No, switching between privileged and unprivileged wouldn't have cause dev/ to get populated. My guess is that you probably had an image that contained those files when it shouldn't have in the first place.
On Fri, Nov 22, 2019 at 11:45 AM Chris Han <chrishan...@gmail.com> wrote: > Originally the container was started as a privileged container > with security.privileged="true". But after that I have removed > the security.privileged configuration and restarted the container. Is this > the root cause of the problem? > > May I know what is the correct steps to change a privileged container to > an unprivileged container? > > Thanks for your reply. > > On Sat, Nov 23, 2019 at 12:28 AM Stéphane Graber <stgra...@stgraber.org> > wrote: > >> Hmm, not sure why you have those devices in this container in the first >> place, normally /dev is left empty and mounted as tmpfs in the container. >> You could likely just edit the tarball to remove the content of dev/ and >> then import it just fine. >> >> On Fri, Nov 22, 2019 at 2:19 AM Chris Han <chrishan...@gmail.com> wrote: >> >>> Hi, >>> >>> I have an unprivileged LXD container, c1, running in a physical host. I >>> have exported this container to tar.gz: >>> >>> lxc export c1-unprivileged c1-unprivileged.tar.gz >>> >>> >>> I have created another unprivileged LXD container, c2, with settings for >>> nested containers. Inside the c2 container, I am able to launch a >>> nested unprivileged LXD container, c3. The c3 container is working fine. >>> >>> lxc launch ubuntu:18.04 c3-unprivileged-nested >>> >>> >>> However, when I try to import the c1 tar.gz file inside c2 to create a >>> nested container, it shows the following error message: >>> >>> lxc import c1-unprivileged.tar.gz >>> >>> tar: rootfs/dev/zero: Cannot mknod: Operation not permitted >>> tar: rootfs/dev/random: Cannot mknod: Operation not permitted >>> tar: rootfs/dev/tty: Cannot mknod: Operation not permitted >>> tar: rootfs/dev/null: Cannot mknod: Operation not permitted >>> tar: rootfs/dev/full: Cannot mknod: Operation not permitted >>> tar: rootfs/dev/urandom: Cannot mknod: Operation not permitted >>> >>> I am able to import the c1 tar.gz file in a physical host, but unable to >>> import it in an unprivileged container (to create a nested container). The >>> LXD network and storage settings in the physical host and the c2 container >>> are exactly the same. >>> >>> How to import the c1 tar.gz in the c2 unprivileged container? >>> >>> _______________________________________________ >>> lxc-users mailing list >>> lxc-users@lists.linuxcontainers.org >>> http://lists.linuxcontainers.org/listinfo/lxc-users >>> >> >> >> -- >> Stéphane >> _______________________________________________ >> lxc-users mailing list >> lxc-users@lists.linuxcontainers.org >> http://lists.linuxcontainers.org/listinfo/lxc-users >> > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users > -- Stéphane
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
