Quoting Brian Campbell (lam...@continuation.org):
>
> On Feb 20, 2014, at 11:23 AM, Serge Hallyn wrote:
>
> > Quoting Brian Campbell (lam...@continuation.org):
> >> On Feb 20, 2014, at 9:21 AM, Serge Hallyn wrote:
> >>
> >>> Quoting Brian Campbell (lam...@continuation.org):
> On Feb 18, 2
On Feb 20, 2014, at 11:23 AM, Serge Hallyn wrote:
> Quoting Brian Campbell (lam...@continuation.org):
>> On Feb 20, 2014, at 9:21 AM, Serge Hallyn wrote:
>>
>>> Quoting Brian Campbell (lam...@continuation.org):
On Feb 18, 2014, at 10:25 AM, Serge Hallyn wrote:
> It looks like you're
Quoting Brian Campbell (lam...@continuation.org):
> On Feb 20, 2014, at 9:21 AM, Serge Hallyn wrote:
>
> > Quoting Brian Campbell (lam...@continuation.org):
> >> On Feb 18, 2014, at 10:25 AM, Serge Hallyn wrote:
> >>> It looks like you're in the root cgroup and starting as non-root.
> >>> Withou
On Feb 20, 2014, at 9:21 AM, Serge Hallyn wrote:
> Quoting Brian Campbell (lam...@continuation.org):
>> On Feb 18, 2014, at 10:25 AM, Serge Hallyn wrote:
>>> It looks like you're in the root cgroup and starting as non-root.
>>> Without being root you indeed do not have the rights to create new
>
Quoting Brian Campbell (lam...@continuation.org):
> On Feb 18, 2014, at 10:25 AM, Serge Hallyn wrote:
> > It looks like you're in the root cgroup and starting as non-root.
> > Without being root you indeed do not have the rights to create new
> > cgroups there. You'll need to either use lxc as ro
On Feb 20, 2014, at 1:29 AM, Brian Campbell wrote:
> On Feb 18, 2014, at 10:25 AM, Serge Hallyn wrote:
>
>> Quoting Brian Campbell (lam...@continuation.org):
>>> On Feb 18, 2014, at 12:16 AM, Serge Hallyn wrote:
>>>
> Ah, that's the ticket:
>
> lambda@gherkin:~$ cat /proc/sys/ke
On Feb 18, 2014, at 10:25 AM, Serge Hallyn wrote:
> Quoting Brian Campbell (lam...@continuation.org):
>> On Feb 18, 2014, at 12:16 AM, Serge Hallyn wrote:
>>
Ah, that's the ticket:
lambda@gherkin:~$ cat /proc/sys/kernel/unprivileged_userns_clone
0
Looks like this
Quoting Brian Campbell (lam...@continuation.org):
> On Feb 18, 2014, at 12:16 AM, Serge Hallyn wrote:
>
> >> Ah, that's the ticket:
> >>
> >> lambda@gherkin:~$ cat /proc/sys/kernel/unprivileged_userns_clone
> >> 0
> >>
> >> Looks like this is a Debian specific patch,
> >
> > *cough* pls not to
On Feb 18, 2014, at 12:16 AM, Serge Hallyn wrote:
>> Ah, that's the ticket:
>>
>> lambda@gherkin:~$ cat /proc/sys/kernel/unprivileged_userns_clone
>> 0
>>
>> Looks like this is a Debian specific patch,
>
> *cough* pls not to ask how i knew to query it kthx
>
>> which is why looking at the ups
Quoting Brian Campbell (lam...@continuation.org):
> On Feb 17, 2014, at 11:11 AM, Serge Hallyn wrote:
>
> > Quoting Brian Campbell (lam...@continuation.org):
> >> I tried the demo_userns.c example code from this LWN article
> >> https://lwn.net/Articles/532593/ and got the same result:
> >>
> >
On Feb 17, 2014, at 11:11 AM, Serge Hallyn wrote:
> Quoting Brian Campbell (lam...@continuation.org):
>> I tried the demo_userns.c example code from this LWN article
>> https://lwn.net/Articles/532593/ and got the same result:
>>
>> lambda@gherkin:userns$ ./demo_userns
>> clone: Operation not p
Quoting Brian Campbell (lam...@continuation.org):
> I tried the demo_userns.c example code from this LWN article
> https://lwn.net/Articles/532593/ and got the same result:
>
> lambda@gherkin:userns$ ./demo_userns
> clone: Operation not permitted
>
> So it looks like something is preventing me f
On Feb 16, 2014, at 8:30 PM, Stéphane Graber wrote:
> On Sun, Feb 16, 2014 at 08:22:40PM -0500, Brian Campbell wrote:
>>
>> On Feb 16, 2014, at 12:53 PM, Stéphane Graber wrote:
>>
>>> On Sun, Feb 16, 2014 at 12:49:44PM -0500, Brian Campbell wrote:
On Feb 16, 2014, at 12:23 PM, Stéphane Gr
On Sun, Feb 16, 2014 at 08:22:40PM -0500, Brian Campbell wrote:
>
> On Feb 16, 2014, at 12:53 PM, Stéphane Graber wrote:
>
> > On Sun, Feb 16, 2014 at 12:49:44PM -0500, Brian Campbell wrote:
> >> On Feb 16, 2014, at 12:23 PM, Stéphane Graber wrote:
> >>
> >>> On Sun, Feb 16, 2014 at 03:51:50AM
On Feb 16, 2014, at 12:53 PM, Stéphane Graber wrote:
> On Sun, Feb 16, 2014 at 12:49:44PM -0500, Brian Campbell wrote:
>> On Feb 16, 2014, at 12:23 PM, Stéphane Graber wrote:
>>
>>> On Sun, Feb 16, 2014 at 03:51:50AM -0500, Brian Campbell wrote:
I'm running Debian Jessie (testing), and co
On Sun, Feb 16, 2014 at 12:49:44PM -0500, Brian Campbell wrote:
> On Feb 16, 2014, at 12:23 PM, Stéphane Graber wrote:
>
> > On Sun, Feb 16, 2014 at 03:51:50AM -0500, Brian Campbell wrote:
> >> I'm running Debian Jessie (testing), and compiled lxc from a fresh git
> >> clone (7da8ab1: close inhe
On Feb 16, 2014, at 12:23 PM, Stéphane Graber wrote:
> On Sun, Feb 16, 2014 at 03:51:50AM -0500, Brian Campbell wrote:
>> I'm running Debian Jessie (testing), and compiled lxc from a fresh git clone
>> (7da8ab1: close inherited fds when we still have proc mounted). I would like
>> to create a u
On Sun, Feb 16, 2014 at 03:51:50AM -0500, Brian Campbell wrote:
> I'm running Debian Jessie (testing), and compiled lxc from a fresh git clone
> (7da8ab1: close inherited fds when we still have proc mounted). I would like
> to create a user container without using root privileges, so I set up UID
18 matches
Mail list logo