Hi, afaik:
security.nesting: "true" makes the container automatically privileged... -- Mit freundlichen Gruessen / Best regards Oliver Dzombic Layer7 Networks mailto:i...@layer7.net Anschrift: Layer7 Networks GmbH Zum Sonnenberg 1-3 63571 Gelnhausen HRB 96293 beim Amtsgericht Hanau Geschäftsführung: Oliver Dzombic UST ID: DE259845632 Am 20.11.19 um 11:57 schrieb Tomasz Chmielewski: > On 2019-11-20 19:52, Dirk Geschke wrote: >> Hi all, >> >> is there a way to get docker up and running in an unprivileged >> LXC? It seems to have problems with cgroups: >> >> docker: Error response from daemon: OCI runtime create failed: >> container_linux.go:344: starting container process caused >> "process_linux.go:275: applying cgroup configuration for process >> caused \"mkdir /sys/fs/cgroup/cpuset/docker: permission denied\"": >> unknown. >> >> Does someone know a way to get it working? I don't trust the >> docker containers, so my idea was to run them in an LXC. But >> up to now I have no clue how to do this... > > You just need to set this: > > security.nesting: "true" > > > (in "lxc config edit container-name"). > > > Tomasz Chmielewski > https://lxadm.com > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
