Comment 4 for bug 1342960
Revision history for this message
| Serge Hallyn (serge-hallyn) wrote Re: Error setting cgroup devices.deny limit with nested lxc container | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Thanks for verifying. What is happening is actually vaguely explained in the mountcgroup hook itself, and is an unfortunate side effect of a somewhat recent kernel change:
cd /sys/fs/
sudo mkdir a
echo a | sudo tee -a a/devices.deny # succeeds
sudo mkdir -p b/c
echo a | sudo tee -a b/devices.deny # fails
If a devices cgroup has any child cgroups, then you can no longer make certain changes to it.
Marking this confirmed and changing the title to reflect that the comments in /usr/share/