Re: [lxc-users] creating device nodes in unprivileged containers?

Tomasz Chmielewski Wed, 01 Jul 2015 01:39:38 -0700

Really not possible? How do people run debootstrap, pbuilder? Thesetools are often parts of build systems, am I really the first one to tryto run them in LXC?


Tomasz Chmielewski
http://wpkg.org


On 2015-07-01 17:22, Janjaap Bos wrote:

You cannot create devices from the container. You need to create them
beforehand outside rootfs and bind mount them in the container config.


This has been explained in detail on this list, so just do quick
search for further info.

This only concerns lxd deployments as far as I know.
Op 1 jul. 2015 10:08 schreef "Tomasz Chmielewski" <man...@wpkg.org>:

In an unprivileged Ubuntu 14.04 container, I'm trying to run a
program which needs to create device nodes.

Unfortunately it fails:

# pbuilder-⁠dist trusty i386 create
W: /⁠root/⁠.pbuilderrc does not exist
I: Logging to
/⁠root/⁠pbuilder/⁠trusty-⁠i386_result/⁠last_operation.log
I: Distribution is trusty.
I: Current time: Wed Jul 1 07:25:49 UTC 2015
I: pbuilder-⁠time-⁠stamp: 1435735549
I: Building the build environment
I: running debootstrap
/⁠usr/⁠sbin/⁠debootstrap
mknod: '/var/cache/pbuilder/build/5377/./test-dev-null': Operation
not permitted
E: Cannot install into target '/var/cache/pbuilder/build/5377/.'
mounted with noexec or nodev
E: debootstrap failed
W: Aborting with an error
I: cleaning the build env
I: removing directory /var/cache/pbuilder/build//5377 and its
subdirectories

So I've tried to add the following to container's config:

lxc.cap.keep = CAP_MKNOD

However, the container fails to start:

lxc-start 1435737618.188 ERROR lxc_conf - conf.c:lxc_setup:3925
- Simultaneously requested dropping and keeping caps

I don't see "mknod" dropped before in included configs:

# grep -ri mknod /usr/share/lxc/config/*

How can I let create custom device nodes?

The host is running these versions:

# dpkg -l|grep lxc
ii liblxc1
1.1.2-0ubuntu3~ubuntu14.04.1~ppa1 amd64 Linux Containers
userspace tools (library)
ii lxc
1.1.2-0ubuntu3~ubuntu14.04.1~ppa1 amd64 Linux Containers
userspace tools
ii lxc-templates
1.1.2-0ubuntu3~ubuntu14.04.1~ppa1 amd64 Linux Containers
userspace tools (templates)
ii lxcfs
0.9-0ubuntu1~ubuntu14.04.1~ppa1 amd64 FUSE based
filesystem for LXC
ii python3-lxc
1.1.2-0ubuntu3~ubuntu14.04.1~ppa1 amd64 Linux Containers
userspace tools (Python 3.x bindings)

--
Tomasz Chmielewski
http://wpkg.org [1]

_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users [2]


_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users


_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] creating device nodes in unprivileged containers?

Reply via email to