It seems to be working now, what I needed was libvirt built with libcap support and also securityfs patch. Thanks!
On Mon, Sep 9, 2013 at 1:08 PM, Jaka Hudoklin <jakahudok...@gmail.com>wrote: > I applied your patch, but no success. What bothers me is that connection > gets reseted. By the way, i'm using systemd, with process started in > forking mode and as daemon. Could this cause any problems? > > This is my libvirtd.conf, if it helps anything: > unix_sock_group = "libvirtd" > unix_sock_rw_perms = "0770" > auth_unix_ro = "none" > auth_unix_rw = "none" > > Can you please tell me easy to setup distro with systemd that user > namespaces work, so i can compare. > > Thanks! > > > On Mon, Sep 9, 2013 at 3:08 AM, Gao feng <gaof...@cn.fujitsu.com> wrote: > >> On 09/06/2013 07:32 PM, Jaka Hudoklin wrote: >> > Hello! >> > >> > Okay i tried again with only staticly linked busybox: >> > offlinehacker:~/ $ /home/offlinehacker/busybox/busybox >> > BusyBox v1.17.1 (Debian 1:1.17.1-8) multi-call binary. >> > Copyright (C) 1998-2009 Erik Andersen, Rob Landley, Denys Vlasenko >> > and others. Licensed under GPLv2. >> > See source distribution for full notice. >> > .... >> > >> > Again my id: >> > uid=499(offlinehacker) gid=100(users) >> groups=100(users),1(wheel),57(networkmanager) >> > >> > My rootfs tree(/home/offlinehacker/busybox): >> > busybox >> > ├── [offlineh users ] busybox >> > └── [offlineh users ] busybox-static_1.17.1-8_amd64.deb >> > >> > It works just fine as root and these folders gets created: >> > busybox >> > ├── [offlineh users ] busybox >> > ├── [offlineh users ] busybox-static_1.17.1-8_amd64.deb >> > ├── [root root ] dev >> > ├── [root root ] .oldroot >> > ├── [root root ] proc >> > └── [root root ] sys >> > >> > When i start it with idmap with clean rootfs(dev proc sys and .oldroot >> deleted) i get this error, and it is a little bit different now: >> > error: Failed to create domain from helloworld.xml >> > error: internal error: guest failed to start: 2013-09-06 >> 11:24:57.088+0000: 5794: debug : virFileC >> > >> > And log is pretty similar: >> > sep 06 11:24:56 laptop libvirtd[1542]: EVENT_POLL_UPDATE_HANDLE: >> watch=241 events=1 >> > sep 06 11:24:57 laptop libvirtd[1542]: Skip interrupt, 1 140499747788544 >> > sep 06 11:24:57 laptop libvirtd[1542]: OBJECT_REF: obj=0x7fc878000c90 >> > sep 06 11:24:57 laptop libvirtd[1542]: OBJECT_REF: obj=0x7fc878000c90 >> > sep 06 11:24:57 laptop libvirtd[1542]: server=0x7fc8a60ddd60 >> client=0x7fc8a60e8bb0 msg=0x7fc8a60e6970 rerr=0x7fc89a32cd40 >> args=0x7fc8880160a0 ret=0x7fc888016030 >> > sep 06 11:24:57 laptop libvirtd[1542]: priv=0x7fc8a60ea3a0 conn=(nil) >> > sep 06 11:24:57 laptop libvirtd[1542]: name=lxc:/// >> > sep 06 11:24:57 laptop libvirtd[1542]: Cannot recv data: Connection >> reset by peer >> > sep 06 11:24:57 laptop libvirtd[1542]: internal error: guest failed to >> start: 2013-09-06 11:24:57.088+0000: 5794: debug : virFileC >> > >> > Rootfs after failed creation looks like this: >> > busybox >> > ├── [offlineh users ] busybox >> > ├── [offlineh users ] busybox-static_1.17.1-8_amd64.deb >> > ├── [offlineh users ] .oldroot >> > ├── [offlineh users ] proc >> > └── [offlineh users ] sys >> > >> > I have debugging enabled, at least LIBVIRT_DEBUG is set to 1 and i get >> much more messages. If there's any my granular debug please let me know. >> > >> > PS: I forgot to mention my version of libvirt is 1.1.2 >> > >> >> OK, I get it, Maybe you need this patch >> >> 1583dfda7c4e5ad71efe0615c06e5676528d8203 >> LXC: Don't mount securityfs when user namespace enabled >> >> Thanks >> > >
_______________________________________________ libvirt-users mailing list libvirt-users@redhat.com https://www.redhat.com/mailman/listinfo/libvirt-users
