Re: [lxc-users] Strange CPUSET CGROUP behaviour

On Thu, Sep 03, 2020 at 03:27:37PM +0100, Ben Green wrote: > Hi all, > > We are starting to use LXC in production here, after solving our final > problem (inconsistent and disappearing cgroup space - Thread name > "Disappearing Cgroups" on this list) completely with the help of Serge > E. Hallyn.

Re: [lxc-users] URGENT Panic when upgrading Kernel

On Tue, May 19, 2020 at 02:46:34AM -0400, Saint Michael wrote: > Ubuntu 18.04 > 5.3.0-51-generic > lxc-start --version > 4.0.0-devel > I can no longer start my containers, how do I get back to a version of LXC > that still works with this kernel? This should already be fixed in master but I'll

Re: [lxc-users] Issue withe latest version from git

On Thu, May 14, 2020 at 02:27:30PM -0400, Saint Michael wrote: > I use the ubuntu > add-apt-repository ppa:ubuntu-lxc/lxc-git-master > lxc-start --version > 4.0.0-devel I've sent a few fixes just now. Once Stéphane merges them and a new package has been pushed those issues should hopefully be

Re: [lxc-users] URGENT Panic when upgrading Kernel

On Tue, May 19, 2020 at 02:46:34AM -0400, Saint Michael wrote: > Ubuntu 18.04 > 5.3.0-51-generic > lxc-start --version > 4.0.0-devel > I can no longer start my containers, how do I get back to a version of LXC > that still works with this kernel? Hey, Sorry that was a regression. It is fixed by:

Re: [lxc-users] Issue withe latest version from git

On Thu, May 14, 2020 at 09:13:01AM -0400, Saint Michael wrote: > I am getting thousands of messages like this in my log, inside the > container: > May 14 13:09:38 iowa agetty[12473]: /dev/console: not a character device > May 14 13:09:48 iowa systemd[1]: console-getty.service: Service hold-off >

Re: [lxc-users] Unprivileged networking option?

On February 28, 2020 8:09:45 PM GMT+01:00, "Serge E. Hallyn" wrote: >On Fri, Feb 28, 2020 at 02:34:25PM +0100, Ede Wolf wrote: >> Hello, >> >> do we have any alternatives to classical bridging right now for >connecting >> (to) unprivileged containers? Like macvlan or ipvlan? >> >> If so, I may

Re: [lxc-users] lxcfs segfaults since around 2019-07-23, containers malfunction

On Tue, Jul 23, 2019 at 01:31:12PM +0200, Tomasz Chmielewski wrote: > Since around 2019-07-23, lxcfs segfaults randomly on Ubuntu 18.04 servers > with LXD from snap: > > lxcfs[1424]: segfault at 0 ip 7f518f5e4326 sp 7f519da1f9a0 error 4 > in liblxcfs.so[7f518f5d8000+1a000] > > > As a

[lxc-users] Linux Plumbers 2019: Containers and Checkpoint/Restore micro-conference CFP

Hey everyone, We're excited to announce another edition of the combined Containers and Checkpoint/Restore micro-conference at this year's Linux Plumbers conference in Lisbon, Portugal! The Containers and Checkpoint/Restore micro-conference at Linux Plumbers is the opportunity for runtime and

Re: [lxc-users] CGroup V2 Support

On Fri, Apr 12, 2019 at 6:17 PM ITeng A wrote: > Dear all > > Does the current version of LXC 3.0.3 support the new cgroup v2 ? > I try to run LXC containers with the unified cgroup but containers fail > to start with these error " > > Failed to create directory "/sys/fs/cgroup/unified//lxc/u2

Re: [lxc-users] AppArmor syslog alert explanation, please?

On Sat, Mar 09, 2019 at 10:16:40PM +0300, Andrey wrote: > Greetings, All. > > Saturday, March 9, 2019, 22:11:32 you wrote: > > AR> Greetings, All! > > AR> Mar 9 22:09:01 ih152926 kernel: [2612590.101781] audit: > AR> type=1400 audit(1552158541.103:2286): > AR> apparmor="DENIED"

Re: [lxc-users] kernel messages appear in containers?

On Sun, Feb 03, 2019 at 09:47:25AM +0100, Stéphane Graber wrote: > Hi, > > Yes, this is normal and as pointed out already, can be tweaked with > dmesg_restrict. > > There was some interest a while back in implementing a logging > namespace, which would solve this cleanly, but it's never been

Re: [lxc-users] Regarding LXC and runC

Hey, On Tue, Jan 15, 2019 at 12:19:35PM +, Datta, Souvik wrote: > Hello, > > > I am new to container technology and at present, experimenting with LXC and > runC. I need to run a system container on an embedded target which has a > requirement of fast startup time. > > In this context,

Re: [lxc-users] lxc-users Digest, Vol 265, Issue 5

On January 27, 2019 7:47:25 PM GMT+01:00, Bryan Christ wrote: >Andrey, > >Thanks for the reply. Is there a resource, document, guide that can >show >me what the old items were and what the new analogs are? Most of my >config >files are from the templates so I added very little. I tried

Re: [lxc-users] lxc-checkconfig improvement?

