Hi, I am runnning multiple OpenWRT LXC containers on x386_64(15.05), arm5(dockstar,15.05) and mipsel(Asus WL-500V1 with old 12.09).
Your host kernel needs of course to have CGroup and Namespace support. Openwrt runs very smoothly in the container. Droping SYS_ADMIN pervents the rootfs just extracted from the rootfs.tar to try overlaymounts. The FS settings are lxc.mount.auto = proc:rw sys:ro lxc.mount.entry = tmpfs tmp tmpfs size=8192k,mode=1777 0 0 The following capabilities are configured to be dropped ## Capabilities lxc.cap.drop = sys_module #lxc.cap.drop = sys_boot lxc.cap.drop = sys_admin lxc.cap.drop = sys_nice lxc.cap.drop = audit_con $? = 0 lxc.cap.drop = audit_write lxc.cap.drop = sys_rawio lxc.cap.drop = mac_admin lxc.cap.drop = mac_override lxc.cap.drop = mknod # this allow OpenWRT/netifd to configure the network setings inside the # conatiner #lxc.cap.drop = net_admin #lxc.cap.drop = net_raw # to run and shutdown procd lxc.haltsignal = SIGUSR1 lxc.stopsignal = SIGINT lxc.kmsg = 1 To get an working rootfs I use a tarred rootfs from donwloads.openwrt.org for the needed architecture. This is far from perfect but works for me, very well. Let me know if you find some caveeats. Best regards > Hi, > > I am trying to create a openWRT lxc container on a yocto based filesystem. Has > any one any idea about openwrt template to create the container. Is it need > any > kernel changes on host? > > Thanks, > Divya > > _______________________________________________ > openwrt-users mailing list > [email protected] > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users -- Joerg Jungermann _______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
