I've a question here.
What's a way to mont a new filesystem within a
container, besides re-starting the container?
For example, I've inserted a removable media on the
host, it's available on the host as /dev/sdb1, and is
mounted on the host as /mnt/removable. But how to
make it available in a ru
lxc-start: No such file or directory - failed to mount a new instance of
'/dev/pts'
I'm experimenting with a read-only root fs in the container.
So far it does not work.
First of all, when trying to start a container in a read-only root
lxc-start complains:
lxc-start: Read-only file system - ca
Daniel Lezcano wrote:
> Michael Tokarev wrote:
>> lxc-start: No such file or directory - failed to mount a new instance
>> of '/dev/pts'
>> I'm experimenting with a read-only root fs in the container.
>> So far it does not work.
>>
>> First o
I come across a series of patches to implement
reboot/halt of a container. Patches were discussed
before, but I had no time to look at that stuff in
more detail...
The problem. The current detection is based on the
content of container's /var/run/utmp. This is goood
provided the container actua
08.04.2010 11:56, Michael Tokarev wrote:
[]
> The problem. The current detection is based on the
> content of container's /var/run/utmp. This is goood
> provided the container actually touches that file,
> but this is not true for "single-application"
> containe
06.10.2010 12:06, Stefan Tomanek wrote:
> Hello,
>
> I'd like to use lxc for containing virtual debian instances, using the veth
> networking method. Due to the network topology employed, I do not want to use
> a
> bridge to connect the virtual devices to the real network, but set individual
> ho
Stefan Tomanek wrote:
> This commit adds an configuration option to specify a script to be
> executed before, during and after creating or configuring the pair of
> veth devices.[...]
Why so many hooks? Curious...
There's apparently no reason to run a script "before"
creating a netdev (pair). N
Stefan Tomanek wrote:
> Dies schrieb Michael Tokarev (m...@tls.msk.ru):
[]
>> There's apparently no reason to run a script "before"
>> creating a netdev (pair). Note that we don't even
>> know which names will be used for the netdevs, at
>> least in
Stefan Tomanek wrote:
> Dies schrieb Daniel Lezcano (daniel.lezc...@free.fr):
>
>> Are we sure, we want to add these hooks (pre and post) ? I am not
>> against adding them, but IMO it is more sane to add them if needed
>> rather than adding something which may not be used.
>
> Well, until now,
08.10.2010 19:45, Daniel Lezcano wrote:
[]
>> There IS a trivial way to extend system already (when
>> just ONE hook is implemented) - chain your scripts.
>> There's no need to re-implement shell in lxc.
>>
>
> Michael, I am not sure I get the idea. Can you elaborate a bit ?
> In our case, we
Hello again.
I asked this question before, but got no (satisfactory)
answer. So here it goes again.
Why not chdir into the root of container right when
the root filesystem is (bind-)mounted, and let all
mount entries to be relative to the container root?
Even more, to warn if lxc.mount[.entry] c
23.11.2010 13:25, Michael Tokarev wrote:
> Hello again.
>
> I asked this question before, but got no (satisfactory)
> answer. So here it goes again.
>
> Why not chdir into the root of container right when
> the root filesystem is (bind-)mounted, and let all
> mount entri
25.11.2010 15:53, Daniel Lezcano wrote:
> On 11/23/2010 07:50 PM, Michael Tokarev wrote:
>> 23.11.2010 13:25, Michael Tokarev wrote:
>>
>>> Hello again.
>>>
>>> I asked this question before, but got no (satisfactory)
>>> answer. So here it
09.12.2010 18:29, Menil Jean-Philippe wrote:
> Hi,
>
> i'm experiencing some packet loss under high network traffic.
> Here is the scenario:
> i have on host with one guest running as a proxy (squid)
>
>
> So, when i start downloading 10-15 dvd image from my client (wget
> http://ftp.proxad.net/
17.12.2010 05:48, Rob Landley wrote:
> Is there any way to tell lxc that I'll run it as root if I want root access,
> and not to fiddle with capabilities? (If there's a ./configure option for
> this, I haven't found it...)
What problem you're trying to solve?
/mjt
17.12.2010 23:44, Rob Landley wrote:
> I've since moved on to a debootstrap sid, but my question still stands
> because containers have their own PID 1 and their own UID namespace, which
> means they have local root. Tangling in capabilities is like tangling in
> selinux, it seems to me that t
18.12.2010 00:12, Michael Tokarev wrote:
[]
> Capabilities (libcap2) is a tiny library (on my i386
> userspace it's just a 13Kb shared object), it has _no_
> external dependencies whatsoever - neither at build nor
> at run time (it does not use perl for one)
And this is, i
18.12.2010 03:07, Rob Landley wrote:
>> It's easy to blame something if you don't understand what
>> you're blaming.
>
> Yes, that's why I'm asking. To understand.
This wasn't obvious at all. Maybe it's just me but.. n/m.
>> Capabilities (libcap2) is a tiny library (on my i386
>> userspace it'
[resending to the correct address; lxc-users@ bounced]
On 20.01.2011 19:09, Jean-Philippe Menil wrote:
> Hi,
>
> i've just found something that is being anoying me:
>
> when i restart the snmpd daemon on my host, it shutdown the snmpd daemon
> on my container.
