The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/2500
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Unprivileged containers are not compatible with sharing the
host namespace due to an inability to mount sysfs. Add docs
in lxc.container.conf to document that.
Refs #2463
From 777f1ef71e6df186dbab78c67803cebb7a3b5cee Mon Sep 17 00:00:00 2001
From: Alexandros Kosiaris <akosia...@gmail.com>
Date: Mon, 30 Jul 2018 15:01:15 +0300
Subject: [PATCH] Unprivileged's incompatibility with type=none docs
Unprivileged containers are not compatible with sharing the
host namespace due to an inability to mount sysfs. Add docs
in lxc.container.conf to document that out.
Refs #2463
---
doc/lxc.container.conf.sgml.in | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/doc/lxc.container.conf.sgml.in b/doc/lxc.container.conf.sgml.in
index 9808ade6c..a3a3a9d8d 100644
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -430,7 +430,9 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
MA 02110-1301 USA
network devices are usable in the container. It also
means that if both the container and host have upstart as
init, 'halt' in a container (for instance) will shut down the
- host.
+ host. Note that unprivileged containers do not work without this
+ setting due to an inability to mount sysfs. An unsafe workaround
+ would be to bind mount the hosts sysfs.
</para>
<para>
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
