Quoting Fajar A. Nugraha (l...@fajar.net):
> On Wed, Nov 13, 2013 at 5:11 PM, Daniel P. Berrange
> <berra...@redhat.com>wrote:
>
> > For a start I think you should update to the curent Fedora 19
> > kernels which are version 3.11.6. Then I'd suggest taking thue
> > Fedora kernel src.rpm and just setting the CONFIG_USER_NS var
> > in its config file, rather than trying navigate the menus.
> >
> > We're not supporting user namespaces in Fedora until at least
> > Fedora 21, since we don't consider the implementation sufficiently
> > mature / secure to enable it sooner.
> >
> >
> Is there an example somewhere on how to enable user namespace in lxc,
> preferably using manual steps? e.g. which lxc configuration directive
> enables it?
For non-libvirt lxc, I've shown a few times a more manual way to do it
on s3hh.wordpress.com, however, the pieces are there now so that you
should be able to just add
lxc.id_map = u 0 100000 9999
lxc.id_map = g 0 100000 9999
to a copy of /etc/lxc/lxc.conf, then do
lxc-create -t ubuntu-cloud -n u1 -f /copy/of/lxc.conf
I've been focusing on unprivileged creation, and don't think I've
yet pushed the fixes needed for root to be able to do that. (which
is complicated by newuidmap not letting root use arbitrary subuids)
As soon as I fix up lxc-delete and write some testcases so I can be
sure it doesn't regress, I'll document this better.
-serge
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
