Quoting Justin Cormack (jus...@specialbusservice.com): > On Tue, 2011-03-29 at 18:19 -0500, Serge E. Hallyn wrote: > > > As for trouble with init - is your fedora using systemd? How does it > > actually start runlevel changes? Upstart uses dbus over abstract unix > > socket (which is containerized with netns), sysvinit uses ioctl over > > /dev/init which is a distinct file from the one in the container... > > Does systemd do something we're not containerizing right now? > > When I tried Ubuntu on Ubuntu (using upstart), the abstract socket was > not containerized, and it was changing runlevels on the host, which was > a complete pain. How do I make sure that it is? Is it an lxc version > issue (I was using the lxc that ships with Ubuntu 10.10, 0.7.2)?
No, you must have created a container without private network namespace. Since upstart uses an abstact unix domain socket, you can only keep root in a container from being able to reboot by either (1) starting the container as a user who is not root and having a private user namespace (which is not currently recommended since userns is going through churn), or (2) having a private network namespace. -serge
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ Enable your software for Intel(R) Active Management Technology to meet the growing manageability and security demands of your customers. Businesses are taking advantage of Intel(R) vPro (TM) technology - will your software be a part of the solution? Download the Intel(R) Manageability Checker today! http://p.sf.net/sfu/intel-dev2devmar
_______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
