[libvirt-users] LXC configuration for Systemd in the user namespace.
Daniel P. Berrange
berrange at redhat.com
Thu Jan 23 10:30:35 UTC 2014
On Thu, Jan 23, 2014 at 05:32:20PM +0800, Gao feng wrote:
> On 01/20/2014 04:49 PM, Jan Olszak wrote:
> > Hi there!
> >
> > Does anyone have a config file for libvirt-LXC, that makes it possible to:
> >
> > 1. Use all namespaces (user namespace in particular)
> >
>
> This is always supported by libvirt lxc.
>
> > 2. Run systemd inside a container.
> >
>
> I guess systemd need to be changed if it want to run under
> user namespace.
>
> I'm glad to see you do a test and report us some errors.
>
> When I have time, I will look into this too.
FYI I have succesfully run systemd in libvirt LXC with all
namespaces except for the user namespace.
https://www.berrange.com/posts/2013/08/12/running-a-full-fedora-os-inside-a-libvirt-lxc-guest/
I have not tried to use user namespaces yet, but I wouldn't
anticipate any problems.
The key tasks is that after running the 'yum' command to populate
the chroot with an install of the OS, you need to have a script
that changes all the user / group IDs.
eg in the libvirt XML you're going to setup a UID/GID mapping
so that uid 0 in the container maps to say uid 500 in the host,
and so on for any other uids. You need to setup your chroot
files to have this matching ownership. At some point we need
to create the 'virt-bootstrap' command I mention in that blog
post todo this uid mapping automatically with user namespaces.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvirt-users
mailing list