[loginuid] --- https://www.pld-linux.org/docs/lxc?rev=1385304517 +++ https://www.pld-linux.org/docs/lxc @@ -74,20 +74,24 @@ </file> ==== loginuid ==== - ''pam_loginuid.so'' does not allow ''sshd'' to login + having ''audit_control'' dropped: + <file config config> + lxc.cap.drop = audit_control + </file> + ''pam_loginuid.so'' does not allow ''sshd'' to login: <file> Nov 24 16:02:10 test sshd[2694]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session </file> - - Similar problem as [[http://kb.parallels.com/en/112597|here]], to workaround, disable ''pam_loginuid.so'' in the authentication rules: + You can either [[http://kb.parallels.com/en/112597|workaround]] to disable ''pam_loginuid.so'' in the authentication rules: <file> # sed '/pam_loginuid.so/s/^/#/g' -i /etc/pam.d/* </file> + Or just **do not** drop the capability. ===== Vserver comparision ===== When in Vserver, guest processes are not visible in host, then in LXC all guest processes are visible. Beware when running ''killall(1)'' commands on host.
Diff URL: https://www.pld-linux.org/docs/lxc?do=diff&r1=1385304517&r2=1385306308 -- This mail was generated by DokuWiki at https://www.pld-linux.org/ _______________________________________________ pld-cvs-commit mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
