[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: LXC unprivileged containers

Some progress:

lxcuser@lxcbox$ cat /sys/fs/cgroup/cpuset/cgroup.clone_children
lxcuser@lxcbox$ cat /proc/sys/kernel/unprivileged_userns_clone

lxcuser@lxcbox$ lxc-create --name p1 --template download
Setting up the GPG keyring
Downloading the image index

You just created a Debian container (release=wheezy, arch=amd64, variant=default)

To enable sshd, run: apt-get install openssh-server

For security reason, container images ship without user accounts
and without a root password.

Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts.

But then:

lxcuser@lxcbox$ lxc-start --name p1
lxc_container: cgmanager.c: lxc_cgmanager_enter: 694 call to cgmanager_move_pid_sync failed: invalid request
lxc_container: start.c: __lxc_start: 1080 failed to spawn 'p1'
lxc_container: lxc_start.c: main: 342 The container failed to start.
lxc_container: lxc_start.c: main: 346 Additional information can be obtained by setting the --logfile and --logpriority options.

Reply to: