On Tue, Oct 23, 2012 at 12:52 PM, olx69 <ope-li...@gmx.de> wrote: >> As papp mentioned, you'd probably have problems there (at least if the >> host is ubuntu) since postgres use shared memory and apparmor doesn't >> allow setting it. > > this is really sad, therefore I've to use a dedicated kvm instance which > is another story ...
Not HAVE to. The thing is lxc is still somewhat insecure. To counteract that, apparmor on ubuntu limits some things you can't do inside a container, so you can't increase SHM limit. For now, anyway. A workaround is to just disable apparmor for the container, but that might lead to other problems (e.g. container doing "bad things" to the host). Postgres should work then (I tested with Oracle DB, which also requires SHM settings to be increased). ... then again if you use centos host, it might not matter anyway, since AFAIK it doesn't implement the restriction to containers (i.e. all containers are inherently insecure). >> Looks like selinux problem? Can you try disabling selinux in the host >> (and possibly in the guest as well) with "setenforce 0". >> > > I''ve seen this in some web articles but it doesn't help. Anway, I check > it again. See last email from Dwight. -- Fajar ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
