On Wed, 2011-08-03 at 21:01 -0700, Casey Schaufler wrote:
> On 8/3/2011 4:24 PM, Serge E. Hallyn wrote:
> > Quoting Andre Nathan (an...@digirati.com.br):
> >> Hi Mike
> >>
> >> On Wed, 2011-08-03 at 17:52 -0400, Michael H. Warfield wrote:
> >>> That's v4 syntax. Does it not work at all? Did you
Quoting Andre Nathan (an...@digirati.com.br):
> Hi Mike
>
> On Wed, 2011-08-03 at 17:52 -0400, Michael H. Warfield wrote:
> > That's v4 syntax. Does it not work at all? Did you try this:
> >
> > echo ::/0 @ > /smack/netlabel
> >
> > Not having tried this myself at all, I'm just asking. If it
Hi Mike
On Wed, 2011-08-03 at 17:52 -0400, Michael H. Warfield wrote:
> That's v4 syntax. Does it not work at all? Did you try this:
>
> echo ::/0 @ > /smack/netlabel
>
> Not having tried this myself at all, I'm just asking. If it doesn't
> work, that needs to be fixed but it's a SMACK bug.
On Wed, 2011-08-03 at 17:41 -0300, Andre Nathan wrote:
> Hi Olivier
>
> On Wed, 2011-08-03 at 19:48 +0200, Mauras Olivier wrote:
> > You're true it won't work out of the box, sorry i forgot the network
> > part.
> >
> > echo 0.0.0.0/0 @ > /smack/netlabel
>
> Apparently this doesn't suppor
Hi Olivier
On Wed, 2011-08-03 at 19:48 +0200, Mauras Olivier wrote:
> You're true it won't work out of the box, sorry i forgot the network
> part.
>
> echo 0.0.0.0/0 @ > /smack/netlabel
Apparently this doesn't support IPv6... do you happen to know of a
workaround?
Thanks again,
Andre
--
Hi Andre,
You're true it won't work out of the box, sorry i forgot the network part.
echo 0.0.0.0/0 @ > /smack/netlabel
This will resolve the problem. Smack supports Netlabel/CIPSO, but honestly i
don't need it so i let full access on this side.
You definitely want to check the documentatio
Hi Olivier
On Tue, 2011-08-02 at 12:13 +0200, Mauras Olivier wrote:
> Here's a practical example:
> # smack_label.py -w -r /srv/lxc/lxc1 lxc1
> # echo "lxc1" > /proc/self/current/attr
> # lxc-start -n lxc1
> # echo "_" > /proc/self/current/attr
Does networking inside the containers work for you w
If ns cgroup is mounted, then when lxc-unshare runs, the kernel automatically
creates a new cgroup for the task. So lxc-unshare tries to delete it. But
if ns cgroup is not mounted, that cgroup does not get created, and now
lxc-unshare spits an error.
Author: Serge Hallyn
Bug-Ubuntu: https://bugs
like lxc-ps and lxc-ls, lxc-netstat breaks if there is not an 'lxc' cgroup
mount and /etc/mtab is not a link to /proc/mounts.
Author: Serge Hallyn
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/819319
Forwarded: no
Index: lxc/src/lxc/lxc-netstat.in
The cgroup mounts created by cgroup-bin do not show up in /etc/mtab.
lxc-ls, as lxc-ps before it, assumes that /etc/mtab is symlinked to
/proc/mounts.
Author: Serge Hallyn
Forwarded: no
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/819319
Index: lxc/src/lxc/lxc-ls.in
Hi everyone,
I wondering if anyone has managed to setup a nfs server in a LXC (Linux
distro: Debian squeeze)?
Regards,
JM
--
BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA
The must-attend event for mobile de
Thank you!
On Tue, 2011-08-02 at 12:13 +0200, Mauras Olivier wrote:
> Hello Andre,
>
> All labels are set from the host, so it shouldn't matter if a
> directory is bind mounted or not.
>
> For the setup, this is actually pretty straightforward:
> - You apply the desired label recursively on the
On 07/25/2011 12:07 AM, Daniel Lezcano wrote:
> On 07/21/2011 09:15 AM, Ramez Hanna wrote:
>> it only has an extra parameter which is for the release number
>> which would default to the local release of the host
>> or it can be passed as extra param to the lxc-create like serge showed
>> in some p
On Tue, Aug 2, 2011 at 8:44 PM, Michael H. Warfield wrote:
> Ah... Serge? Reference back to the thread on "[Lxc-users] what's the
> difference in lxc-attach" please? We were discussing systemd back in
> that thread too.
>
> On Tue, 2011-08-02 at 19:22 +0300, Iliyan ILF Stoyanov wrote:
>> Hi,
>
14 matches
Mail list logo
