Kir, Please take a look at the following patches. They implement support for unprivileged containers using user namespaces, and should work, modulo bugs.
vzctl enter is still not working, but that seems to be due to lack of support for some functionality in the kernel, nothing we can do in userspace. (I am already investigating this). Glauber Costa (6): host uid and gid parameters adjust fs_create parameter run modified tar if upstream user namespace support for upstream containers add user mismatch test allow local uid and gid to be specified at container creation include/res.h | 8 ++++ include/types.h | 1 + include/vzctl_param.h | 3 ++ man/vzctl.8.in | 14 +++++++ scripts/vps-create.in | 18 +++++++++ src/lib/Makefile.am | 3 ++ src/lib/chown_preload.c | 73 ++++++++++++++++++++++++++++++++++ src/lib/config.c | 32 +++++++++++++++ src/lib/create.c | 30 +++++++++----- src/lib/env.c | 29 ++++++++++++++ src/lib/hooks_ct.c | 103 ++++++++++++++++++++++++++++++++++++++++++++++-- src/vzctl-actions.c | 2 + src/vzctl.c | 1 + 13 files changed, 304 insertions(+), 13 deletions(-) create mode 100644 src/lib/chown_preload.c -- 1.7.11.7 _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