On Fri, Dec 14, 2018 at 11:37 AM Harald Dunkel wrote: > Hi folks, > > lxc-checkconfig tells me > > : > --- Misc --- > Veth pair device: enabled, loaded > Macvlan: enabled, not loaded > Vlan: enabled, not loaded > Bridges: enabled, loaded > Advanced netfilter: enabled, not loaded >

Re: [lxc-users] Does cpu cgroup has been enabled in lxc/lxd

On November 5, 2018 8:12:35 AM GMT+03:00, kemi wrote: > > >On 2018/11/2 下午8:05, Fajar A. Nugraha wrote: >> On Fri, Nov 2, 2018 at 8:44 AM, kemi wrote: >> >>> >>> thx for your question. >>> In our case, our customers want to run android games within >containers on >>> cloud. >>> >> >> It might

Re: [lxc-users] [PATCH linuxcontainers.org 1/1] getting-started: update cgmaanager mention

resorting to emailing a > patch ] > > We do (afaik) still need something to setup cgroups at login, so recommend > libpam-cgfs as the first, most highly recommended, means. > > Signed-off-by: Serge Hallyn Acked-by: Christian Brauner > --- > content/lxc/getting-started.md | 2

Re: [lxc-users] unable to start containers ("Permission denied - Failed to mount")

On Mon, Sep 24, 2018 at 03:40:57PM +0200, Tomasz Chmielewski wrote: > Turns out something changed the permissions on "containers" directory: Odd, the new storage snapshot api performs an on-disk upgrade but it shouldn't touch the containers directory... //cc Stéphane Christian > > > # lxc

Re: [lxc-users] How to recover from ERROR state

On Mon, Sep 24, 2018 at 02:11:38PM +0200, Christian Brauner wrote: > On Mon, Sep 24, 2018, 14:03 Kees Bakker wrote: > > > Same question again: what is the best approach to recover > > from a container in an ERROR state? So another thing I would like to see is the current

Re: [lxc-users] How to recover from ERROR state

On Mon, Sep 24, 2018, 14:03 Kees Bakker wrote: > Same question again: what is the best approach to recover > from a container in an ERROR state? > Please show me the dmesg output. If it is a kernel bug you're hitting there's nothing that LXD can do to help you. > This time it happened with

Re: [lxc-users] How to recover from ERROR state

> Kees Bakker hat am 11. September 2018 um 15:13 geschrieben: > > > Hey, > > Every now and then we have one or more containers in state ERROR. > Is there a clever method to recover from that, other than > rebooting the LXD server? > > Killing the monitor and the forkstart does help. And also

Re: [lxc-users] Failed to reset devices.list (etc)

On Mon, Sep 10, 2018 at 01:54:21AM +1200, Richard Hector wrote: > On 10/09/18 01:40, Christian Brauner wrote: > > On Mon, Sep 10, 2018 at 01:30:42AM +1200, Richard Hector wrote: > >> Hi all, > >> > >> I have messages like this in the logs on several

Re: [lxc-users] Failed to reset devices.list (etc)

On Mon, Sep 10, 2018 at 01:30:42AM +1200, Richard Hector wrote: > Hi all, > > I have messages like this in the logs on several of my (lxc, not lxd) > containers: > > systemd[1]: phpsessionclean.service: Failed to reset devices.list: > Operation not permitted > > systemd[1]: run-user-1000.mount:

Re: [lxc-users] Overlayfs @ Containers and checkpoint/restart micro-conference at LPC2018

On Sun, Sep 09, 2018 at 09:31:02AM +0300, Amir Goldstein wrote: > On Sun, Sep 9, 2018 at 4:31 AM Christian Brauner wrote: > > > ... > > > [cc: overlayfs developers] > > > > > > Hi Stéphane! > > > > Hey Amir, > > > > I'm one of the c

Re: [lxc-users] Containers and checkpoint/restart micro-conference at LPC2018

On Sat, Sep 08, 2018 at 10:41:41AM +0300, Amir Goldstein wrote: > On Sat, Sep 8, 2018 at 8:00 AM Stéphane Graber wrote: > > > > On Mon, Aug 13, 2018 at 12:10:15PM -0400, Stéphane Graber wrote: > > > Hello, > > > > > > This year's edition of the Linux Plumbers Conference will once again > > > have

