Hi Joerg, Thanks for your reply.
I understand that host kernel needs only cgroup and namespace changes to run openwrt container( lxc-checkconfig should give all enabled). Which template and configuration file do you use to create openwrt container. Can you please give me the exact lxc-* steps with needed files ? It will be really helpful for me Thanks, Divya On Tue, Nov 3, 2015 at 3:06 PM, joerg jungermann <[email protected]> wrote: > Hi, > > I am runnning multiple OpenWRT LXC containers on x386_64(15.05), > arm5(dockstar,15.05) and mipsel(Asus WL-500V1 with old 12.09). > > Your host kernel needs of course to have CGroup and Namespace support. > Openwrt runs very smoothly in the container. Droping SYS_ADMIN pervents > the rootfs just extracted from the > rootfs.tar to try overlaymounts. > > The FS settings are > lxc.mount.auto = proc:rw sys:ro > lxc.mount.entry = tmpfs tmp tmpfs > size=8192k,mode=1777 0 0 > > The following capabilities are configured to be dropped > ## Capabilities > lxc.cap.drop = sys_module > #lxc.cap.drop = sys_boot > lxc.cap.drop = sys_admin > lxc.cap.drop = sys_nice > lxc.cap.drop = audit_con $? = 0 > lxc.cap.drop = audit_write > lxc.cap.drop = sys_rawio > lxc.cap.drop = mac_admin > lxc.cap.drop = mac_override > lxc.cap.drop = mknod > # this allow OpenWRT/netifd to configure the network setings inside the > # conatiner > #lxc.cap.drop = net_admin > #lxc.cap.drop = net_raw > > # to run and shutdown procd > lxc.haltsignal = SIGUSR1 > lxc.stopsignal = SIGINT > lxc.kmsg = 1 > > To get an working rootfs I use a tarred rootfs from donwloads.openwrt.org > for the needed architecture. > > This is far from perfect but works for me, very well. > Let me know if you find some caveeats. > > Best regards > > > Hi, > > > > I am trying to create a openWRT lxc container on a yocto based > filesystem. Has > > any one any idea about openwrt template to create the container. Is it > need any > > kernel changes on host? > > > > Thanks, > > Divya > > > > > _______________________________________________ > > openwrt-users mailing list > > [email protected] > > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users > > > -- > Joerg Jungermann > _______________________________________________ > openwrt-users mailing list > [email protected] > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users >
_______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
