ales drtik
2018-Mar-23 13:09 UTC
[libvirt-users] Attempt to define unprivileged LXC by libvirt
Hi, i converted LXC conf to xml by: lxcuser@blade1:~/.local/share/lxc/test_deb$ virsh -c lxc:/// domxml-from- native lxc-tools /home/lxcuser/.local/share/lxc/test_deb/config <domain type='lxc'> <name>test_deb</name> <uuid>cce77799-89fd-41fd-99c1-101e00844e23</uuid> <memory unit='KiB'>65536</memory> <currentMemory unit='KiB'>65536</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64'>exe</type> <init>/sbin/init</init> </os> <idmap> <uid start='1258512' target='0' count='65536'/> <gid start='1258512' target='0' count='65536'/> </idmap> <features> <capabilities policy='allow'> </capabilities> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <devices> <emulator>/usr/lib/libvirt/libvirt_lxc</emulator> <filesystem type='mount' accessmode='passthrough'> <source dir='/home/lxcuser/.local/share/lxc/test_deb/rootfs'/> <target dir='/'/> </filesystem> <interface type='bridge'> <mac address='00:16:3e:ab:21:1b'/> <source bridge='br0'/> <link state='up'/> </interface> </devices> </domain> Now attempt to define by virsh gives this err: lxcuser@blade1:~/.local/share/lxc/test_deb$ virsh -c lxc:/// define tmp/test _deb.xml error: Failed to define domain from /tmp/test_deb.xml error: unsupported configuration: You must map the root user of container Debian stretch. Where am I wrong ?
Daniel P. Berrangé
2018-Mar-23 13:15 UTC
Re: [libvirt-users] Attempt to define unprivileged LXC by libvirt
On Fri, Mar 23, 2018 at 02:09:39PM +0100, ales drtik wrote:> Hi, > i converted LXC conf to xml by: > > lxcuser@blade1:~/.local/share/lxc/test_deb$ virsh -c lxc:/// domxml-from- > native lxc-tools /home/lxcuser/.local/share/lxc/test_deb/config > > <domain type='lxc'> > <name>test_deb</name> > <uuid>cce77799-89fd-41fd-99c1-101e00844e23</uuid> > <memory unit='KiB'>65536</memory> > <currentMemory unit='KiB'>65536</currentMemory> > <vcpu placement='static'>1</vcpu> > <os> > <type arch='x86_64'>exe</type> > <init>/sbin/init</init> > </os> > <idmap> > <uid start='1258512' target='0' count='65536'/> > <gid start='1258512' target='0' count='65536'/> > </idmap> > <features> > <capabilities policy='allow'> > </capabilities> > </features> > <clock offset='utc'/> > <on_poweroff>destroy</on_poweroff> > <on_reboot>restart</on_reboot> > <on_crash>destroy</on_crash> > <devices> > <emulator>/usr/lib/libvirt/libvirt_lxc</emulator> > <filesystem type='mount' accessmode='passthrough'> > <source dir='/home/lxcuser/.local/share/lxc/test_deb/rootfs'/> > <target dir='/'/> > </filesystem> > <interface type='bridge'> > <mac address='00:16:3e:ab:21:1b'/> > <source bridge='br0'/> > <link state='up'/> > </interface> > </devices> > </domain> > > Now attempt to define by virsh gives this err: > > lxcuser@blade1:~/.local/share/lxc/test_deb$ virsh -c lxc:/// define tmp/test > _deb.xml > error: Failed to define domain from /tmp/test_deb.xml > error: unsupported configuration: You must map the root user of container > > Debian stretch. > Where am I wrong ?The libvirt LXC driver only runs in the privileged libvirtd instance at this time. There is no support for the unprivileged libvirtd with LXC. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
Apparently Analagous Threads
- Attempt to define unprivileged LXC by libvirt
- Re: Attempt to define unprivileged LXC by libvirt
- virt-install --connect lxc:///
- [Bug 1064] New: iptables-save fails silently in unprivileged lxc/lxd container
- Re: LXC + USB passthrough = Operation not permitted