similar to: LXC configuration for Systemd in the user namespace.

Hi there! I am trying to turn on user namespace by adding following lines to the config: <idmap> <uid start='0' target='0' count='100000'/> <gid start='0' target='0' count='100000'/> </idmap> As you can see the root in container is mapped to the root outside. I was expected to see no difference

On 28.01.2014 12:46, Daniel P. Berrange wrote: > On Tue, Jan 28, 2014 at 12:32:41PM +0100, Jan Olszak wrote: >> Hi there! >> >> I am trying to turn on user namespace by adding following lines to the >> config: >> >> >> >> <idmap> >> >> <uid start='0' target='0' count='100000'/> >>

On Mon, Mar 03, 2014 at 03:52:01PM +0100, Dariusz Michaluk wrote: > Hi. > > Another week, another experiment ;) I was trying to run systemd user > session for non-root user, for example darek (uid=1000), operation > failed with error: > > systemd[26]: pam_unix(systemd-user:session): session opened for user > darek by (uid=0) > systemd[1]: Started Login Service. >

Warning - I'm fairly new to libvirt, lxc and systemd so there is a good chance I'm doing something terribly wrong here. However, instead of continuing to struggle, I figured I would mail the list for some advice. What I'm trying to accomplish is a libvirt-lxc, systemd-based container running on my system (Fedora 19). I've read that sharing the underlying OS filesystem with

Hello, I'm seeing syslog messages "bleed" from the host and other LXC into the messages, maillog, secure logs of other LXCs. I'm using libvirt 1.0.0 on a host with systemd and kernel 3.9.10. Each LXC is running an older non-systemd linux distribution Is this a known issue? Is there a work around? Thank you for you time, Jim -- James R. Leu | Director of Technology | INOC

Hi there, I'm interested in using libvirt-lxc on armv7l architecture and I have a hard time building libvirt. 1. Are there any prebuild rpms for ARM? 2. I have many dependency issues during build: error: *** Error Summary *** === the following packages failed to build due to missing build dependencies === libvirt: nothing provides hal-devel nothing provides

On Thu, Jan 30, 2014 at 04:34:04PM +0530, Kashyap Chamarthy wrote: > On 01/30/2014 03:58 PM, Richard W.M. Jones wrote: > >>> - `make -k check` is still running as I write this, albeit > >>> a bit slow. > >> > >> This just finished (in the container): > >> > >> [. . .] > >> grep -v -E

Hi! I with my colleagues from Samsung trying to run systemd in Linux container. I saw that the others are experimenting in this topic, so I would like to present the results of my work and tests, perhaps it will be helpful to others. As the prototype I used a manual written by Daniel: https://www.berrange.com/posts/2013/08/12/running-a-full-fedora-os-inside-a-libvirt-lxc-guest/ After many

On 11/14/2013 01:24 PM, Gao feng wrote: > On 11/14/2013 10:59 AM, hzguanqiang@corp.netease.com wrote: >> Hi experts, >> >> When I test lxc-enter-namespace interface, it turned out such an error: >> >> hzguanqiang@debian:~$ <mailto:hzguanqiang@debian:~$> vir version >> Compiled against library: libvirt 1.1.4 >> Using library: libvirt 1.1.4

On 11/14/2013 01:52 PM, hzguanqiang@corp.netease.com wrote: > On 2013-11-14 13:41 , Gao feng <mailto:gaofeng@cn.fujitsu.com> wrote: > > On 11/14/2013 01:24 PM, Gao feng wrote: > > On 11/14/2013 10:59 AM, hzguanqiang@corp.netease.com wrote: > >> Hi experts, > >> > >> When I test lxc-enter-namespace interface, it turned out such

On 11/14/2013 02:57 PM, hzguanqiang@corp.netease.com wrote: > On 2013-11-14 14:17 , Gao feng <mailto:gaofeng@cn.fujitsu.com> wrote: > > On 11/14/2013 01:52 PM, hzguanqiang@corp.netease.com wrote: > > On 2013-11-14 13:41 , Gao feng <mailto:gaofeng@cn.fujitsu.com> wrote: > > > > On 11/14/2013 01:24 PM, Gao feng wrote: > > >

On Thu, Jan 30, 2014 at 05:07:23PM +0530, Kashyap Chamarthy wrote: > On 01/30/2014 04:38 PM, Daniel P. Berrange wrote: > > [. . .] > > >> > >> Despite reading from the `systemd-nspawn` man page: > >> > >> ". . .kernel modules may not be loaded from within the container." > >> > >> I purposefully tried from inside the

On 11/14/2013 03:09 PM, hzguanqiang@corp.netease.com wrote: > On 2013-11-14 15:03 , Gao feng <mailto:gaofeng@cn.fujitsu.com> wrote: > > On 11/14/2013 02:57 PM, hzguanqiang@corp.netease.com wrote: > > On 2013-11-14 14:17 , Gao feng <mailto:gaofeng@cn.fujitsu.com> wrote: > > > > On 11/14/2013 01:52 PM, hzguanqiang@corp.netease.com wrote:

Hi Gao, I checked the output of "lxc-checkconfig" command and it showed --- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled *User namespace: missing* Network namespace: enabled Multiple /dev/pts instances: enabled Here it shows that User namespace support is missing. I tried to check for Namespaces Support in kernel

> > NB user namespaces are a fairly new piece of functionality that > is still somewhat rough around the edges. You usuaully want to > have the most recent kernel.org stable kernel available when > using this. > Yes, I confirm it is a little bit touchy for me. gabx@hortensia ➤➤ ~ % uname -a Linux hortensia 3.12.9-2-ARCH #1 SMP PREEMPT Fri Jan 31 10:22:54 CET 2014 x86_64

On 2013-07-23 18:14, "Daniel P. Berrange" <berrange@redhat.com> wrote: >>On Tue, Jul 23, 2013 at 04:56:30PM +0800, hzguanqiang wrote: >> Hi Guys, >> When I created a lxc container by libvirt, I logged into the lxc >> container and noticed that info under /proc/ dir did not match the >> lxc container resource. Is the /proc dir in lxc container just

On Tue, Jan 28, 2014 at 12:32:41PM +0100, Jan Olszak wrote: > Hi there! > > I am trying to turn on user namespace by adding following lines to the > config: > > > > <idmap> > > <uid start='0' target='0' count='100000'/> > > <gid start='0' target='0' count='100000'/> > >

On 09/11/2013 04:44 PM, Daniel P. Berrange wrote: > On Tue, Sep 10, 2013 at 09:09:44AM -0500, Dennis Jenkins wrote: >> I recently upgraded "libvirt" on Gentoo to 1.2.2-r1 (latest available). I >> have not used LXC containers for a few weeks, so I don't recall what >> version of libvirt I was using when my container last booted successfully. >> >>

Hi Guys, I started a lxc container with libvit in ubuntu Operating system, and succeed using lxc-enter-namespace to enter the namespaces and security context of the container. But when I do the same thing in debian OS, It reported an error, with details as following: root@debian:/etc# vir list Id Name State ---------------------------------------------------- 4424

On 01/20/2014 04:49 PM, Jan Olszak wrote: > Hi there! > > Does anyone have a config file for libvirt-LXC, that makes it possible to: > > 1. Use all namespaces (user namespace in particular) > This is always supported by libvirt lxc. > 2. Run systemd inside a container. > I guess systemd need to be changed if it want to run under user namespace. I'm