Re: [lxc-users] Unprivileged LXC - proc:mixed vs. proc:rw

On Thu, Aug 16, 2018 at 09:07:16PM +0200, Dr. Todor Dimitrov wrote: > A follow-up: I assume the same applies to sys:mixed vs. sys:rw, correct? Yes. Newever LXC versions will always set sys:rw for unpriv containers. Christian > > Todor > > > On 23. May 2018, at 19:09, Christ

Re: [lxc-users] "lxc list" on Linux 4.18: cannot perform readlinkat() on the mount namespace file descriptor of the init process: Permission denied

On Wed, Aug 15, 2018 at 11:49:40AM +, Tomasz Chmielewski wrote: > # lxc list > cannot perform readlinkat() on the mount namespace file descriptor of the > init process: Permission denied Where is this error coming from? It's not from LX{C,D} What does lxc info show? > > # dmesg -c > [

[lxc-users] New and current Linux container project maintainers

is on board. In case you were wondering who currently maintains what. For LXD we have Serge Hallyn, Christian Brauner, Stéphane Graber, Free Ekanayaka, Tycho Andersen, and Mike Mccracken. For LXC we have Serge Hallyn, Christian Brauner, Stéphane Graber, Dwight Engen, and Wolfgang Bumiller

Re: [lxc-users] What is the state of the art for lxd and wifi ?

On Mon, Jul 23, 2018 at 05:12:09PM +0700, Fajar A. Nugraha wrote: > On Mon, Jul 23, 2018 at 5:08 PM, Pierre Couderc wrote: > > > Where can I find a howto for lxd on a an ultramobile with wifi only ? > > > > I find some posts aged 2014 and more modern posts saying it is not > > possible with

Re: [lxc-users] library start() API from process name having spaces

On Wed, Jul 04, 2018 at 03:23:19PM -0400, Chaetoo3 wrote: > Hi! > > I try to use the liblxc start() API from my process and it worked, but > I notice it would not set the process name for the container process > as it would do from the lxc-start command line. Instead the container > process

Re: [lxc-users] Is this expected isolcpus behaviour with lxc

On Thu, Jun 28, 2018 at 11:07:38AM +0530, Emmanuel Livingstone wrote: > For now to overcome this issue, we've added a patch to an internal mirror > of lxc debian repo https://anonscm.debian.org/git/pkg-lxc/lxc.git > If you guys think adding a config parameter to not mask out the isolcpus in >

Re: [lxc-users] Mounting fuse in a container - most recent instructions don't seem to work

On Tue, Jun 26, 2018 at 08:44:09AM +1000, Tony Lewis wrote: > On 25/06/18 21:22, Christian Brauner wrote: > > On Sat, Jun 23, 2018 at 11:19:17PM +1000, Tony Lewis wrote: > > > Host is Debian Stretch, 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1+deb9u1 > > > (2

Re: [lxc-users] Use image file for unprivileged containers

-d alpine -r edge -a amd64 and then take a look at the loop file that got created. This is the format we support. Christian > > Thanks, > Todor > > > On 15. Jun 2018, at 17:50, Christian Brauner wrote: > > > > On Fri, Jun 15, 2018 at 05:02:50PM +0200, Dr. Todor D

Re: [lxc-users] Use image file for unprivileged containers

On Fri, Jun 15, 2018 at 10:28:34AM +0200, Dr. Todor Dimitrov wrote: > Hallo, > > is it possible to use an image file with “lxc.rootfs.path” for an > unprivileged container? If possible, is it necessary to have the > correct file ownerships within the image or are these automatically > adjusted on

Re: [lxc-users] Fedora 27

On Mon, Jun 04, 2018 at 08:47:28PM -0400, Saint Michael wrote: > I am struggling with adding LXC 3.0 to the latest Fedora Server 27. > Also, in Fedora, the containers do no start automatically. I think I am > missing some step in the system configuration. Any idea how to add LXC 3.0 > to Fedora

[lxc-users] Patches required to compile LXC on ArchLinux with gcc-8

Hey everyone, We've recently discovered that gcc-8 likes to complain (pointlessly about non-bugs) a lot when compiling LXC on ArchLinux. This breaks the build process. We have a set of patches that should fix this. They are all already backported to at least stable-3.0:

Re: [lxc-users] LXC 3.0.0: Packaging Changes To Be Aware Of

On Sat, Apr 07, 2018 at 10:11:58PM +0300, Mihamina RAKOTOMANDIMBY wrote: > On 4/7/18 5:54 PM, Christian Brauner wrote: > > 2. **Important** distrobuilder is the new way of creating machine/system > > container images > > The templates have been replaced by

Re: [lxc-users] authentication in containers jacked-up!

