[Bug 1253669] Re: unable to launch lxc application containers when dropping cap_sysadmin
Sebastian Wendland
wendland at cg.uni-saarland.de
Fri Nov 22 13:47:46 UTC 2013
I've been trying to narrow it down by running lxc-execute on a few other
systems, including a 12.04.3 with the 3.2.0-55-generic Kernel, no
success. As you said, the debug output unfortunately does not provide
any details.
What I know so far:
* lxc 0.7.5-3 (standard precise version) and 0.8.0~rc1 (backport) work fine on 3.2 and 3.8 kernels
* as soon as I upgrade to 1.0.0~alpha1 and any kernel, it does not work anymore
* upgrading to the latest daily (1.0.0~alpha3+master~20131122-0500-0ubuntu1~ppa1~precise1) does not resolve the issue on 3.2 and 3.8
I also tried to use a custom container (see attached lxc configuration)
using # lxc-execute -n foo -f lxc.conf -- /bin/bash, but no luck. Note
that I run lxc-execute directly from the command line on the host, not
inside a OS container.
FYI: I use lxc to isolate Apache2 instances on my webservers, using
complex container setups with my own templates. As I said, this worked
perfectly with 0.8.0~rc1 and earlier, and with 1.0.0~alpha1 the
containers work as well - except it is impossible to drop cap_sys_admin.
** Attachment added: "lxc configuration"
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1253669/+attachment/3915022/+files/lxc_foo.txt
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1253669
Title:
unable to launch lxc application containers when dropping cap_sysadmin
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1253669/+subscriptions
More information about the Ubuntu-server-bugs
mailing list