unprivileged lxc

2 posts / 0 new
Last post
#1 Tue, 2017-10-03 06:24
0rinsb3lt
  • 0rinsb3lt's picture
  • Offline
  • Last seen: 5 months 2 weeks ago
  • Joined: 2017-10-02

Going through how to get unprivileged lxc to work in alpine linux 3.6
ran into a stumbling block

unprivileged_user$ lxc-start -n {container}
Permission Denied - failed to set memory.use_hierarchy to 1: continuing
Explanation: cgroups aren’t set up properly for unprivileged user.
Fix:

           sudo cgm create all $USER
           sudo cgm chown all $USER $(id -u) $(id -g)
           cgm movepid all $USER $$

While this fix works. The first 2 lines have to be run every boot and the third every login.
is there a way to automate this? In the past I created a boot script and a login script to take
care of this. Also, I looked into lxcfs-pam(pam_cgfs.so) but not much documentation
on how to configure it.

Anyone help would be appreciated.

Tue, 2018-02-06 21:46
jodumont
  • jodumont's picture
  • Offline
  • Last seen: 17 hours 39 min ago
  • Joined: 2018-02-06

I had the same kind of question but with bridge ;)

you could use rc-update add local
than put your two lines inside an executable file; something like this :

cat >> /etc/local.d/lxcmem << EOM
cgm create all $USER
cgm chown all $USER $(id -u) $(id -g)
EOM

chmod +x /etc/local.d/lxcmem

like they explain here (https://forum.alpinelinux.org/comment/543#comment-543)

Log in or register to post comments