On Thu, Mar 29, 2018 at 09:22:07AM -0400, Ray Jender wrote: > So in Ubuntu 16.04.4 I created 4 LXD containers using LXC. From the host I > created the first container then did $ lxc copy containter1 container2 , 1 > to 3 and 1 to 4. > > It was a challenge for me to make them accessible from the

Re: [lxc-users] debugging a failing clone() call

On Fri, Mar 23, 2018 at 06:13:15AM -0400, Andrew Cann wrote: > Hello, > > The folowing sycall is failing when called on a Travis-CI build machine. > > clone(.., > CLONE_FILES | > CLONE_IO | > CLONE_SIGHAND | > CLONE_VM | > CLONE_SYSVSEM | >

Re: [lxc-users] Using devices in an unprivileged LXC container

On Sun, Mar 25, 2018 at 05:23:21PM +, Avadhut Bhangui wrote: > Hello, > I have an ubuntu system. i login to the device as root user. I have two LXC > containers created using the busbox template. One is privileged and other one > is unprivileged. > I want to ensure that when a USB device is

Re: [lxc-users] SIGRTMIN+3

On Tue, Mar 27, 2018 at 10:12:15AM -0400, Eric Wolf wrote: > One of my containers is shutting down seemingly randomly. I'm trying > to figure out why, but so far all I can find in syslog is systemd[1]: > Received SIGRTMIN+3. which seems to be related to the LXC/LXD stop > command, but I can't find

Re: [lxc-users] Question regarding container affecting the system mounts

On Tue, Mar 27, 2018 at 11:00:01AM -0500, Ronak Desai wrote: > Hi, > > I came a cross a problem where if the containers are running then it > affects the unmount process of the system's mount points. I am not > using these mount points as shared partitions with container. > > For example, I am

[lxc-users] LXC 3.0.0: Packaging Changes To Be Aware Of

Hey everyone, LX{C,FS,D} upstream here. :) I'm sorry to ping you all at once in this mail and I seriously hope I only added actual package maintainers for LXC based projects in their respective distros to this mail. If not I'm genuinely sorry to have banged on your door (or rather inbox) on a

Re: [lxc-users] distrobuilder build-lxc, then how to start the container?

On Sat, Mar 31, 2018 at 02:50:00PM +0300, Mihamina RAKOTOMANDIMBY wrote: > Hello, > > Running LXC 3 on Archlinux, after having buit for LXC with "distrobuild > build-lxc [...]": what is the next step to register the new container and > start it? So that's simply (this assumes LXC 3.0):

Re: [lxc-users] Attempt to define unprivileged LXC by libvirt

On Fri, Mar 23, 2018 at 11:49:08AM +0100, ales drtik wrote: > Hi, > i converted LXC conf to xml by: > > lxcuser@blade1:~/.local/share/lxc/test_deb$ virsh -c lxc:/// > domxml-from-native lxc-tools /home/lxcuser/.local/share/lxc/test_deb/config > > > test_deb >

Re: [lxc-users] how to crate a new Fedora LXC-template

On Thu, Mar 01, 2018 at 12:06:59AM -0500, Saint Michael wrote: > I want to use Fedora 27 as a container. Supposed I install a physical > machine with Fedora, how do I convert it to a container? Stéphane added a new binary to LXD called lxd-p2c ( https://github.com/lxc/lxd/tree/master/lxd-p2c )

Re: [lxc-users] On The Way To LXC 3.0: Splitting Out Templates And Language Bindings

On Thu, Mar 01, 2018 at 03:48:06AM +0300, Andrey Repin wrote: > Greetings, Christian Brauner! > > > And if that makes you > > more likely to read it: there are asciicasts. :) > > 410 Gone Oha, let me fix this :) Thanks! Christian > > :( > > >

[lxc-users] On The Way To LXC 3.0: Moving The Cgroup Pam Module Into The LXC Tree (Including A Detour About Fully Unprivileged Containers)

Hey everyone, Yet another blogpost about LXC 3.0 development. This time we'd like to tell you what happens to the pam_cgfs.so pam module that we used to ship with LXCFS. You can read the details here: https://brauner.github.io/2018/02/28/lxc-includes-cgroup-pam-module.html We're near the finish

[lxc-users] On The Way To LXC 3.0: Splitting Out Templates And Language Bindings

Hey everyone, This is another update about the LXC 3.0 development. Instead of copying and pasting what I wrote on my blog here I'm going to be lazy and please ask you to read: https://brauner.github.io/2018/02/27/lxc-removes-legacy-template-build-system.html This should give you an idea what

Re: [lxc-users] LXC 3.0: Removal of cgmanager And cgfs cgroup Drivers

On Tue, Feb 20, 2018 at 07:17:42PM +0100, Dirk Geschke wrote: > Hi Christian, > > > > Does this mean that lxc 3.0 is systemd-only? > > > > No! > > > > This has no effect whatsoever on what init system you are running. This > > is completely orthogonal and to some extent always has been. In

