-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Afaik user namespaces support is added in 3.12 kernel release. At least my 3.12 kernel has this option and it evaluates to true.
On 11/13/2013 06:43 AM, Saurabh Deochake wrote: > Hi all, > > I'm trying to restrict privileges of "root" user inside the > container. I came across this "idmap" element of Libvirt Domain XML > file. > > <idmap> <uid start='0' target='1000' count='10'/> <gid start='0' > target='1000' count='10'/> </idmap> > > This says that user with uid 0 in the container is mapped to user > with uid 1000 on the host. > > I checked if it works, I created a file with root user inside the > container and checked uid of the file. Inside the container I get > uid of file as 0 and even on host I get the same uid as 0 instead > of 1000. > > Later I checked the output of "lxc-checkconfig". Output was: > > --- Namespaces --- Namespaces: enabled Utsname namespace: enabled > Ipc namespace: enabled Pid namespace: enabled *User namespace: > missing* Network namespace: enabled Multiple /dev/pts instances: > enabled > > Here it shows that User namespace support is missing. I tried to > check for Namespaces Support in kernel menuconfig. It has support > for following namespaces only: > > --- Namespaces support [*] UTS namespace [*] IPC namespace [*] > PID Namespaces [*] Network namespace > > There is no User Namespace support. > > How should I get this user namespace working on my system? > > The link says that User Namespace feature has already been > implemented in *kernel 3.9.* Reference Link: > https://lwn.net/Articles/532593/ > > My system details are as follow: OS: Fedora 19 *Kernel: 3.9.5* > > Please help me out getting user namespace working on my system. > > Thanks and regards, Saurabh Deochake. > > > > ------------------------------------------------------------------------------ > > DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps > OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API > Access Free app hosting. Or install the open source package on any > LAMP server. Sign up and see examples for AngularJS, jQuery, Sencha > Touch and Native! > http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk > > > > > _______________________________________________ Lxc-users mailing > list Lxc-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/lxc-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJSg4IBAAoJENrR4EaH4PXFlf8H/irYSnMJoIR3n6SDqSULhSRC N+FXQSfoUVzpvXwzzIDEK/fmULQZk2ZK+mwr7+cO31B9Uw/AhhQnxOzS9LmoxdX+ 0kjLAtzfP5uvkpgsQQ7/6ePRdWTlay8oEwV74l/RwOMFVf5jORXAItohEKKAElqO 8nRpup5FMgYSKvkZVIvuv1SLD5MlUMHWUeqYtP3gBcsfHnBvENIJaaR2e9ke+UZ7 BuR29yEI3mZPC7KVYpD3RAFGIZ8wtKUT7taGsreNXT+tzDeKQikiY9fqAz1VGTJy 1cK/uuiHzulL+NvcuNjqf122ifEai6mFnINH7HK58Zi+WN5LfKSV/SAQ4rL68rk= =Xf5V -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access Free app hosting. Or install the open source package on any LAMP server. Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native! http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
