[lxc-devel] [PATCH 8/5] unprivileged cgroup start: don't bother with devices special case

2013-07-25 Thread Serge Hallyn
Signed-off-by: Serge Hallyn --- src/lxc/start.c | 10 ++ 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/lxc/start.c b/src/lxc/start.c index 9099fd6..514819b 100644 --- a/src/lxc/start.c +++ b/src/lxc/start.c @@ -713,14 +713,8 @@ int lxc_spawn(struct lxc_handler *handler

[lxc-devel] [PATCH 7/5] lxc-destroy: support unprivileged use

2013-07-25 Thread Serge Hallyn
Signed-off-by: Serge Hallyn --- src/lxc/conf.c | 24 src/lxc/conf.h | 1 + src/lxc/lxc_destroy.c | 7 --- src/lxc/lxccontainer.c | 15 --- 4 files changed, 37 insertions(+), 10 deletions(-) diff --git a/src/lxc/conf.c b/src/lxc/conf.c i

[lxc-devel] [PATCH 9/5] cgroup: special-case the cgroups used for unprivileged containers

2013-07-25 Thread Serge Hallyn
When creating an unprivileged container, you must have a cgroup fs mounted named lxc. For instance mkdir /sys/fs/cgroup/lxc mount -t cgroup -o none,name=lxc none /sys/fs/cgroup/lxc mkdir /sys/fs/cgroup/lxc/$USER chown -R $USER /sys/fs/cgroup/lxc/$USER You could al