Isolated shutdown?

Daniel Lezcano daniel.lezcano at free.fr
Tue Aug 25 04:08:56 PDT 2009


Scott Helvick wrote:
> On Tue, Aug 25, 2009 at 4:58 AM, Daniel Lezcano <daniel.lezcano at free.fr>wrote:
>
>   
>> Scott Helvick wrote:
>>
>>     
>>> Hello all,
>>>
>>> I've set up a system container with a mostly-complete filesystem, built
>>> from
>>> scratch.  However, I'm having several minor issues, which leads me to
>>> believe I'm misunderstanding something about how lxc works.  For one
>>> thing,
>>> I find myself unable to kill processes within the container itself
>>> (process
>>> handling is a whole other issue)... yet when I run 'shutdown', it not only
>>> shuts down the container, but also the host!  Somehow I don't think this
>>> was
>>> a design decision. :-)
>>>
>>> Any tips would be appreciated.
>>>
>>>
>>>       
>> It is not yet supported.
>> You can drop PR_CAPBSET_DROP capability for your system container, that
>> will avoid to poweroff your host.
>>     
>
>
> Stupid question; how exactly do I do this, and does it have any side
> effects?   Running 'getpcaps' on the container only reveals:
>
> # getpcaps 2022
> Capabilities for `2022': =
> cap_dac_override,cap_fowner,cap_setpcap,cap_net_admin,cap_net_raw,cap_sys_chroot,cap_sys_admin+ep
>   
Which tools in userspace are you using ?


More information about the Containers mailing list