similar to: dropping capabilities in lxc containers

Thanks for the feedback I take it from your answer that there is no current plan in the direction of adding this as a feature, right ? In this case, how would you welcome pull requests if we managed to add this on our side ? Many thanks — Thierry On 29 Jan 2014, at 14:27, Daniel P. Berrange <berrange@redhat.com> wrote: > On Wed, Jan 29, 2014 at 09:43:25AM +0100, Thierry Parmentelat

On Wed, Jul 02, 2014 at 12:56:18AM +0200, Thierry Parmentelat wrote: > Hi again > > Answering my own e-mail on a few points: > > . first off, stupid me, http://libvirt.org/format.html indeed is empty and it seems to be by design, but the subtrees are not, like e.g. > http://libvirt.org/formatdomain.html > > . from this page it seems like using something like >

On Wed, Jan 29, 2014 at 09:43:25AM +0100, Thierry Parmentelat wrote: > Hi there > > I’m not quite proficient with libvirt yet, and have been using it > so far primarily to manage lxc containers > I was hoping to find a means to configure the set of capabilities > that guests should drop, but came across a few web pages suggesting > these were set in stone in the code > is

Hi folks I use libvirt to programmatically spawn lxc containers I am facing an issue when migrating from fedora23 to fedora24 I use the stock kernel and libvirt version on both deployments, i.e.: f23: libvirt-1.2.18.3-2.fc23.x86_64 - kernel 4.5.7-202.fc23.x86_64 f24: libvirt-1.3.3.1-4.fc24.x86_64 - kernel 4.6.3-300.fc24.x86_64 First off, I need to outline that the host installation is done

Hi there I have a couple of newbie questions concerning running a 32bits guest in a 64bits host using libvirt - lxc; I’m running libvirt-1.2.5 on fedora18 and fedora20 (a) is this supported at all, and (b) if so how do I configure this for a given guest ? guessing from the mere existence of http://www.redhat.com/archives/libvir-list/2011-February/msg01040.html I would think the answer to (a) is

Hi there I’ve just moved to libvirt-1.2.3 from 1.2.1; we use it for dealing with lxc containers I just wanted to report that everything went well for us with this new release, except for one little glitch At some point the lxc drivers seems to check that the kernel indeed has the netns feature built in Well in our environment this checks miserably fails; I haven’t been able to tell exactly why,

Hi folks I have a question about lxc-enter-namespace I am migrating lxc containers from a host running libvirt-1.2.5 on f20 to another one running libvirt-1.2.9 on f21 and now I can't seem to use lxc-enter-namespace for entering in a container any more I would do virsh -c lxc:/// lxc-enter-namespace --noseclabel container /bin/bash but when I try the same now I am getting this: # virsh

Hello The latest attempts that I made on fedora21 all gave me the same result I have tried . vanilla rpm from f21 (1.2.9 IIRC) . 1.2.14 . 1.2.13 . 1.2.12 these three ones I rebuilt from the source rpm published by libvirt eventually I reworked my own tools to enter the container via ssh, so this is not an immediate concern to me any longer but it is definitely odd I currently use 1.2.12

Hi, after 2 years of "pure" LXC usage, I'm trying now to administrate our LXC containers with libvirt No problem with a LXC container I create "from Scratch" (lxc-create), but with our existing containers, I've a strange behavior with the console: vsonde43 login: Debian GNU/Linux 5.0 vsonde43 console vsonde43 login: Debian GNU/Linux 5.0 vsonde43 tty1 vsonde43 login:

I'm experimenting with the libvirt lxc driver, and wondering if there is some way to control the capabilities assigned to the container processes. With lxc-tools, I can specify a configuration option, lxc.cap.drop, which causes the container processes to drop the specified privileges. My libvirt containers seem to run with

Hello Is there a way to set custom environment variables for LXC containers so that it is available for all processes within the container? The libvirt-lxc driver seems to be setting up only the below variables (as per the docs), but there doesn't seem to be a way customize it. containerThe fixed string libvirt-lxc to identify libvirt as the creator container_uuidThe UUID assigned to the

I recently upgraded "libvirt" on Gentoo to 1.2.2-r1 (latest available). I have not used LXC containers for a few weeks, so I don't recall what version of libvirt I was using when my container last booted successfully. Unfortunately, Gentoo's portage tree does not offer any previous versions of libvirt that I could downgrade to. TL;DR: My container is configured to use

> > NB user namespaces are a fairly new piece of functionality that > is still somewhat rough around the edges. You usuaully want to > have the most recent kernel.org stable kernel available when > using this. > Yes, I confirm it is a little bit touchy for me. gabx@hortensia ➤➤ ~ % uname -a Linux hortensia 3.12.9-2-ARCH #1 SMP PREEMPT Fri Jan 31 10:22:54 CET 2014 x86_64

hello, i am new to lxc, i have created a lxc container on fedora 19 i created a container rootfs of fedora 19 by using yum --installroot=/containers/test1 --releasever=19 install openssh test1.xml file for container test1 <domain type="lxc"> <name>test1</name> <vcpu placement="static">1</vcpu> <cputune>

On 09/11/2013 04:44 PM, Daniel P. Berrange wrote: > On Tue, Sep 10, 2013 at 09:09:44AM -0500, Dennis Jenkins wrote: >> I recently upgraded "libvirt" on Gentoo to 1.2.2-r1 (latest available). I >> have not used LXC containers for a few weeks, so I don't recall what >> version of libvirt I was using when my container last booted successfully. >> >>

Hi there I am using libvirt+lxc on fedora I just upgraded a couple boxes from f29 to f31 i am running into rather puzzling glitches on one of the boxes, and am having a hard time trying to figure what exactly is going wrong symptom being that on the faulty box, my 3 containers startup correctly, but all of them stop after some random time shortly after (approx. in the 5-10 minutes) in some

How can I run command in containers on the host? Just like the lxc command lxc-attach. I run : virsh -c lxc:/// lxc-enter-namespace fedora2 --noseclabel /bin/ls but get error: libvirt: error : Expected at least one file descriptor error: internal error: Child process (14930) unexpected exit status 125 Here is my libvirt.xml <domain type='lxc'> <name>fedora2</name>

Hello! Try to use libvirt with lxc. I use latest centos6 amd64 as a libvirt host (libvirt from xen4 repo) libvirt-daemon-1.2.15-3.el6.x86_64 In container I also use latest centos6 amd64. Container starts with /sbin/init. CentOS 6 came with upstart as default init. My problem is that I could not shutdown container correctly with libvirt. virsh -c lxc:/// shutdown test Domain test is being

Dear Daniel, The thirty-party PCIe card is based on the Xilinx’ FPGA which is off the shelf, the main features are as follows: 1) x8 Gen3, 8Gb/s per lane/direction 2) MSI and legacy interrupt support 3) Scatter-gather packet DMA engine provide by Northwest Logic We hope multiple Linux Containers to access the PCIe card in time division mode, for example, during slot 1, lxc1 read/write the PCIe

Hi there, I'm fairly new to libvirt and LXC, please forgive my ignorance. I was looking for a graphical tool to manage LXC containers and noticed that libvirt has support for LXC. Actually, I expected libvirt to be able to display and manage LXC hosts much like KVM. But it does not happen this way. The only thing I can see with virsh/virt-manager is storage pool with LXC containers, but not