Hi Guys,
I started a lxc container with libvit in ubuntu Operating system, and succeed using
lxc-enter-namespace to enter the namespaces and security context of the container. But
when I do the same thing in debian OS, It reported an error, with details as following:
root@debian:/etc# vir list
Id Name State
----------------------------------------------------
4424 instance-00000007 running
25913 instance-00000008 running
root@debian:/etc# vir dumpxml 4424
<domain type='lxc' id='4424'>
<name>instance-00000007</name>
<uuid>f1ce5360-bb5e-4cfc-b5ef-d05f8db52618</uuid>
<memory unit='KiB'>1048576</memory>
<currentMemory unit='KiB'>1048576</currentMemory>
<vcpu placement='static'>3</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='x86_64'>exe</type>
<init>/sbin/init</init>
<cmdline>console=tty0 console=ttyS0</cmdline>
</os>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/lib/libvirt/libvirt_lxc</emulator>
<filesystem type='mount' accessmode='passthrough'>
<source
dir='/opt/stack/data/nova/instances/f1ce5360-bb5e-4cfc-b5ef-d05f8db52618/rootfs'/>
<target dir='/'/>
</filesystem>
<interface type='bridge'>
<mac address='fa:16:3e:3a:c6:11'/>
<source bridge='br100'/>
<target dev='veth0'/>
<filterref filter='nova-instance-instance-00000007-fa163e3ac611'/>
</interface>
<console type='pty' tty='/dev/pts/1'>
<source path='/dev/pts/1'/>
<target type='lxc' port='0'/>
<alias name='console0'/>
</console>
</devices>
<seclabel type='none'/>
</domain>
root@debian:/etc# vir lxc-enter-namespace 4424 /bin/sh/
libvirt: error : argument unsupported: Security model cannot be entered
Is there anything that needs to be configured in debian OS for using the
'lxc-enter-namespace' interface?
--------------
Best regards!
GuanQiang
2013-07-30