On Tue, Aug 11, 2015 at 09:04:46AM +0200, Dietmar Maurer wrote: > I no get another error: > > (00.000399) Error (proc_parse.c:826): SECCOMP_MODE_FILTER not currently > supported > (00.000401) Error (proc_parse.c:839): Error parsing proc status file > > So I have to set: > > lxc.seccomp =
Yep, I'm working on adding SECCOMP_MODE_FILTER support right now. > which is bad, because 'umount -f' can be used to terminate lxcfs... Yes, and since these have to be privileged containers anyway I don't think they're very secure. But hopefully we'll fix that. > After that, I get: > > ... > 00.013118) timerfd: Dumping id 0x13 clockid 1 it_value(86392, 143546305) > it_interval(0, 0) > (00.013122) fdinfo: type: 0x11 flags: 02004002/01 pos: 0x 0 fd: 24 > (00.013131) 24683 fdinfo 25: pos: 0x 0 flags: > 2004000/0x1 > (00.013143) fsnotify: wd: wd 0x00000003 s_dev 0x00700000 i_ino 0x > 517 mask 0x0800ad84 > (00.013145) fsnotify: [fhandle] bytes 0x00000008 type 0x00000001 __handle > 0x004f3d2c00000517:0x0 > 000000000000000 > (00.013147) fsnotify: Opening fhandle 700000:4f3d2c00000517... > (00.013150) Path `/' resolved to `./' mountpoint > (00.013153) fsnotify: Handle 0x700000:0x517 is openable > (00.013154) Warn (fsnotify.c:188): fsnotify: Handle 0x700000:0x517 cannot > be > opened > (00.013156) irmap: Resolving 700:517 path > (00.013157) irmap: Scanning /etc hint > (00.013162) irmap: Scanning /var/spool hint > (00.013163) irmap: Scanning /lib/udev hint > (00.013165) irmap: Scanning /. hint > (00.013166) irmap: Scanning /no-such-path hint > (00.013167) irmap: Refresh stat for /no-such-path > (00.013174) Error (irmap.c:81): irmap: Can't stat /no-such-path: No such file > or > directory > (00.013176) Error (fsnotify.c:191): fsnotify: Can't dump that handle > (00.013183) ---------------------------------------- > (00.013185) Error (cr-dump.c:1255): Dump files (pid: 24683) failed with -1 > > This is a simple centos7 container - nothing running (onyl systemd). > Any idea whats wrong? Not sure, this is likely something that systemd is doing to confuse CRIU. The CRIU list may have a better idea, I've not seen it before. Tycho _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
