Unprivileged LXC

asked 2016-05-15 17:17:23 -0500

adundovi gravatar image

updated 2016-12-01 18:29:34 -0500

Has anyone succeeded in running unprivileged LXC on Fedora? Privileged (normal) containers are working fine, but I would like to run unprivileged containers. It seems that prerequisites [1] are satisfied (except maybe "Per-user cgroups on all controllers"), but still I cannot start a newly created container (Fedora 24 Beta):

$ lxc-start -n centos6 -F
lxc-start: cgfsng.c: all_controllers_found: 431 no systemd controller mountpoint found
lxc-start: start.c: lxc_spawn: 1079 failed initializing cgroup support
lxc-start: start.c: __lxc_start: 1329 failed to spawn 'centos6'
lxc-start: lxc_start.c: main: 344 The container failed to start

Maybe I'm missing something, like lxcfs or cgmanager which are present in Ubuntu where unprivileged LXC is possible. Is there any other approach to achieve the same in Fedora?


Have the same problem. A lot of issues around cgroups.

5n00py gravatar image5n00py ( 2016-06-27 10:01:22 -0500 )edit

Is there any relevant bug tracker of this issue at RH bugzilla?

adundovi gravatar imageadundovi ( 2016-11-25 03:01:04 -0500 )edit

answered 2016-11-22 13:52:15 -0500

plembo gravatar image

Frankly, I haven't been able to get privileged lxc to work on Fedora. Looks like a problem with the shipping templates. I'm pretty much ready to give up and try CentOS instead.

I didn't have problems installing a regular, privileged lxc, for example, this would work: # lxc-create --template download --name fedora23 -- --dist fedora --release 23 --arch amd64

But unprivileged one is still an issue in F25 and nobody seems to care:

adundovi gravatar imageadundovi ( 2016-11-25 02:58:02 -0500 )edit

Asked: 2016-05-15 17:17:23 -0500

Last updated: Dec 01 '16