Re: [libvirt-users] Libvirt-LXC + systemd + user namespace
On Tue, Jan 28, 2014 at 12:32:41PM +0100, Jan Olszak wrote:
Hi there!
I am trying to turn on user namespace by adding following lines to the
config:
<idmap>
<uid start='0' target='0' count='100000'/>
<gid start='0' target='0' count='100000'/>
</idmap>
As you can see the root in container is mapped to the root outside. I was
expected to see no difference after adding this lines, but unfortunately
there are some (see details below).
Am I missing something or is there a problem with system, libvirt or kernel?
I've not had any chance to try LXC + user namespaces + systemd yet, but
based on the list of things which fail, it seems like it might not be
detecting that it is inside a container. Seems almost like it has still
got the CAP_MKNOD permission and so is strying to start things it should
not have like udev, and various filesystems.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|