Hi Wojtek, lxc is "community/lxc 1:1.0.0-2" from archlinux repository. (seems to be the same as [email protected], except some systemd unit files and cosmetic documentation fixes).
Host system runs archlinux amd64, 3.13.5-zen kernel, all packages up to date. lxc-create -n test -t archlinux creates: /var/lib/lxc/test/config: --------- # Template used to create this container: /usr/share/lxc/templates/lxc-archlinux # Parameters passed to the template: # For additional config options, please look at lxc.conf(5) lxc.utsname=test lxc.autodev=1 lxc.tty=1 lxc.pts=1024 lxc.mount=/var/lib/lxc/test/fstab lxc.cap.drop=sys_module mac_admin mac_override sys_time lxc.kmsg=0 lxc.stopsignal=SIGRTMIN+4 #networking lxc.network.type=veth lxc.network.link=br0 lxc.network.flags=up lxc.network.name=eth0 lxc.network.mtu=1500 #cgroups lxc.cgroup.devices.deny = a lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:5 rwm lxc.cgroup.devices.allow = c 1:7 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 4:1 rwm lxc.cgroup.devices.allow = c 5:0 rwm lxc.cgroup.devices.allow = c 5:1 rwm lxc.cgroup.devices.allow = c 5:2 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.rootfs = /var/lib/lxc/test/rootfs --------- /var/lib/lxc/test/fstab: --------- sysfs sys sysfs defaults 0 0 proc proc proc nodev,noexec,nosuid 0 0 --------- /var/lib/lxc/test/rootfs: (contains arch linux root fs) Do you need any more info? Florian Am 25.02.2014 14:29, schrieb Wojciech Arabczyk: > Hi Florian, > > Could you please post your configs? What lxc version are you using > btw? Build from scratch or installed from sys packages? > > On 25 February 2014 14:25, Florian Klink <[email protected]> wrote: >> Hi Wojtek, >> >> thanks for your answer! >> >> I built a kernel with the same config, but with CONFIG_USER_NS set to "y". >> >> lxc-checkconfig now also reports user namespace as "enabled". >> >> >> But when I run lxc-attach, I still see the root file system of the host, >> not of the container... >> >> So the problem is not user-ns related. >> >> Steps to reproduce: >> >> lxc-create -n ${CONTAINER_NAME} -t archlinux >> lxc-start -n ${CONTAINER_NAME} >> lxc-attach -n ${CONTAINER_NAME} /bin/bash >> # ls -la / # shows hosts root file system! >> >> >> I was also able to reproduce this problem with a downloaded template >> (centos 6 amd64), so it doesn't seem to be archlinux related... >> >> >> Do you have any ideas how to investigate further? >> >> >> Florian >> >> >> >> >> Am 25.02.2014 10:46, schrieb Wojtek Arabczyk: >>> You failed to enable user namespace (which is clearly stated in the log >>> you posted). >>> Try enabling the user namespace and retest. >>> >>> -- >>> Pozdraviam >>> Wojtek >>> >>> On Tuesday, 25 February 2014 at 10:34, Florian Klink wrote: >>> >>>> Hi, >>>> >>>> I created a basic archlinux container (using almost the template): >>>> >>>> lxc-create -n test -t archlinux >>>> >>>> I now start the container >>>> >>>> lxc-start -n test >>>> >>>> In another shell, I attach inside it: >>>> >>>> lxc-attach -n test [/bin/bash] >>>> >>>> And I see the root file system of the host! >>>> >>>> However, when I get into the machine by logging in from the lxc-start >>>> command, I see the correct root of the container. >>>> >>>> Some information about my system: >>>> >>>> ----- >>>> lxc-1.0.0 >>>> linux x86_64 3.13.5-1-zen >>>> >>>> --- Namespaces --- >>>> Namespaces: enabled >>>> Utsname namespace: enabled >>>> Ipc namespace: enabled >>>> Pid namespace: enabled >>>> User namespace: missing >>>> Network namespace: enabled >>>> Multiple /dev/pts instances: enabled >>>> >>>> --- Control groups --- >>>> Cgroup: enabled >>>> Cgroup clone_children flag: enabled >>>> Cgroup device: enabled >>>> Cgroup sched: enabled >>>> Cgroup cpu account: enabled >>>> Cgroup memory controller: enabled >>>> Cgroup cpuset: enabled >>>> >>>> --- Misc --- >>>> Veth pair device: enabled >>>> Macvlan: enabled >>>> Vlan: enabled >>>> File capabilities: enabled >>>> >>>> ----- >>>> >>>> Looks like lxc-attach is unable to attach the MOUNT namespace? Or whats >>>> the problem here? >>>> >>>> Florian >>>> >>>> >>>> _______________________________________________ >>>> lxc-users mailing list >>>> [email protected] >>>> <mailto:[email protected]> >>>> http://lists.linuxcontainers.org/listinfo/lxc-users >>> >>> >>> >> >> >> _______________________________________________ >> lxc-users mailing list >> [email protected] >> http://lists.linuxcontainers.org/listinfo/lxc-users > > > _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
