Baginski wrote:

> Hello!
> 
> 
> I'm trying to spawn unprivileged  LXC containers as described here
> http://www.flockport.com/lxc-using-unprivileged-containers/ , however
> getting:
> 
> lxc-create -n myvm -t debian -- -r jessie
> unshare: Operation not permitted
> read pipe: No such file or directory
> lxc_container: lxccontainer.c: do_create_container_dir: 760 Failed to
> chown container dir lxc_container: lxc_create.c: main: 271 Error creating
> container myvm
> 
> My setups is testing / unstable (stable doesn't support unprivileged
> containers due to lxc version at least ): ~$ uname -v
> #1 SMP Debian 3.16.7-ckt9-3 (2015-04-23
> ~$ lxc-info --version
> 1.0.7
> 
> 
> What could be wrong ?

Try to set

PROMPT> sudo echo 1 > /sys/fs/cgroup/cpuset/cgroup.clone_children
PROMPT> sudo echo 1 > /proc/sys/kernel/unprivileged_userns_clone

before the "lxc-creat' call.

Sincerely, Joh

Reply to:

Follow-Ups:
- Re: LXC unprivileged containers
  - From: Jonathan Dowland <jmtd@debian.org>

References:
- LXC unprivileged containers
  - From: Darren Baginski <kickbsd@yandex.ru>

Prev by Date: jessie and unpriviledged lxc containers
Next by Date: sudo not respecting /etc/sudoers
Previous by thread: LXC unprivileged containers
Next by thread: Re: LXC unprivileged containers
Index(es):
- Date
- Thread