[PLDWWW] page changed: docs:lxc
"Elan Ruusamäe (glen)"
glen at pld-linux.org
Sun Nov 24 16:18:29 CET 2013
[loginuid]
--- https://www.pld-linux.org/docs/lxc?rev=1385304517
+++ https://www.pld-linux.org/docs/lxc
@@ -74,20 +74,24 @@
</file>
==== loginuid ====
- ''pam_loginuid.so'' does not allow ''sshd'' to login
+ having ''audit_control'' dropped:
+ <file config config>
+ lxc.cap.drop = audit_control
+ </file>
+ ''pam_loginuid.so'' does not allow ''sshd'' to login:
<file>
Nov 24 16:02:10 test sshd[2694]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session
</file>
-
- Similar problem as [[http://kb.parallels.com/en/112597|here]], to workaround, disable ''pam_loginuid.so'' in the authentication rules:
+ You can either [[http://kb.parallels.com/en/112597|workaround]] to disable ''pam_loginuid.so'' in the authentication rules:
<file>
# sed '/pam_loginuid.so/s/^/#/g' -i /etc/pam.d/*
</file>
+ Or just **do not** drop the capability.
===== Vserver comparision =====
When in Vserver, guest processes are not visible in host, then in LXC all guest processes are visible. Beware when running ''killall(1)'' commands on host.
Diff URL:
https://www.pld-linux.org/docs/lxc?do=diff&r1=1385304517&r2=1385306308
--
This mail was generated by DokuWiki at
https://www.pld-linux.org/
More information about the pld-cvs-commit
mailing list