On 3/11/24 04:33, Patrick O'Callaghan wrote:
On Sun, 2024-03-10 at 22:56 -0700, Mike Wright wrote:
On 3/10/24 15:40, Patrick O'Callaghan wrote:
On Sun, 2024-03-10 at 11:13 -0700, Mike Wright wrote:
The last two lines are key. Add these flags: -F -o logfile. The default loglevel is ERROR. If you want more detail include -l LEVEL.
e.g. lxc-start -n containerName -F -o containerName.log -l WARN
This is what I get:
$ lxc-start -n test -F -o test.log -l WARN
<snip/> > $ cat test.log > lxc-start test 20240310223702.913 ERROR cgfsng - > cgroups/cgfsng.c:__cgfsng_delegate_controllers:2921 - Device or > resource busy - Could not enable "+cpu +io +memory +pids" > controllers in the unified cgroup 9 > lxc-start test 20240310223702.934 ERROR cgfsng - > cgroups/cgfsng.c:__cgfsng_delegate_controllers:2921 - Device or > resource busy - Could not enable "+cpu +io +memory +pids" > controllers in the unified cgroup 9
I use this:
lxc.apparmor.profile=unconfined
which runs the container as root. That setting doesn't stop you from adding profiles.
AFAIK 'apparmor' is a Ubuntu-ism. Both my system and the system in the container are Fedora 39.
That one puzzles me, too. However, there is no corresponding lxc.selinux setting. lxc was a canonical/ubuntu creation so my first reaction was the same as yours but from some of the comments I've read on https://discuss.linuxcontainers.org ( another forum with *lots* of empty space ) that it or something like it may have been integrated into lxc.