On Mon, Jan 27, 2020 at 05:04:01PM +0100, mlftp@pep.foundation wrote: > Hi, > > I am currently trying to figure out how to run lxc on debian with sysvinit. > I am stuck at the lxc.conf file respectively on /usr/share/lxc/config. > > I get a error when try to launch my container: > > lxc-start: test: cgroups/cgfsng.c: cg_hybrid_get_controllers: 746 Found > hierarchy not under /sys/fs/cgroup: "/sys/fs/cgroup rw,relatime - cgroup > cgroup > rw,cpuset,cpu,cpuacct,blkio,memory,devices,freezer,net_cls,perf_event,net_prio,pids,rdma > " > lxc-start: test: lsm/apparmor.c: make_apparmor_namespace: 761 Permission > denied - Error creating AppArmor namespace: > /sys/kernel/security/apparmor/policy/namespaces/lxc-test_<-home-melodie-.local-share-lxc> > lxc-start: test: lsm/apparmor.c: apparmor_prepare: 980 Failed to load > generated AppArmor profile > lxc-start: test: start.c: lxc_init: 899 Failed to initialize LSM > lxc-start: test: start.c: __lxc_start: 1917 Failed to initialize container > “test" > > Usually systemd does the the cgroup stuff, said documentation and research. > Before I had lxc running on Debian with sysvinit but as privileged containers. > > Has anyone made similar experiences? > Is there some documentation about manually working with cgroups and > unprivileged containers on debian buster? > Can anyone point me to the right documentation please? > > I hope to save some time.
Been awhile so hopefully you've solved this by now? Find out where the /sys/fs/cgroup mount is being done, and make it mount under /sys/fs/cgroup/all. Better would be to also split them up so you have /sys/fs/cgroup/$controller for each line in /proc/cgroups. -serge _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users