Hello Fajar,
It may be useful to give more details about what i am trying to do ;-) I
work with a Debian Jessie and LXC 1.0.6 from the Debian repository.
You should realy use at least 1.0.7 from experimental, or better yet, 1.1.1.
That was a good advice... with 1.0.7 from experimental, everything works
like a charm. I can create root owned unprivileged containers with lvm
backend and start them without any tweak (no chmod, ...).
Thank you for spending some time on my problem and giving me hope with a
working example ;-)
Xavier
Finally, i try to start this container but it miserably fails,
root # lxc-start -n test --logfile test.log --logpriority DEBUG
lxc-start: failed to determine fs type for '/dev/Pool/test'
lxc-start: failed to determine fs type for '/dev/dm-7'
lxc-start: failed to mount rootfs
Works for me, just needed a chmod (which is shown on the helpful error
message that I get). This is lxc 1.1.1+master~20150407-0 from ubuntu
daily ppa.
# cat /etc/subuid
lxc-dnsmasq:100000:10000
user:100000:65537
root:1000000:100000
# cat /etc/subgid
lxc-dnsmasq:100000:10000
user:100000:65537
root:1000000:100000
# cat << END > /tmp/test.conf
lxc.id_map = u 0 1000000 100000
lxc.id_map = g 0 1000000 100000
lxc.network.type = empty
END
# lxc-create -n test -f /tmp/test.conf -t download -B lvm --vgname lxc
-- -d ubuntu -r utopic -a amd64
File descriptor 3 (/var/lib/lxc/test/partial) leaked on lvcreate
invocation. Parent PID 24304: lxc-create
Logical volume "test" created
Using image from local cache
Unpacking the rootfs
---
You just created an Ubuntu container (release=utopic, arch=amd64,
variant=default)
To enable sshd, run: apt-get install openssh-server
For security reason, container images ship without user accounts
and without a root password.
Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts.
# lxc-start -n test
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 346 To get more details, run the
container in foreground mode.
lxc-start: lxc_start.c: main: 348 Additional information can be
obtained by setting the --logfile and --logpriority options.
# lxc-start -F -n test
lxc-start: start.c: print_top_failing_dir: 102 Permission denied -
could not access /var/lib/lxc. Please grant it 'x' access, or add an
ACL for the container root.
lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 2
lxc-start: start.c: __lxc_start: 1157 failed to spawn 'test'
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 348 Additional information can be
obtained by setting the --logfile and --logpriority options.
# chmod o+x /var/lib/lxc
# lxc-start -n test
# lxc-ls -f --running
NAME STATE IPV4 IPV6 GROUPS AUTOSTART
--------------------------------------------
test RUNNING - - - NO
# lxc-attach -n test -- cat /proc/1/uid_map
0 1000000 100000
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
