Quoting Josh Ford ([email protected]): > bump? Wasn't this answered last week? (Maybe it was someone else) As the error message indicates, your container root user (1000000) is not being allowed to descend under /home/jimmy. Either give w+x to /home/jimmy or use an ACL to give 100000 x.
> On Sat 02-07-15 11:18, Josh Ford wrote: > >First -- thanks to all for the fantastic work on LXC! > > > >First-time question here... > > > >My platform is: > > > >Ubuntu 14.10 > >LVM disk encryption > >Encrypted home directory for the user that is creating and starting the > >container (this is a laptop). > > > >I'm having an issue starting unprivileged containers -- though > >I've had success running privileged containers in the past without > >problems on the same platform. > > > >I followed the "Creating unprivileged containers as a user" under the > >Getting Started guide found at > >https://linuxcontainers.org/lxc/getting-started/. Everything works great > >until I try to start the container -- which is when I get the following > >error: > > > >jimmy@jimmyscomputer:~$ lxc-start -n p1 -F > > > > > >"lxc-start: start.c: print_top_failing_dir: 102 Permission denied - could > >not access /home/jimmy. Please grant it 'x' access, or add an ACL for the > >container root. > >lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 2 > >lxc-start: start.c: __lxc_start: 1087 failed to spawn 'p1' > >lxc-start: lxc_start.c: main: 337 The container failed to start. > >lxc-start: lxc_start.c: main: 341 Additional information can be obtained by > >setting the --logfile and --logpriority options." > > > > > >'lxc-start' is being executed by jimmy, so why can't lxc-start > >access jimmy's home directory? Jimmy can certainly execute other > >commands in that directory. > > > >Here's the ~/.config/default.config: > > > > > >lxc.network.type = veth > >lxc.network.link = lxcbr0 > >lxc.network.flags = up > >lxc.network.hwaddr = 00:16:3e:xx:xx:xx > >lxc.id_map = u 0 100000 65536 > >lxc.id_map = g 0 100000 65536 > > > >And here's the ~/.local/share/lxc/p1/config: > > > > > ># Template used to create this container: > >/usr/share/lxc/templates/lxc-download > ># Parameters passed to the template: -d ubuntu -r trusty -a amd64 > ># For additional config options, please look at lxc.container.conf(5) > > > ># Distribution configuration > >lxc.include = /usr/share/lxc/config/ubuntu.common.conf > >lxc.include = /usr/share/lxc/config/ubuntu.userns.conf > >lxc.arch = x86_64 > > > ># Container specific configuration > >lxc.id_map = u 0 100000 65536 > >lxc.id_map = g 0 100000 65536 > >lxc.rootfs = /home/jimmy/.local/share/lxc/p1/rootfs > >lxc.utsname = p1 > > > ># Network configuration > >lxc.network.type = veth > >lxc.network.link = lxcbr0 > >lxc.network.flags = up > >lxc.network.hwaddr = 00:16:3e:xx:xx:xx > > > >The rootfs is there, and is owned by 100000. > > > >Poor jimmy. The only quirk I can think of here is that jimmy's home > >directory is encrypted [??] Just a wild guess though. > > > >Many thanks in advance for any help you can provide -- and again, > >thanks for all the work on LXC. Very cool stuff. > > > >Oh -- also -- is there some easy way to search the list archives? Apologies > >if that's a silly question, but I was trying to solve this myself and didn't > >see a way to do it other than to browse through each thread. > > > >Cheers, > > > >Josh > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
