[systemd-bugs] [cgroup in lxc container] problem with non root user session in lxc container

Jacek Pielaszkiewicz j.pielaszkie at samsung.com
Thu Feb 27 23:15:43 PST 2014 

My comments below.

Best regards


Jacek Pielaszkiewicz
Samsung R&D Institute Poland
Samsung Electronics
Email: j.pielaszkie at samsung.com



> -----Original Message-----
> From: systemd-bugs-bounces at lists.freedesktop.org [mailto:systemd-bugs-
> bounces at lists.freedesktop.org] On Behalf Of Lennart Poettering
> Sent: Friday, February 28, 2014 2:10 AM
> To: Jacek Pielaszkiewicz
> Cc: systemd-bugs at lists.freedesktop.org
> Subject: Re: [systemd-bugs] [cgroup in lxc container] problem with non
> root user session in lxc container
> 
> On Thu, 27.02.14 13:54, Jacek Pielaszkiewicz (j.pielaszkie at samsung.com)
> wrote:
> 
> > Dec 31 21:44:55 localhost systemd[1]: Started User Manager for 5001.
> > mkdir("/sys/fs/cgroup/systemd/system.slice/system-
> server.service/syste
> > m.slic e/system-server.service/user.slice/user-5001.slice", 0755) = -
> 1
> > EACCES (Permission denied)
> 
> My educated geuss here is that cgroupfs can't deal with user
> namepsaces?
> or something like that? Note that the systemd --user instance should
> normally get write access to the cgroup subtree, so that it canmanage
> its own subtree. That didn't work apparently...

My tests show that if the systemd could perform chown in the proper place of
cgroup hierarchy, problem with user namespace can be resolved (as I
mentioned in my first email).

> 
> >                 <filesystem type="ram">
> >                         <source usage="1024" />
> >                         <target dir="/tmp"/>
> >                 </filesystem>
> 
> This appears unnecessary, as that's systemd's default anyway...

Without mount /tmp by container systemd reposts error:

[  OK  ] Reached target Slices.
[  OK  ] Started Create static device nodes in /dev.
[FAILED] Failed to mount Temporary Directory.
See 'systemctl status tmp.mount' for details.
[  OK  ] Reached target Local File Systems.
         Starting Recreate Volatile Files and Directories...

> 
> Lennart
> 
> --
> Lennart Poettering, Red Hat
> _______________________________________________
> systemd-bugs mailing list
> systemd-bugs at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-bugs

More information about the systemd-bugs mailing list