On Tue, Jan 28, 2014 at 12:32:41PM +0100, Jan Olszak wrote: > Hi there! > > I am trying to turn on user namespace by adding following lines to the > config: > > > > <idmap> > > <uid start='0' target='0' count='100000'/> > > <gid start='0' target='0' count='100000'/> > > </idmap> > > > > As you can see the root in container is mapped to the root outside. I was > expected to see no difference after adding this lines, but unfortunately > there are some (see details below). > > Am I missing something or is there a problem with system, libvirt or kernel? I've not had any chance to try LXC + user namespaces + systemd yet, but based on the list of things which fail, it seems like it might not be detecting that it is inside a container. Seems almost like it has still got the CAP_MKNOD permission and so is strying to start things it should not have like udev, and various filesystems. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