Re: [lxc-users] LXC 3.0: Removal of cgmanager And cgfs cgroup Drivers

On Tue, Feb 20, 2018 at 13:04:00PM +0100, Harald Dunkel wrote: > Does this mean that lxc 3.0 is systemd-only? No! This has no effect whatsoever on what init system you are running. This is completely orthogonal and to some extent always has been. In fact, we've become even more agnostic wrt to

[lxc-users] LXC 3.0: Removal of cgmanager And cgfs cgroup Drivers

Hey everyone, This is another update about the development of LXC 3.0. As of yesterday the cgmanager and cgfs cgroup drivers have been removed from the codebase. In the good long tradition of all LXC projects to try our hardest to never regress our users and to clearly communicate invasive

Re: [lxc-users] Migrating a rootfs back-and-forth lxc 2.0 <=> 3.0

> Date: Thu, 15 Feb 2018 13:05:44 -0500 (EST) > From: Adrian Pepper > To: lxc-users@lists.linuxcontainers.org > Subject: [lxc-users] Migrating a rootfs back-and-forth lxc 2.0 <=> 3.0 > > Should one expect to encounter subtle (or perhaps not-so-subtle) > problems if one

Re: [lxc-users] LXC master: Legacy Config Items Have Been Removed

> Date: Tue, 13 Feb 2018 00:32:36 +0300 > From: Andrey Repin > To: Sean McNamara , All > > Subject: Re: [lxc-users] LXC master: Legacy Config Items Have Been Removed > > Greetings, Sean McNamara! >

[lxc-users] lxc: issue cleanups

Hey everyone, We are currently in the process of cleaning up the lxc issue list on Github ( https://github.com/lxc/lxc/issues ). This may cause some issues to be closed that you still consider relevant. Please do not take this as a slight. We're mainly doing this because a bunch of those issues

Re: [lxc-users] Using lxc.namespace.net in unprivileged containers

> Date: Fri, 2 Feb 2018 01:52:09 +0200 > From: Eytan Heidingsfeld > To: lxc-users@lists.linuxcontainers.org > Subject: [lxc-users] Using lxc.namespace.net in unprivileged containers > > Hi, > I'm trying to use the new lxc.namespace.net config in an unprivileged > container

Re: [lxc-users] Debian and unprivileged LXC not working...

On Tue, Dec 12, 2017 at 11:00:01PM -0600, Serge Hallyn wrote: > On Tue, Dec 05, 2017 at 05:20:32PM +0100, Dirk Geschke wrote: > > Hi Serge, > > > > > > I am a little bit clueless, I have several systems running with > > > > Debian and unprivileged LXC. But newer systems won't start new > > > >

Re: [lxc-users] Debian and unprivileged LXC not working...

just go for doing the clone() syscall directly via syscall(SYS_clone, ...). Serge, please take a look at https://github.com/lxc/lxc/pull/2034 and see whether that is acceptable to you. :) Christian >From 3b52c88ce5ba62013dd079e28003703028a9965f Mon Sep 17 00:00:00 2001 From: Christian Brau

Re: [lxc-users] Debian and unprivileged LXC not working...

On Wed, Dec 13, 2017 at 09:22:11AM -0600, Serge Hallyn wrote: > Quoting Christian Brauner (christian.brau...@mailbox.org): > > On Tue, Dec 12, 2017 at 11:00:01PM -0600, Serge Hallyn wrote: > > > On Tue, Dec 05, 2017 at 05:20:32PM +0100, Dirk Geschke wrote: > > > > Hi

Re: [lxc-users] Debian and unprivileged LXC not working...

On Wed, Dec 13, 2017 at 01:35:01PM +0100, Christian Brauner wrote: > On Wed, Dec 13, 2017 at 12:54:04PM +0100, Christian Brauner wrote: > > On Tue, Dec 12, 2017 at 11:00:01PM -0600, Serge Hallyn wrote: > > > On Tue, Dec 05, 2017 at 05:20:32PM +0100, Dirk Geschke wrote

Re: [lxc-users] Debian and unprivileged LXC not working...

On Wed, Dec 13, 2017 at 12:54:04PM +0100, Christian Brauner wrote: > On Tue, Dec 12, 2017 at 11:00:01PM -0600, Serge Hallyn wrote: > > On Tue, Dec 05, 2017 at 05:20:32PM +0100, Dirk Geschke wrote: > > > Hi Serge, > > > > > > > > I am a little bi

Re: [lxc-users] Debian and unprivileged LXC not working...

