Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Editing container breaks it's config file #101

Open
marcosx86 opened this issue Jan 31, 2016 · 1 comment
Open

Editing container breaks it's config file #101

marcosx86 opened this issue Jan 31, 2016 · 1 comment
Labels
bug

Comments

@marcosx86
Copy link
Contributor

Scenario: Debian Jessie 8.3, no GUI, OpenSSH server
Using git master

  1. Setup steps (everything ran as root):
    apt-get install git lxc lxctl dnsmasq python-minimal fabric npm python-setuptools python-flask python-pam python-ldap python-dev pkg-config python-cffi python-tz;
    ln -s /usr/bin/nodejs /usr/bin/node
    (run as normal user) fab build_assets;
    python ./setup.py develop
    cp debian/lwp.service /lib/systemd/system/lwp.service
    (edited to comply lwp's real path - /usr/local/bin/lwp)
    systemctl daemon-reload
    systemctl enable lwp.service
  2. Create a basic container, debian type
  3. Run it, it will succeed, stop it
  4. Clone it, run cloned container, it will succeed, stop it
  5. Edit cloned container, save, run it, it will crash.

When editing, it is breaking the config file repeating items, mostly mount ones:

lxc.mount = /var/lib/lxc/elk-java-base/fstab
lxc.mount.entry = sysfs sys sysfs ro 0 0
lxc.tty = 4
lxc.pts = 1024
lxc.arch = x86_64
lxc.seccomp = /usr/share/lxc/config/common.seccomp
lxc.kmsg = 0
lxc.autodev = 1
lxc.utsname = elk-java-base
lxc.network.type = empty
lxc.cap.drop = sys_time
lxc.rootfs = /var/lib/lxc/elk-java-base/rootfs
lxc.pivotdir = lxc_putold
lxc.start.auto = 0
lxc.loglevel = 0
lxc.network.flags = down

lxc.mount.entry = sysfs sys sysfs ro 0 0
lxc.cap.drop = sys_time
lxc.mount.entry = sysfs sys sysfs ro 0 0
lxc.cap.drop = sys_time
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
lxc.mount.entry = sysfs sys sysfs ro 0 0
lxc.cgroup.devices.deny = a
lxc.cgroup.devices.allow = c *:* m
lxc.cgroup.devices.allow = b *:* m
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 5:2 rwm
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 254:0 rm
lxc.cgroup.devices.allow = c 10:229 rwm
lxc.cgroup.devices.allow = c 10:200 rwm
lxc.cgroup.devices.allow = c 1:7 rwm
lxc.cgroup.devices.allow = c 10:228 rwm
lxc.cgroup.devices.allow = c 10:232 rwm
lxc.cap.drop = sys_module
lxc.cap.drop = mac_admin
lxc.cap.drop = mac_override
lxc.cap.drop = sys_time
@claudyus
Copy link
Owner

should be fixed also for debian using #102

@claudyus claudyus added the bug label Jan 31, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@marcosx86 @claudyus