Quoting Joshua Schaeffer ([email protected]): > I've been using LXC's on Debian 7 for over a year now and everything has > been working great, but I've just been using the version that is packaged > with the distro and I figured it's probably time to get up to date and > start taking advantage of the newer features and unprivileged containers. > So I've created a VM with Debian 8 on it and downloaded the source for LXC > 1.1.1. > > I configured, compiled, and installed the software without any issues, but > when I try to run lxc-create as a regular user I get the following error: > > -------------------------------------------------------------------------- > lxcuser@thinkhost:~$ lxc-create -t download -n c1 > unshare: Operation not permitted
Since unshare failed, your kernel seems to not be allowing unprivileged CLONE_NEWUSER. Check whether there is a sysctl called /proc/sys/kernel/unprivileged_userns_clone, and if so set it to 1. > read pipe: Success > lxc_container: lxccontainer.c: do_create_container_dir: 772 Failed to chown > container dir > lxc_container: lxc_create.c: main: 274 Error creating container c2 > -------------------------------------------------------------------------- > > I've set execute rights on the home directory for that user. Seems like I'm > missing something obvious. Below is the configure parameters I used. make, > make check, and make install reported no problems or errors: > > ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var > --enable-doc --enable-capabilities --with-distro=debian > > I can run the above command as root and it successfully downloads the > template and creates the container which I can then attach to. > > Thanks, > Joshua > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