On Tue, Dec 12, 2017 at 11:00:01PM -0600, Serge Hallyn wrote: > On Tue, Dec 05, 2017 at 05:20:32PM +0100, Dirk Geschke wrote: > > Hi Serge, > > > > > > I am a little bit clueless, I have several systems running with > > > > Debian and unprivileged LXC. But newer systems won't start new > > > >

Re: [lxc-users] [debian/stretch64] lxc-copy: Snapshot with OverlayFS backingstorage fails with Linux-4.9.y

On Wed, Oct 25, 2017 at 11:45:52AM +0200, Sedat Dilek wrote: > [ Please CC me - I am not subscribed to lxc-users and debian-kernel MLs ] > > Hi, > > I am playing with LXC and OverlayFS. > > The Debian-kernel shipped with stretch64 fails when using lxc-copy for > a snapshot. > Later I tried the

Re: [lxc-users] [lxc-devel] Suggestions regarding (ultimately) LXC 2.1.0 lxc-update-config

On Wed, Oct 04, 2017 at 03:35:08PM -0400, Adrian Pepper wrote: > Does mentioning lxc.pivotdir really need to be a fatal error? Currently > it seems fatal to the degree that "lxc-ls -f" does not show the > container at all, not RUNNING and not STOPPED. As I said in my previous mail, we've merged

Re: [lxc-users] [lxc-devel] Container startup hook arguments

On Wed, Oct 04, 2017 at 09:35:25AM -0500, Serge Hallyn wrote: > Quoting Kees Bos (cornelis@gmail.com): > > I'm not using it, but do expect the extra args: > > > > while [ {{ '${#@}' }} -gt 3 ] ; do > >    ... > >    shift > > done > > > > It might be that some users will need the last extra

Re: [lxc-users] [lxc-devel] Suggestions regarding (ultimately) LXC 2.1.0 lxc-update-configy

On Wed, Oct 04, 2017 at 06:53:16PM -0500, Serge Hallyn wrote: > agreed to both, lxc-update-config should delete it, and it should be > (initially the only) member of a (new) group of keys to ignore, bc I sent a branch [1] that does: - removes lxc.kmsg and lxc.pivotdir from config files if deteced

Re: [lxc-users] Adding a second disk to a container

On Thu, Jul 13, 2017 at 12:27:52PM +0200, Christian Brauner wrote: > On Wed, Jul 12, 2017 at 04:25:54PM -0400, Stéphane Graber wrote: > > On Wed, Jul 12, 2017 at 01:44:13PM -0600, Joshua Schaeffer wrote: > > > I'm wondering what the best/recommended approach is to adding a

Re: [lxc-users] Adding a second disk to a container

On Wed, Jul 12, 2017 at 04:25:54PM -0400, Stéphane Graber wrote: > On Wed, Jul 12, 2017 at 01:44:13PM -0600, Joshua Schaeffer wrote: > > I'm wondering what the best/recommended approach is to adding a second disk > > to a container. I'm using LXD 2.15 on Ubuntu 16.04. As an example I have a > >

[lxc-users] [pepani...@gmail.com: Managing tarballs in lxd]

- Forwarded message from Javier López Sánchez - Date: Mon, 24 Apr 2017 14:04:34 +0200 From: Javier López Sánchez To: christian.brau...@ubuntu.com Subject: Managing tarballs in lxd Hello Christian, I don't know where to publish this. To help

Re: [lxc-users] lxc 2.0.6 breaks lxc-start

Hi Detlef, Now we're getting somewhere. :) On Wed, Jan 11, 2017 at 03:59:21PM +0100, Detlef Vollmann wrote: > Hi Christian, > > thank you for replying! > > On 01/09/17 17:35, Christian Brauner wrote: > > Thanks for the info. I'm a little confused. > Sorry about that. B

Re: [lxc-users] lxc 2.0.6 breaks lxc-start

Hi Detlef, I sent a branch against lxc (https://github.com/lxc/lxc/pull/1381) which removes the c->is_defined(c) check. Thanks! Christian On Wed, Jan 11, 2017 at 04:10:53PM +0100, Christian Brauner wrote: > Hi Detlef, > > Now we're getting somewhere. :) > > On Wed, Jan 11,

Re: [lxc-users] lxc 2.0.6 breaks lxc-start

Hi, Thanks for the info. I'm a little confused. On Thu, Jan 05, 2017 at 01:31:28PM +0100, Detlef Vollmann wrote: > On 01/01/17 14:14, Christian Brauner wrote: > > Hm, works for me. I can just start containers fine where the > > configuration file is located somewhere else.

Re: [lxc-users] lxc 2.0.6 breaks lxc-start

wrote: > That looks like > > commit 359467743d707d08fda029fa6e957a93bc8dc7ef > Author: Christian Brauner <christian.brau...@canonical.com> > Date: Fri Oct 14 15:27:24 2016 +0200 > > tools: better error reporting for lxc-start > > which added a check for "

Re: [lxc-users] [lxc-devel] Networking issue

Hi, can you please open a bug on https://github.com/lxc/lxc ? Please specify your operating system version and how to reproduce. Thanks. :) Christian On Wed, Nov 09, 2016 at 01:33:55AM -0500, Saint Michael wrote: > It was working fine until a week ago. > I have two sites, it happened on both, so

Re: [lxc-users] [BUG] lxc-destroy destroying wrong containers

On Tue, 10 Nov 2015 14:19:41 +0900, Tomasz Chmielewski : > lxc-destroy may be destroying wrong containers! > > To reproduce: > > 1) have a container you want to clone - here, testvm012d: > > # lxc-ls -f > NAMESTATEIPV4 > IPV6 GROUPS

Re: [lxc-users] [BUG] lxc-destroy destroying wrong containers

On Tue, Nov 10, 2015 at 10:02:00PM +0900, Tomasz Chmielewski wrote: > On 2015-11-10 20:29, Christian Brauner wrote: > > >This may not have something to do with lxc-destroy but with how clones > >work. Can > >you only proceed up to step 2) you listed: > > > &g

Re: [lxc-users] Regression in ephemeral containers

Hm, both work without a problem when I try it. safe_mount() is a function that has been added recently to protect containers against symlinks. Specifically, it prevents two things: 1. do not allow mounts to paths containing symbolic links 2. do not allow bind mounts from relative

[lxc-users] lxcfs v0.10: Upload tar.gz to linuxcontainers.org

Hi, it seems that lxcfs v0.10 is out but there is no corresponding source package on the download site from lxcfs on linuxcontainers.org. Would be good for distros that get their source package from there. :) Christian signature.asc Description: PGP signature

Re: [lxc-users] lxcfs 0.9

...@ubuntu.com To: LXC users mailing-list lxc-users@lists.linuxcontainers.org Subject: Re: [lxc-users] lxcfs 0.9 Quoting Christian Brauner (christianvanbrau...@gmail.com): Hello, it seems on Github lxcfs 0.9 is out for quite a while now but there has been no source package uploaded

[lxc-users] lxcfs 0.9

Hello, it seems on Github lxcfs 0.9 is out for quite a while now but there has been no source package uploaded to linuxcontainers.org. Is this on purpose? If not it would be great if you could put it up so I can update the corresponding arch package. Best, Christian pgpFjSX2dD8IB.pgp

[lxc-users] Unprivileged containers still cause kernel panic on 4.0.3 and 4.0.4

Just a heads up, 4.1-rc4 includes both required patches: (1) https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953 (2)

[lxc-users] Unprivileged containers still cause kernel panic on 4.0.3 and 4.0.4

Hello, it seems that the two patches which were accidently removed from 4.0.2 which are required to prevent a kernel panic when starting unprivileged lxc containers are still not present in 4.0.3 and 4.0.4. I still get a total freeze when starting an unprivileged container on a 4.0.4 kernel.

[lxc-users] cgmanager: Could not get password database information for UID of current process

Hello, When I follow the journal output of systemd with journalctl -f I see an endless stream of warnings thrown by cgmanager. They are all the same and appear for every operation I do where cgmanager is involved: cgmanager[324]: Could not get password database information for UID

[lxc-users] cgmanager: Could not get password database information for UID of current process

When I follow the journal output of systemd with journalctl -f I see an endless stream of warnings thrown by cgmanager. They are all the same and state: cgmanager[324]: Could not get password database information for UID of current process: User ??? unknown or no memory to allocate

[lxc-users] macvlan-based networking for unprivileged containers

Hello, is it currently possible to use macvlan interfaces with unprivileged containers? Best, Christian ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] unprivileged container with systemd?]

I think I can help here. Systemd-based unprivileged containers will only work properly with systemd compiled from git (master) or systemd 218 patched with: From: Lennart Poettering lenn...@poettering.net Date: Thu, 8 Jan 2015 23:12:16 +0100 Subject: core: make EPERM errors when applying OOM

Re: [lxc-users] unprivileged container with systemd?]

