>Problem solved.
>/dev/rtc is only used to read the time.
>To write the date and time the ioctl function settimeofday is used. To
>prevent this you have to drop the capability sys_time
Dear sfrazt,
Good job! May you figure out if there are "unwanted" side effects if one may
drop the sys_time c
If I understand the lxc code right, it's failing in the function
get_cgroup_mount in src/lxc/cgroup.c, which tries to read the cgroup mount
point from /proc/mounts.
/proc/mount seems to be fine on my machine:
$ cat /proc/mounts
...
...
cgroup /cgroup cgroup
rw,relatime,blkio,net_cls,freezer,device
> I use up-to-date aptosid kernel (3.0.4) and tested the cgroup device access
> rights with rtc.
> test:
> - start with no rights for c 254 0 (rtc).
> - start container, terminal and become root (i deleted all rtc-files in
> container before)
> - mknod -600 rtc0 c 254 0 -> not permitted
> - on h
Ah! That was something I had missed. I recompiled lxc with
the --with-linuxdir option and the old error went away.
Now I'm getting the following error:
$ lxc-attach -n foo -- /bin/bash
lxc-attach: No such file or directory - failed to open /proc/mounts
lxc-attach: cgroup is not mounted
lxc-attach:
On 09/08/2011 07:12 PM, Nikhil Handigol wrote:
> It is indeed the case:
>
> $ type lxc-attach
> lxc-attach is /usr/local/bin/lxc-attach
Ok.
Did you specified the kernel source tree when invoking configure ?
It is the --with-linuxdir=
Make sure to remove src/lxc/setns.h file which is automatical
It is indeed the case:
$ type lxc-attach
lxc-attach is /usr/local/bin/lxc-attach
$ ldd /usr/local/bin/lxc-attach
linux-vdso.so.1 => (0x7fff9ddff000)
liblxc.so.0 => /usr/local/lib/liblxc.so.0 (0x7f072165a000)
libcap.so.2 => /lib/libcap.so.2 (0x7f0721439000)
libc.so.6 => /lib/libc.so.6
On 09/08/2011 06:48 PM, Nikhil Handigol wrote:
> Just to be sure that wasn't the case, I tried running the executable
> directly from the lxc source directory. I got the same error:
>
> $ cd src/lxc
> $ ./lxc-execute -n foo -f /etc/mn/host.conf -- /bin/bash
> root@mnhost:/home/nikhilh/lxc/src/lxc#
Just to be sure that wasn't the case, I tried running the executable
directly from the lxc source directory. I got the same error:
$ cd src/lxc
$ ./lxc-execute -n foo -f /etc/mn/host.conf -- /bin/bash
root@mnhost:/home/nikhilh/lxc/src/lxc#
In another terminal:
$ cd src/lxc
$ ./lxc-attach -n foo -
On 09/08/2011 06:30 PM, Nikhil Handigol wrote:
> I just tried running lxc-attach with linux-2.6.38. I got the same error as
> with linux-3.0 -- Function not implemented - failed to set namespace 'pid'.
>
> Here's the exact sequence of steps that I followed:
>
> Compiled linux-2.6.38.2 with the corr
I just tried running lxc-attach with linux-2.6.38. I got the same error as
with linux-3.0 -- Function not implemented - failed to set namespace 'pid'.
Here's the exact sequence of steps that I followed:
Compiled linux-2.6.38.2 with the corresponding setns patches (
http://lxc.sourceforge.net/patc
Thanks Daniel!
The linux-3.0 patches don't seem to be working for me unfortunately.
I compiled lxc-0.7.5 with the patched linux-3.0. After starting a container
"foo" via lxc-execute,I ran the following command:
$ lxc-attach -n foo -- /bin/bash
When I run lxc-attach, I get the following error:
lx
I use up-to-date aptosid kernel (3.0.4) and tested the cgroup device access
rights with rtc.
test:
- start with no rights for c 254 0 (rtc).
- start container, terminal and become root (i deleted all rtc-files in
container before)
- mknod -600 rtc0 c 254 0 -> not permitted
- on host: echo 'c 254
> > You are absolutely right.
> > The value comes from XAUTHORITY which is given to the container. Is
> > it a
> > wanted behaviour?
>
> I suppose this is coming from sysv init which does not take care of
> cleaning up the env variables (which is better because we can transmit
> env variables from
On 09/08/2011 02:12 PM, sfrazt wrote:
> Daniel Lezcano schrieb am 8.09.11 13:56:
>>> My question is now: Where does this filename came from? Is it
>>> a security hole?
>>>
>> Is it possible that's coming from an environment variable ?
> You are absolutely right.
> The value comes from XAUTHORITY
Daniel Lezcano schrieb am 8.09.11 13:56:
> > My question is now: Where does this filename came from? Is it
> > a security hole?
> >
> Is it possible that's coming from an environment variable ?
You are absolutely right.
The value comes from XAUTHORITY which is given to the container. Is it a
want
On 09/07/2011 10:06 AM, sfrazt wrote:
> hi,
>
> i run lxc under debian sid with lxc version 0.7.5.1.
> I run a debian like system in lxc container and vnc4server inside.
> Therefor i
> have created a user.
>
> The effect is that. If i start vnc4user manually as user with
>
16 matches
Mail list logo