This, and many similar cases, hap
11.03.2011 22:47, richard -rw- weinberger пишет:
> hi,
>
> i'm using this minimal config:
> lxc.utsname = c0
> lxc.mount.entry = none /lxc/c0/proc proc defaults 0 0
> lxc.rootfs = /lxc/c0/
>
> but lxc does not mount proc into /lxc/c0/proc.
> using lxc.mount = /path/to/fstab also does not work.
>
Daniel, this is this part:
conf.c:mount_entry_on_absolute_rootfs():
aux = strstr(mntent->mnt_dir, rootfs->path);
snprintf(path, MAXPATHLEN, "%s%s", rootfs->mount,
aux + strlen(rootfs->path));
if rootfs->path ends with a slash we happily eat it,
producing this in
On 02.09.2011 00:46, Daniel Lezcano wrote:
> On 09/01/2011 09:30 PM, Nico wrote:
>> Hi,
>>
>> I just wanted to give it a try again with lxc after one year,
>> this is so bad same bugs are always here :
>>
>> * you can do a "mount -o romount,ro /" inside container (reported
>> since first times ...
[Replying to an oldish email...]
On 12.10.2011 20:59, Kay Sievers wrote:
> On Mon, Oct 10, 2011 at 23:41, Lennart Poettering
> wrote:
>> On Mon, 10.10.11 13:59, Eric W. Biederman (ebied...@xmission.com) wrote:
>
>>> - udev. All of the kernel interfaces for udev should be supported in
>>> cur
On 02.11.2011 03:51, Eric W. Biederman wrote:
[]
>> And having CAP_MKNOD in container may not be that bad either, while
>> cgroup device.permission is set correctly - some nodes may need to
>> be created still, even in an unprivileged containers. Who filters
>> out CAP_MKNOD during container start
On 03.02.2012 16:54, Christian Seiler wrote:
> ---
> src/lxc/cgroup.h | 10 +-
> 1 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/src/lxc/cgroup.h b/src/lxc/cgroup.h
> index 188d948..31dd2de 100644
> --- a/src/lxc/cgroup.h
> +++ b/src/lxc/cgroup.h
> @@ -26,9 +26,9 @@
>
On 11.05.2012 20:59, Ward, David - 0663 - MITLL wrote:
[]
> In the container, could you create a MACVLAN interface in bridge mode
> attached to your 10Gb Ethernet interface, instead of going through a
> bridge device? I would expect that to perform better.
FWIW, I tested macvlan vs bridge in th
On 29.05.2012 02:02, richard -rw- weinberger wrote:
> Hi!
>
> Is there any use case where a user wants to omit "-f"?
In my case I didn't use -f, but later resorted to using
-f /dev/null to be sure. So this is yet another "me too",
I guess. Maybe there should be more well-defined behavour
about
On 16.08.2012 22:18, Kumar Sukhani wrote:
> We where reading about OS level virtualization and came across that
> non of such Open Source implementation have feature of providing
> virtualization for propitiatory OS like windows.
>
> Proposing idea:
> We can run QEMU in one of the container which
05.02.2013 01:57, Michael Tokarev wrote:
> 05.02.2013 01:53, Dwight Engen wrote:
>> Signed-off-by: Dwight Engen
> [lots of changes, no explanation...]
>
> What for? Why?
>
> This change is purely cosmetic, it has no visible benefit
> (and no explanations are give
05.02.2013 01:53, Dwight Engen wrote:
> Signed-off-by: Dwight Engen
[lots of changes, no explanation...]
What for? Why?
This change is purely cosmetic, it has no visible benefit
(and no explanations are given in the patch too), but it
sure breaks compatibility with previously installed and
perf
05.02.2013 02:34, Stéphane Graber wrote:
[]
> This change was discussed a few weeks ago on this list and suggested by
> me with approval at the time by both Dwight and Serge who are both
> active lxc contributors.
>
> I haven't reviewed Dwight's implementation yet but will very soon and
> expect to
05.02.2013 05:10, Stéphane Graber wrote:
>> : host aserp1030.oracle.com[141.146.126.68] said:
>> 554
>> 5.3.0 5.7.1 Permanently rejected due to our anti-spam policies. (in
>> reply
>> to MAIL FROM command)
>>
>> (this is about isrv.corpit.ru[86.62.121.231] - our mail host).
>>
>> Not
13.03.2013 10:05, Alexander Vladimirov wrote:
> Disables /dev/kmsg symlinking if set to 1.
Maybe it is better to avoid negative setting?
Like,
lxc.link_kmsg = 1
(and make it the default) ?
Thanks,
/mjt
--
Everyone ha
25.05.2013 04:34, Qiang Huang wrote:
> On 2013/5/24 20:49, Serge Hallyn wrote:
>>
>> Could you tell us exactly which version this is, and exactly how you
>> created the container? When I do it in ubuntu saucy (roughly 0.9.0 lxc),
>> the cgroup gets correctly removed.
The same issue has biten me s
34 matches
Mail list logo
