On Tue, 9 Apr 2013 08:15:59 -0500 Serge Hallyn <serge.hal...@ubuntu.com> wrote:
> Quoting richard -rw- weinberger (richard.weinber...@gmail.com): > > On Tue, Apr 9, 2013 at 5:28 AM, Serge Hallyn > > <serge.hal...@ubuntu.com> wrote: > > > Quoting richard -rw- weinberger (richard.weinber...@gmail.com): > > >> Am I missing something obvious? > > > > > > lxc-create does not yet convert the rootfs to the mapped uids, so > > > you need to do that manually using uidmapshift. Check the > > > container-userns-convert script at > > > https://code.launchpad.net/~serge-hallyn/+junk/nsexec or in the > > > nsexec package at ppa:serge-hallyn/userns-natty. > > > > Hmm, I've fixed the uids already by hand. > > Today I've created a new container and used container-userns-convert > > but with the same results. > > > > What I find very strange is that your script does: > > lxc.id_map = U ${uid} 0 $range > > lxc.id_map = G ${uid} 0 $range > > uid is 100000, range is 10000. > > > > But the lxc docs say: > > Four values must be provided. First a character, > > either 'u', or 'g', to specify whether user or group ids are > > being mapped. Next is the first userid as seen in the > > user namespace of the container. Next is the userid > > as seen on the host. Finally, a range indicating the number > > of consecutive ids to map. > > > > So, this would make more sense: lxc.id_map = u 0 100000 10000 > > Dwight recently made some changes to the lxc support. I may not have > switched my scripts yet. Yes, we made the ordering of the numbers and the case of the letters consistent across lxc config, uidmapshift, and the /proc entries. The script looks to be from before the change. > > Anyways, mount of tmpfs fails with ENOPERM, is there any debugging > > mechanism to find out why it is failing? > > Yeah, get your kernel source and check to see in mm/shmem.c whether > tmpfs's fs_flags is given FS_USERNS_MOUNT > > > According to strace some bind mounts before the tmpfs work > > perfectly fine. > > > > -- > > Thanks, > > //richard > > ------------------------------------------------------------------------------ > Precog is a next-generation analytics platform capable of advanced > analytics on semi-structured data. The platform includes APIs for > building apps and a phenomenal toolset for data science. Developers > can use our toolset for easy data analysis & visualization. Get a > free account! http://www2.precog.com/precogplatform/slashdotnewsletter > _______________________________________________ > Lxc-devel mailing list > Lxc-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/lxc-devel ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
