On 05/31/2011 01:44 PM, Ramez Hanna wrote: > On Tue, May 31, 2011 at 2:07 PM, Daniel Lezcano<daniel.lezc...@free.fr>wrote: > >> On 05/31/2011 12:33 PM, Ramez Hanna wrote: >> >>> it seems that lxc cannot handle cgroups when capabilities are not all in >>> the >>> same mount >>> it fails now because it cannot write the devices.deny in the cgroup >>> if i comment out all the lxc.cgroup.devices lines in the config of the >>> container then i can actually start it >>> >>> I would think that the way lxc identifies the cgroup mount might be the >>> part >>> that needs patching >>> >> Thanks for investigating. >> >> The main problem is lxc is cgroup agnostic, so we should find a solution >> where we don't break that. >> >> Maybe one solution would be to collect all the mount points found for the >> cgroup and try to find the right path when writing or reading from one >> cgroup file. >> > that is what i had in mind, tried looking into the code but my C skills are > next to zero > >> Does systemd run lxc within a cgroup which is not the root cgroup ? >> >> the lxc-start command would run under $user/master/ > (/sys/fs/cgroup/systemd/$user/$master) > and the container itself would run under $container_name > (/sys/fs/cgroup/systemd/$container_name) > so it would run the container in the root cgroup
ouch ! I have to install systemd on a test machine to check how systemd plays with the cgroup. I don't think the cgroup created by lxc should escape the cgroup the command is assigned to. ------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Data protection magic? Nope - It's vRanger. Get your free trial download today. http://p.sf.net/sfu/quest-sfdev2dev _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
