Isolated shutdown?

Scott Helvick crazyscottie at gmail.com
Tue Aug 25 03:18:03 PDT 2009


On Tue, Aug 25, 2009 at 4:58 AM, Daniel Lezcano <daniel.lezcano at free.fr>wrote:

> Scott Helvick wrote:
>
>> Hello all,
>>
>> I've set up a system container with a mostly-complete filesystem, built
>> from
>> scratch.  However, I'm having several minor issues, which leads me to
>> believe I'm misunderstanding something about how lxc works.  For one
>> thing,
>> I find myself unable to kill processes within the container itself
>> (process
>> handling is a whole other issue)... yet when I run 'shutdown', it not only
>> shuts down the container, but also the host!  Somehow I don't think this
>> was
>> a design decision. :-)
>>
>> Any tips would be appreciated.
>>
>>
> It is not yet supported.
> You can drop PR_CAPBSET_DROP capability for your system container, that
> will avoid to poweroff your host.


Stupid question; how exactly do I do this, and does it have any side
effects?   Running 'getpcaps' on the container only reveals:

# getpcaps 2022
Capabilities for `2022': =
cap_dac_override,cap_fowner,cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_chroot,cap_sys_admin+ep


More information about the Containers mailing list