Running strace inside lxc-execute (i.e. lxc-execute -n foo -s lxc.cap.drop=sys_admin -- strace -f -o/root/debug.out /bin/bash) does not work as strace will immediately crash just like bash, thus producing no output.
Here is the lxc log for # lxc-execute -n foo -f lxc.conf -o foo -l DEBUG -- /bin/bash with the lxc config below (again on 3.8 with the daily lxc build). ------------ lxc.utsname = foo lxc.cap.drop = sys_admin lxc.tty = 1 lxc.console=/lxc/foo/console lxc.rootfs = /lxc/foo/rootfs lxc.mount.entry = /usr usr none ro,bind 0 0 lxc.mount.entry = /lib lib none ro,bind 0 0 lxc.mount.entry = /lib64 lib64 none ro,bind 0 0 lxc.mount.entry = /bin bin none ro,bind 0 0 lxc.mount.entry = /sbin sbin none ro,bind 0 0 lxc.mount.entry = /lxc/dev/null dev/null none bind 0 0 lxc.mount.entry = /lxc/dev/zero dev/zero none bind 0 0 lxc.mount.entry = /lxc/dev/random dev/random none bind 0 0 lxc.mount.entry = /lxc/dev/urandom dev/urandom none bind 0 0 lxc.mount.entry = tmpfs tmp tmpfs rw,size=100M,noexec,nodev,mode=1777 0 0 lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 ** Attachment added: "lxc-execute debug output" https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1253669/+attachment/3915084/+files/lxc_debug -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1253669 Title: unable to launch lxc application containers when dropping cap_sysadmin To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1253669/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
