[lxc-devel] [PATCH] Various fixes for Fedora/CentOS/OpenSUSE templates and systemd.を当ててLXCをビルドする
lxc.cap.drop から setpcapを外せばよい。(fedora.common.confが参考になる。)
-
pull requestした。
-
issue報告
lxc 1.0.6の場合
/usr/share/lxc/config/centos.common.conf
- lxc.cap.drop = mac_admin mac_override setfcap setpcap
+ lxc.cap.drop = mac_admin mac_override setfcap
lxc 1.1.0の場合
/usr/share/lxc/config/centos.common.conf
- lxc.cap.drop = setfcap setpcap sys_nice sys_pacct sys_rawio
+ lxc.cap.drop = setfcap sys_nice sys_pacct sys_rawio
- setpcapをコメントアウトしない場合
- ネットワークが有効にならなかった。
- また、systemctlコマンドも
Failed to get D-Bus connection: Failed to authenticate in time.となった。
- 試しにこれでCentOS6も動かしてみたが動作はした。
- CentOS7を動かすとlxc-stopがキッカリ1分かかるが、起動に1時間かかるよりかは良い。
構築手順: ArchLinuxでLXCを動かしてみた - Qiita
同現象
- [lxc-users] Centos-7 x86_64 container slow and buggy start
- build on centos7 container · Issue #68 · SolidCharity/LightBuildServer
$ sudo lxc-start -n centos7
systemd 208 running in system mode. (+PAM +LIBWRAP +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ)
Detected virtualization 'lxc'.
Welcome to CentOS Linux 7 (Core)!
Cannot add dependency job for unit display-manager.service, ignoring: Unit display-manager.service failed to load: No such file or directory.
[ OK ] Reached target Remote File Systems.
[ OK ] Listening on /dev/initctl Compatibility Named Pipe.
[ OK ] Listening on Delayed Shutdown Socket.
[ OK ] Reached target Encrypted Volumes.
[ OK ] Listening on Journal Socket.
Mounting Debug File System...
Mounting POSIX Message Queue File System...
Mounting Huge Pages File System...
Starting Journal Service...
[ OK ] Started Journal Service.
Mounting Configuration File System...
Starting Create static device nodes in /dev...
[ OK ] Reached target Swap.
Starting Remount Root and Kernel File Systems...
[ OK ] Created slice Root Slice.
[ OK ] Created slice User and Session Slice.
[ OK ] Created slice System Slice.
[ OK ] Reached target Slices.
[ OK ] Created slice system-getty.slice.
[ OK ] Mounted Debug File System.
ここまでで20分・・・