I'm having some problems to configure an unprivileged container on Fedora. I've managed to mount most of the filesystems, but I cannot mount sysfs and use the network at the same time.
Here's the mount entry: lxc.mount.entry = sysfs sys sysfs defaults 0 0 If I use the empty type for network, the container is set and sysfs is mounted. However, once I change the type to "none", I get a permission denied message when mounting (only for sysfs). By not mounting sysfs I can set up the container and have network access. However, I cannot use the ping command: $ ping localhost ping: icmp open socket: Operation not permitted Some information on the capabilities: $ getcap /bin/ping /bin/ping = cap_net_admin,cap_net_raw+ep $ getcap /usr/bin/lxc-start /usr/bin/lxc-start = cap_net_admin,cap_net_raw,cap_sys_admin+ep lxc.cap.keep = sys_admin net_admin net_raw I'm not using AppArmor, SELinux neither Seccomp. Any advice on this? _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users