On Mon, Jan 27, 2020 at 05:07:52PM +0100, mlftp@pep.foundation wrote: > Hi, > > I am currently trying to figure out how to run lxc on debian with sysvinit. > I am stuck at the lxc.conf file respectively on /usr/share/lxc/config. > > I get a error when try to launch my container: > > lxc-start: test: cgroups/cgfsng.c: cg_hybrid_get_controllers: 746 Found > hierarchy not under /sys/fs/cgroup: "/sys/fs/cgroup rw,relatime - cgroup > cgroup > rw,cpuset,cpu,cpuacct,blkio,memory,devices,freezer,net_cls,perf_event,net_prio,pids,rdma > " > lxc-start: test: lsm/apparmor.c: make_apparmor_namespace: 761 Permission > denied - Error creating AppArmor namespace: > /sys/kernel/security/apparmor/policy/namespaces/lxc-test_<-home-melodie-.local-share-lxc> > lxc-start: test: lsm/apparmor.c: apparmor_prepare: 980 Failed to load > generated AppArmor profile
Oh - actually it seems like this is the more serious problem :) Can you show your container configuration? You might just want to try lxc.apparmor.profile = unconfined at the end of the profile and see if that works around it. Just as a test, not long term. > lxc-start: test: start.c: lxc_init: 899 Failed to initialize LSM > lxc-start: test: start.c: __lxc_start: 1917 Failed to initialize container > “test" > > Usually systemd does the the cgroup stuff, said documentation and research. > Before I had lxc running on Debian with sysvinit but as privileged containers. > > Has anyone made similar experiences? > Is there some documentation about manually working with cgroups and > unprivileged containers on debian buster? > Can anyone point me to the right documentation please? > > I hope to save some time. > > Thank you! > Cheers, > > Mlftp > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
