← Back to team overview

kernel-packages team mailing list archive

[Bug 1191600] Re: User namespace is not enabled in raring kernel

 

** Tags added: lxc

** Tags added: user-namespace

** Description changed:

- lxc-checkconfig reports that user namespace is missing in raring 32 bit.
+ lxc-checkconfig reports that user namespace is missing in raring.
  
  uname -a:
  
  Linux example 3.8.0-25-generic #37-Ubuntu SMP Thu Jun 6 20:47:30 UTC
  2013 i686 athlon i686 GNU/Linux
  
  /proc/version_signature:
  
  Ubuntu 3.8.0-25.37-generic 3.8.13
  
  lspci output: N/A (lspci not installed in this configuration)
  
  lxc-checkconfig:
- 
  
  root@example:/# lxc-checkconfig
  Kernel configuration not found at /proc/config.gz; searching...
  Kernel configuration found at /boot/config-3.8.0-25-generic
  --- Namespaces ---
  Namespaces: enabled
  Utsname namespace: enabled
  Ipc namespace: enabled
  Pid namespace: enabled
  User namespace: missing
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  Network namespace: enabled
  Multiple /dev/pts instances: enabled
  
  --- Control groups ---
  Cgroup: enabled
  Cgroup namespace: required
  Cgroup device: enabled
  Cgroup sched: enabled
  Cgroup cpu account: enabled
  Cgroup memory controller: enabled
  Cgroup cpuset: enabled
  
  --- Misc ---
  Veth pair device: enabled
  Macvlan: enabled
  Vlan: enabled
  File capabilities: enabled
  
  Note : Before booting a new kernel, you can check its configuration
  usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig
  
  This may be caused by the kernel config used in this package:
  
  CONFIG_UTS_NS=y
  CONFIG_IPC_NS=y
  CONFIG_PID_NS=y
  CONFIG_NET_NS=y
  
  that is, CONFIG_USER_NS was not selected in the kernel configuration.
  
  For comparison, similar section in the kernel config of 64-bit Precise
  (12.04) looks as follows:
  
  CONFIG_NAMESPACES=y
  CONFIG_UTS_NS=y
  CONFIG_IPC_NS=y
  CONFIG_USER_NS=y
  CONFIG_PID_NS=y
  CONFIG_NET_NS=y
  
- User namespace is the only one missing in the 32-bit version vs. 64-bit
- version.
- 
  As result, lxc-start of a container with lxc.id_map is not possible
  (clone() returns EINVAL).
  
  Thanks.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1191600

Title:
  User namespace is not enabled in raring kernel

Status in “linux” package in Ubuntu:
  Confirmed

Bug description:
  lxc-checkconfig reports that user namespace is missing in raring.

  uname -a:

  Linux example 3.8.0-25-generic #37-Ubuntu SMP Thu Jun 6 20:47:30 UTC
  2013 i686 athlon i686 GNU/Linux

  /proc/version_signature:

  Ubuntu 3.8.0-25.37-generic 3.8.13

  lspci output: N/A (lspci not installed in this configuration)

  lxc-checkconfig:

  root@example:/# lxc-checkconfig
  Kernel configuration not found at /proc/config.gz; searching...
  Kernel configuration found at /boot/config-3.8.0-25-generic
  --- Namespaces ---
  Namespaces: enabled
  Utsname namespace: enabled
  Ipc namespace: enabled
  Pid namespace: enabled
  User namespace: missing
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  Network namespace: enabled
  Multiple /dev/pts instances: enabled

  --- Control groups ---
  Cgroup: enabled
  Cgroup namespace: required
  Cgroup device: enabled
  Cgroup sched: enabled
  Cgroup cpu account: enabled
  Cgroup memory controller: enabled
  Cgroup cpuset: enabled

  --- Misc ---
  Veth pair device: enabled
  Macvlan: enabled
  Vlan: enabled
  File capabilities: enabled

  Note : Before booting a new kernel, you can check its configuration
  usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

  This may be caused by the kernel config used in this package:

  CONFIG_UTS_NS=y
  CONFIG_IPC_NS=y
  CONFIG_PID_NS=y
  CONFIG_NET_NS=y

  that is, CONFIG_USER_NS was not selected in the kernel configuration.

  For comparison, similar section in the kernel config of 64-bit Precise
  (12.04) looks as follows:

  CONFIG_NAMESPACES=y
  CONFIG_UTS_NS=y
  CONFIG_IPC_NS=y
  CONFIG_USER_NS=y
  CONFIG_PID_NS=y
  CONFIG_NET_NS=y

  As result, lxc-start of a container with lxc.id_map is not possible
  (clone() returns EINVAL).

  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1191600/+subscriptions