Quoting Stéphane Graber ([email protected]): > On Thu, Jun 09, 2016 at 12:56:55PM -0700, Mike Wright wrote: > > On 06/09/2016 12:40 PM, Stéphane Graber wrote: > > >Sounds like your host /proc is over-mounted which triggers a protection > > >mechanism in the kernel that prevents an unprivileged user from mounting > > >it. > > > > > >Look in your host's /proc/mounts for any mountpoint under /proc, try > > >unmounting them one by one until you find the one that's triggering the > > >protection. > > > > Thanks Stéphane, > > > > Here's what's there: > > > > grep proc /proc/mounts: > > > > proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0 > > > > systemd-1 /proc/sys/fs/binfmt_misc autofs > > rw,relatime,fd=36,pgrp=1,timeout=0,minproto=5,maxproto=5,direct 0 0 > > > > xenfs /proc/xen xenfs rw,relatime 0 0 > > > > I don't think I can safely remove any of those. Any other ideas? > > I don't expect either of use to be in active constant use, so you can > still try unmounting them temporarily. > > An alternative is to mount /proc somewhere else on the host where it's > not hidden by those mounts. > > For example: > - mkdir /mnt/proc > - mount -t proc proc /mnt/proc
Right, that's what we do with /usr/share/lxc/config/nesting.conf for the analogous reason in nesting cases. _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
