Bug#875733: same with buster
Thanks a lot Matthijs! This seems to make the difference: < lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 < lxc.mount.entry = sysfs sys sysfs defaults,ro 0 0 lxc.mount.auto = proc:mixed lxc.mount.auto = sys:ro The former is the container before migration (of the container) to systemd (both host and guest have been upgraded through multiple releases). Both host and guest are on buster. Again, many thanks!!! *t On Wed, 27 May 2020, Matthijs Kooijman wrote: Has anybody succeeded in running systemd inside an LXC container with "lxc.cap.drop = sys_admin" ? Yup, on a Buster system, I'm using this config, which works: https://github.com/daenney/Tika/blob/tika-host/etc/lxc/login/config Not sure what the essential part is, but maybe you can compare this with your own config and make it work from there. Gr. Matthijs
Bug#875733: same with buster
> Has anybody succeeded in running systemd inside an LXC container with > "lxc.cap.drop = sys_admin" ? Yup, on a Buster system, I'm using this config, which works: https://github.com/daenney/Tika/blob/tika-host/etc/lxc/login/config Not sure what the essential part is, but maybe you can compare this with your own config and make it work from there. Gr. Matthijs signature.asc Description: PGP signature
Bug#875733: same with buster
I get this same behavior under Debian buster: # cat /var/lib/lxc/foobar/config [...] lxc.cap.drop = sys_admin [...] foobar ist a container with systemd inside. # lxc-start foobar lxc-start foobar -F lxc-start: foobar: conf.c: lxc_mount_auto_mounts: 770 No such file or directory - Failed to mount "/sys/fs/cgroup" If I comment out "lxc.cap.drop = sys_admin" then the container succeeds to start. Has anybody succeeded in running systemd inside an LXC container with "lxc.cap.drop = sys_admin" ? *t
