Re: [libvirt] Lxc support

Fri, 29 Oct 2010 06:52:09 -0700 

Le 29/10/2010 14:51, Serge Hallyn a écrit :

Quoting Jean-Philippe Menil (jean-philippe.me...@univ-nantes.fr):

10:41:10.076: error : lxcContainerStart:858 : Failed to run clone
container: Operation not permitted


I would guess that the libvirt process creating the container has dropped some
of the needed capabilities (CAP_SYS_ADMIN and a few others).  Is libvirtd
running as root?  What does /proc/$$/status for that process show?

Hi,

libvirt is running as root.

r...@redbreast:/tmp# ps aux | grep libvirtd | grep -v grep

root     15718  0.0  0.0 157760  2924 ?        Sl   15:35   0:00 
/usr/sbin/libvirtd -d


r...@redbreast:/tmp# cat /proc/15718/status
Name:   libvirtd
State:  S (sleeping)
Tgid:   15718
Pid:    15718
PPid:   1
TracerPid:      0
Uid:    0       0       0       0
Gid:    0       0       0       0
FDSize: 64
Groups: 0
VmPeak:   181892 kB
VmSize:   157760 kB
VmLck:         0 kB
VmHWM:      2924 kB
VmRSS:      2924 kB
VmData:   115012 kB
VmStk:       136 kB
VmExe:       792 kB
VmLib:      6372 kB
VmPTE:       124 kB
VmSwap:        0 kB
Threads:        7
SigQ:   2/16382
SigPnd: 0000000000000000
ShdPnd: 0000000000000000
SigBlk: 0000000000000000
SigIgn: 0000000000001000
SigCgt: 0000000180014007
CapInh: 0000000000000000
CapPrm: ffffffffffffffff
CapEff: ffffffffffffffff
CapBnd: ffffffffffffffff
Cpus_allowed:   ffff
Cpus_allowed_list:      0-15
Mems_allowed:   00000000,00000003
Mems_allowed_list:      0-1
voluntary_ctxt_switches:        321
nonvoluntary_ctxt_switches:     7

and

r...@redbreast:/tmp# cat /proc/15718/cgroup
1:blkio,net_cls,freezer,devices,memory,cpuacct,cpu,ns,debug,cpuset:/

r...@redbreast:/tmp# mount | grep cgroup
none on /var/local/cgroup type cgroup (rw)

In the log, i can find the following:

15:35:58.853: debug : virCgroupMakeGroup:496 : Make controller 
/var/local/cgroup/libvirt/lxc/
15:35:58.853: warning : lxcStartup:2109 : Unable to create cgroup for 
driver: Operation not permitted


If i do an:
r...@redbreast:~# ls -la /var/local/cgroup/libvirt/lxc/

ls: impossible d'accéder à /var/local/cgroup/libvirt/lxc/: Aucun fichier 
ou dossier de ce type

r...@redbreast:~# mkdir /var/local/cgroup/libvirt/lxc/

mkdir: impossible de créer le répertoire 
« /var/local/cgroup/libvirt/lxc/ »: Opération non permise


However, i mount the cgroup with the rw flag.

<<attachment: jean-philippe_menil.vcf>>
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list





















					Reply via email to