Re: Lxc support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Le 29/10/2010 14:51, Serge Hallyn a écrit :

Quoting Jean-Philippe Menil (jean-philippe.menil@xxxxxxxxxxxxxx):

10:41:10.076: error : lxcContainerStart:858 : Failed to run clone
container: Operation not permitted


I would guess that the libvirt process creating the container has dropped some
of the needed capabilities (CAP_SYS_ADMIN and a few others).  Is libvirtd
running as root?  What does /proc/$$/status for that process show?

Hi,

libvirt is running as root.

root@redbreast:/tmp# ps aux | grep libvirtd | grep -v grep
root 15718 0.0 0.0 157760 2924 ? Sl 15:35 0:00 /usr/sbin/libvirtd -d 

root@redbreast:/tmp# cat /proc/15718/status
Name:	libvirtd
State:	S (sleeping)
Tgid:	15718
Pid:	15718
PPid:	1
TracerPid:	0
Uid:	0	0	0	0
Gid:	0	0	0	0
FDSize:	64
Groups:	0
VmPeak:	  181892 kB
VmSize:	  157760 kB
VmLck:	       0 kB
VmHWM:	    2924 kB
VmRSS:	    2924 kB
VmData:	  115012 kB
VmStk:	     136 kB
VmExe:	     792 kB
VmLib:	    6372 kB
VmPTE:	     124 kB
VmSwap:	       0 kB
Threads:	7
SigQ:	2/16382
SigPnd:	0000000000000000
ShdPnd:	0000000000000000
SigBlk:	0000000000000000
SigIgn:	0000000000001000
SigCgt:	0000000180014007
CapInh:	0000000000000000
CapPrm:	ffffffffffffffff
CapEff:	ffffffffffffffff
CapBnd:	ffffffffffffffff
Cpus_allowed:	ffff
Cpus_allowed_list:	0-15
Mems_allowed:	00000000,00000003
Mems_allowed_list:	0-1
voluntary_ctxt_switches:	321
nonvoluntary_ctxt_switches:	7

and

root@redbreast:/tmp# cat /proc/15718/cgroup
1:blkio,net_cls,freezer,devices,memory,cpuacct,cpu,ns,debug,cpuset:/

root@redbreast:/tmp# mount | grep cgroup
none on /var/local/cgroup type cgroup (rw)

In the log, i can find the following:
15:35:58.853: debug : virCgroupMakeGroup:496 : Make controller /var/local/cgroup/libvirt/lxc/ 15:35:58.853: warning : lxcStartup:2109 : Unable to create cgroup for driver: Operation not permitted 

If i do an:
root@redbreast:~# ls -la /var/local/cgroup/libvirt/lxc/
ls: impossible d'accéder à /var/local/cgroup/libvirt/lxc/: Aucun fichier ou dossier de ce type 
root@redbreast:~# mkdir /var/local/cgroup/libvirt/lxc/
mkdir: impossible de créer le répertoire « /var/local/cgroup/libvirt/lxc/ »: Opération non permise 

However, i mount the cgroup with the rw flag.

begin:vcard
fn:Jean-Philippe Menil
n:Menil;Jean-Philippe
org;quoted-printable:Universit=C3=A9 de Nantes;IRTS - DSI
adr;quoted-printable:;;2, rue de la Houssini=C3=A8re;Nantes;Loire-Atlantique;44332;France
email;internet:jean-philippe.menil@xxxxxxxxxxxxxx
title;quoted-printable:Administrateur R=C3=A9seau
tel;work:02.51.12.53.92
tel;fax:02.51.12.58.60
x-mozilla-html:FALSE
url:http://www.criun.univ-nantes.fr/
version:2.1
end:vcard


--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]