Libvirt lxc has supported user namespace since commit c34107dfd3a25232255e6d6f559b1306ef99bb3b,but for the disk devices and hostdevs, libvirt lxc still creates these device nodes in container. this will fail when container enables user namespace, since user namespace is disallowed to create device node. In order to reslove this problem, we should create device nodes on host side for container,and change the owner of these nodes to the root user of container. Gao feng (7): LXC: Setup disks for container on host side LXC: controller: change the owner of disk to the root of container LXC: Move virLXCControllerChown to lxc_container.c LXC: Change the owner of live attached disk device LXC: Create host devices for container on host side LXC: Change the owner of host devices to the root of container LXC: Change the owner of live attached host devices src/lxc/lxc_container.c | 382 +++------------------------------------- src/lxc/lxc_container.h | 2 + src/lxc/lxc_controller.c | 450 ++++++++++++++++++++++++++++++++++++++++++++--- src/lxc/lxc_driver.c | 13 ++ 4 files changed, 460 insertions(+), 387 deletions(-) -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list