Differences between revisions 9 and 10
Revision 9 as of 2019-03-01 06:40:57
Size: 2144
Editor: ?PaoloGreppi
Revision 10 as of 2020-05-06 04:40:41
Size: 2264
Comment: LXC 4.0 and device access from unprivileged containers
Deletions are marked like this. Additions are marked like this.
Line 36: Line 36:

I added LXC 4.0 and device access in unprivileged containers to the main page.
-- [[RyutarohMatsumoto]], 2020-05-06

Debian versions this page documents

The instructions here oscillate between wheezy, current testing/sid and jessie, sometimes in the same section. There's no consistency as to which version is assumed to be current. I suggest we adjust the page to default to current stable, with clearly marked exceptions where this differs for testing/sid, and we either delete wheezy-specific (oldstable) stuff altogether (or tuck it into a subpage). If there would be too many testing/sid exceptions (because so much has changed since jessie) then perhaps that needs to go to either a separate section or subpage too. -- JonDowland

I've just completed several hours of reworking on the LXC page, including moving Jessie specific information to a sub page and removing content for Wheezy. Some edits may be controversial but I think overall the page is in a better state.

-- ?kgoetz, 2018-08-04

I needed to install uidmap (on stretch), that should probably be added to the instructions, but as it still doesn't work for me, and as I don't know if that's stretch specific (and there's still some confusions over which release this is targetted at), I've chosen not to edit the page directly.

If your host has an IPv6 connection, and you don't configure IPv6 for the guests, you should use (something like) 'DOWNLOAD_KEYSERVER="ipv4.pool.sks-keyservers.net" ' in front of lxc-create. As I have neither bothered reading up on configuring IPv6 for guests nor have the time to find all commands in the page that would need this, this is another thing I'm not editing directly into the page.

(Feel free to remove the above paragraphs if you address the issues mentioned.)

-- ?HCGrove, 2018-10-24

I have set it up on buster (lxc 3) and this worked:

cat /etc/default/lxc-net 

cat /etc/lxc/default.conf 
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1

don't forget to start the lxc-net service before starting any container:

sudo systemctl start lxc-net

-- ?paolog-guest, 2019-03-01

I added LXC 4.0 and device access in unprivileged containers to the main page. -- RyutarohMatsumoto, 2020-05-06