For the ones unfamiliar with patching software, here is are links to my Google Drive with patched systemd-versions for Fedora 21 and Rawhide, and Archlinux: Fedora: (1) systemd https://drive.google.com/file/d/0B_UAut69TSAiTmI3SnN4TzRTaXM/view?usp=sharing (2) systemd-libs

[lxc-users] List of bind-mount options

Hello, is there a list of all possible options that an lxc bind-mount entry lxc.mount.entry it seems they are not necessarily the same as for fstab. E.g. create=dir create=file I'm also unclear about optional and none. Such a list would be really good. Best, Christian

[lxc-users] lxc.mount.entry bind mounts not respected on tmpfs filesystems

When an init such as systemd mounts a folder as a tmpfs during startup and the lxc defines a bind-mount on the same folder in the containers config it will be overmounted on container startup. Here is an example. Create an archlinux (or fedora) container with: sudo lxc-create -t archlinux -n

Re: [lxc-users] lxc.mount.entry bind mounts not respected on tmpfs filesystems

On Sat, Feb 07, 2015 at 06:44:31PM +0100, Christian Brauner wrote: When an init such as systemd mounts a folder as a tmpfs during startup and the lxc defines a bind-mount on the same folder in the containers config it will be overmounted on container startup. Here is an example

Re: [lxc-users] OOMScoreAdjust= in dbus.service on systemd-based

; return -errno; } works On Thu, Feb 05, 2015 at 10:51:26PM +0100, Christian Brauner wrote: On Thu, Feb 05, 2015 at 10:19:15PM +0100, Christian Brauner wrote: On Thu, Feb 05, 2015 at 10:14:37PM +0100, Christian Brauner wrote: On Thu, Feb 05, 2015

Re: [lxc-users] OOMScoreAdjust= in dbus.service on systemd-based

On Thu, Feb 05, 2015 at 09:25:12PM +0100, Christian Brauner wrote: I hope so, I've just patched my systemd source code and it's currently compiling. :) One thing I'm currently not clear about is whether the host or the container systemd needs to be patched... I'll go with the host

Re: [lxc-users] OOMScoreAdjust= in dbus.service on systemd-based

On Thu, Feb 05, 2015 at 10:14:37PM +0100, Christian Brauner wrote: On Thu, Feb 05, 2015 at 09:25:12PM +0100, Christian Brauner wrote: I hope so, I've just patched my systemd source code and it's currently compiling. :) One thing I'm currently not clear about is whether the host

Re: [lxc-users] OOMScoreAdjust= in dbus.service on systemd-based

On Thu, Feb 05, 2015 at 10:19:15PM +0100, Christian Brauner wrote: On Thu, Feb 05, 2015 at 10:14:37PM +0100, Christian Brauner wrote: On Thu, Feb 05, 2015 at 09:25:12PM +0100, Christian Brauner wrote: I hope so, I've just patched my systemd source code and it's currently compiling. :) One

Re: [lxc-users] OOMScoreAdjust= in dbus.service on systemd-based

on Archlinux does not yet include this patch as no new system version has been released. Best, Christian Quoting Christian Brauner (christianvanbrau...@gmail.com): Hello, In the past I had troubles getting systemd-based unprivileged containers such as Archlinux or Debian Jessie to boot

Re: [lxc-users] Block devices not permitted on file system

Quoting Christian Brauner (christianvanbrauner at gmail.com): On Sun, Feb 01, 2015 at 12:00:01PM +, lxc-users-request at lists.linuxcontainers.org wrote: This was from the host side. I will use Debian wheezy as an example as it is currently up, it's the same with Ubuntu Trusty

Re: [lxc-users] Block devices not permitted on file system

on file system Quoting Christian Brauner (subroutinec...@gmail.com): Hello, booting unprivileged ubuntu trusty and vivid container I get the following messaged when shutting them down: umount: /dev/zero: block devices are not permitted on filesystem Apparently this is an error

Re: [lxc-users] Block devices not permitted on file system

system In-Reply-To: 20150201142655.ga1...@gmail.com References: mailman.2.1422792001.23450.lxc-us...@lists.linuxcontainers.org 20150201142655.ga1...@gmail.com Message-ID: 20150201154808.GB16770@ubuntumail Quoting Christian Brauner (christianvanbrauner at gmail.com): On Sun, Feb 01, 2015

[lxc-users] Block devices not permitted on file system

Hello, booting unprivileged ubuntu trusty and vivid container I get the following messaged when shutting them down: umount: /dev/zero: block devices are not permitted on filesystem umount: /dev/urandom: block devices are not permitted on filesystem umount: /dev/tty: block devices are

[lxc-users] Unprivileged Systemd-based Containers

Hello, I had a typo in my `00-lxcfs.conf`. After correcting this I can boot an unprivileged systemd-based jessie container. One question remains: How can I create unprivileged containers for fedora and OpenSuse? Best, Christian ___ lxc-users mailing

Re: [lxc-users] Unprivileged Systemd-based Containers

Hello Dirk, right, totally missed that. I tried it with the line lxc.include = lxc.include = /usr/local/share/lxcfs/00-lxcfs.conf (after creating and making 00-lxcfs.conf executable obviously) in my .config. And got: lxc-start 1422277724.347 INFO lxc_conf -

  1   2   >