On 11/15/2016 12:53 AM, Alex Mestiashvili wrote:
> Just stumbled upon the same problem, it seems that CLONE_NEWUSER (
> and as the consequence unprivileged containers ) simply doesn't work
> with grecurity patched kernel, see:
>
> https://forums.grsecurity.net/viewtopic.php?f=3&t=3929
>
> You can
Just stumbled upon the same problem, it seems that CLONE_NEWUSER ( and as
the consequence unprivileged containers ) simply doesn't work with
grecurity patched kernel, see:
https://forums.grsecurity.net/viewtopic.php?f=3&t=3929
You can see if "user namespaces" works with this code:
https://lwn.
On Sat, 2016-10-15 at 18:37 +0800, john wrote:
> I want to know, is it possible start lxc unprivileged container with
> grsec kernel? (start as root or nonroot)
> Thanks.
I guess you don't really mean unprivileged containers, but rather “user
namespaces”. I honestly have no idea.
Regards,
-
Package: linux-image-grsec-amd64
Version: 10
Severity: normal
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
I can not start lxc unprivileged container with
linux-image-grsec-amd64 kernel (even start as root),
The setup work very well wit
4 matches
Mail list logo