Re: [Lxc-users] read only rootfs

ootfs/dev/shm tmpfs mode=0644 > 0 0 > lxc.mount.entry=sysfs /var/lib/lxc//rootfs/sys sysfs defaults  0 0 > > lxc.cap.drop=sys_admin > > This last line prevents that one can jumo out of the readonly bind mounts from > inside the container :) I'm successfully

Re: [Lxc-users] [lxc-devel] [PATCH] ignore non-lxc configuration line

ostly bug fixes. > > Just a random observation, but there would appear to be at least a > couple on the list who consider this to _be_ a new feature. Me among them, FWIW. -- David Serrano -- Simplify data

Re: [Lxc-users] lxc.cgroup.memory.limit_in_bytes has no effect

ess reaches the memory limit size then the container will > begin to swap. Yes, that's what I saw in a quick test. -- David Serrano -- Achieve unprecedented app performance and reliability What every C/C++ and Fortr

Re: [Lxc-users] [PATCH] ignore non-lxc configuration line

On Sat, May 14, 2011 at 00:15, Serge Hallyn wrote: > > I'm curious, whatcha got in mind? I don't think you have to have something in mind to implement this. Just that old motto "Be lenient in what you accept&qu

Re: [Lxc-users] Making LXC accept an already open network interface—or other options

RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) container# ip neigh show 10.1.0.101 dev eth0 FAILED container# arp -an ? (10.1.0.101) at on eth0 You can see that the packet counts remain at 0. -- David Serrano -- Achie

Re: [Lxc-users] Making LXC accept an already open network interface—or other options

hich is now in the > container > # you can rename it to eth0 in the container as > ip link set $dev2 name eth0 Since eth0 exists inside the container, renaming veth1 returns an error: container# ip link set veth1 name eth0 R

[Lxc-users] Making LXC accept an already open network interface—or other options

appear in the same line. Yes it's in the previous line but relying on that is prone to race conditions. Moreover, reading from a debug log isn't elegant at all... Do I have other options I haven't considered? Thank you, -- David Serrano

Re: [Lxc-users] Hide container processes on the host...

If the parent of slapd is init, you could also check for a PPID of 1—this will only be true for the host slapd. -- David Serrano -- WhatsUp Gold - Download Free Network Management Software The most intuitive

Re: [Lxc-users] readonly root

I'm successfully using aufs (but not with vserver but LXC - I understand vserver is off-topic here). -- David Serrano On Wed, Mar 9, 2011 at 15:07, Corin Langosch wrote: > Hi, > > I basically want to have a single vserver installation and start it > several times using differ

Re: [Lxc-users] Slow and unexpected umounts after pivot_root

ht ? > When the container is launched, the mounts points are inherited and appear > in the pivot_root, so they are unmounted. Oh, I had a wrong understanding of what was being unmounted. Thank you for your quick respons

[Lxc-users] Slow and unexpected umounts after pivot_root

.devices.allow = c 4:0 rwm lxc.cgroup.devices.allow = c 4:1 rwm lxc.cgroup.devices.allow = c 5:0 rwm lxc.cgroup.devices.allow = c 5:1 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgro