Quoting Eric W. Biederman (ebied...@xmission.com):
> Serge Hallyn <serge.hal...@ubuntu.com> writes:
>
> > Quoting Eric W. Biederman (ebied...@xmission.com):
> >> richard -rw- weinberger <richard.weinber...@gmail.com> writes:
> >>
> >> > On Thu, Apr 11, 2013 at 7:03 AM, Eric W. Biederman
> >> > <ebied...@xmission.com> wrote:
> >> >> richard -rw- weinberger <richard.weinber...@gmail.com> writes:
> >> >>> {st_mode=S_IFCHR|0644, st_rdev=makedev(5, 1), ...}) = 0
> >> >>> [pid 3100] chmod("/dev/pts/5", 020644) = -1 EPERM (Operation not
> >> >>> permitted)
> >> >>
> >> >> I am puzzled why we don't see something to create /dev/pts/5 in this
> >> >> trace.
> >> >
> >> > I have also no idea.
> >> > Please see both attached strace logs (linux v3.9-rc6, lxc 0.9.0).
> >> > One with lxc.autodev = 0, the other with = 1.
> >>
> >> I have read through and I can see why you are failing.
> >> With autodev you are failing with mknod /dev/null.
> >> Without autodev you are creating pts (I assume to represent /dev/ttyN)
> >> before creating the user namespace and then there is a permission
> >> problem with chmod.
> >
> > After creating the /dev/ttyN we chown them to the root uid inside the
> > container. I've not had failures with this.
>
> Yes that should work fine.
>
> There aren't any chown calls in Richards strace logs, why that is I
> don't know, but that seems to be cause of his troubles.
Richard,
finally had some time to reproduce. Here is what I did. You can look
at deltas to figure out what is going wrong.
1. create a uptodate new ubuntu raring vm (instance actually)
2. sudo add-apt-repository ppa:serge-hallyn/userns-natty
3. sudo add-apt-repository ppa:ubuntu-lxc/daily
4. wget
https://launchpad.net/~ubuntu-lxc/+archive/kernel/+files/linux-image-3.8.0-12-generic_3.8.0-12.22%7Euserns1_amd64.deb
5. sudo apt-get update
6. sudo apt-get install lxc nsexec
7. sudo dpkg -i linux-image*.deb
8. reboot
9. sudo lxc-create -t ubuntu -n r1
10. sudo container-userns-convert r1 100000
11. sudo lxc-start -n r1 # note this console has issues, which may be
#due to the same issue Dwight has. You can log in, but sudo.
12. sudo lxc-console -n r1 # in another console
I can log in fine, terminals are correct etc.
Now, note - this is not what we consider the future of lxc in user
namespaces. Rather, we expect unprivileged users to use their
own lxcpath and create and run containers entirely without privilege.
This still requires some more work.
-serge
(Note - I just pushed a fix for container-userns-convert to fix the
order of the lxc.xid_map lines in the container config)
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
