<div dir="ltr"><div>This is my container's fstab:<br><br>proc proc proc nodev,noexec,nosuid 0 0<br>sysfs sys sysfs defaults 0 0<br>/sys/fs/fuse/connections sys/fs/fuse/connections none bind 0 0<br>
/sys/kernel/debug sys/kernel/debug none bind 0 0<br>/sys/kernel/security sys/kernel/security none bind 0 0<br>/sys/fs/pstore sys/fs/pstore none bind,optional 0 0<br>/lib/modules lib/modules none bind 0 0<br><br></div>And this the containers configuration:<br>
<br>lxc.mount = /var/lib/lxc/cn/fstab<br>lxc.tty = 4<br>lxc.pts = 1024<br>lxc.devttydir = lxc<br>lxc.arch = x86_64<br>lxc.cgroup.devices.deny = a<br>lxc.cgroup.devices.allow = c *:* m<br>lxc.cgroup.devices.allow = b *:* m<br>
lxc.cgroup.devices.allow = c 1:3 rwm<br>lxc.cgroup.devices.allow = c 1:5 rwm<br>lxc.cgroup.devices.allow = c 5:1 rwm<br>lxc.cgroup.devices.allow = c 5:0 rwm<br>lxc.cgroup.devices.allow = c 1:9 rwm<br>lxc.cgroup.devices.allow = c 1:8 rwm<br>
lxc.cgroup.devices.allow = c 136:* rwm<br>lxc.cgroup.devices.allow = c 5:2 rwm<br>lxc.cgroup.devices.allow = c 254:0 rm<br>lxc.cgroup.devices.allow = c 10:229 rwm<br>lxc.cgroup.devices.allow = c 10:200 rwm<br>lxc.cgroup.devices.allow = c 1:7 rwm<br>
lxc.cgroup.devices.allow = c 10:228 rwm<br>lxc.cgroup.devices.allow = c 10:232 rwm<br>lxc.utsname = cn<br>lxc.network.type = veth<br>lxc.network.flags = up<br>lxc.network.link = lxcbr0<br>lxc.network.hwaddr = 00:16:3e:fc:8d:0f<br>
lxc.cap.drop = sys_module<br>lxc.cap.drop = mac_admin<br>lxc.cap.drop = mac_override<br>lxc.cap.drop = sys_time<br>lxc.rootfs = /var/lib/lxc/cn/rootfs<br>lxc.pivotdir = lxc_putold<br>lxc.aa_profile = unconfined<br>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Oct 11, 2013 at 7:56 AM, Frederico Araujo <span dir="ltr"><<a href="mailto:araujof@gmail.com" target="_blank">araujof@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> OS supports them, but criu itself is running inside the container, which doesn't have them.<br>
<div class="HOEnZb"><div class="h5"><br>
On Oct 11, 2013, at 1:02 AM, Cyrill Gorcunov <<a href="mailto:gorcunov@gmail.com">gorcunov@gmail.com</a>> wrote:<br>
<br>
> On Thu, Oct 10, 2013 at 06:32:57PM -0500, Frederico Araujo wrote:<br>
>> Sorry, I meant tcp_rmem and tcp_wmem in my previous email.<br>
>> Thank you!<br>
><br>
> Wait, these sysctl entries are supposed to be read on host system,<br>
> you mean your kernel doesn't suppot them, or the criu itself is running<br>
> in the container?<br>
><br>
> Cyrill<br>
</div></div></blockquote></div><br></div>