Browse Source

LXC tips

git-archive
devrandom 11 years ago
parent
commit
b482952a33
  1. 15
      README.md

15
README.md

@ -66,3 +66,18 @@ After you've merged everybody's signatures, verify them: @@ -66,3 +66,18 @@ After you've merged everybody's signatures, verify them:
TODO:
- disable sudo in target, just in case of a hypervisor exploit
- tar and other archive timestamp setter
## LXC tips
`bin/gbuild` runs `lxc-start`, which may require root. If you are in the admin group, you can add the following sudoers line to prevent asking for the password every time:
%admin ALL=NOPASSWD: /usr/bin/lxc-start
Recent distributions allow lxc-start to be run by non-priviledged users, so you might be able to rip-out the `sudo` calls in `libexec/*`.
If you have a runaway `lxc-start` command, just use `kill -9` on it.
The machine configuration requires access to br0 and assumes that the host address is 10.0.2.2:
sudo brctl add br0
sudo ifconfig br0 10.0.2.2/24 up

Loading…
Cancel
Save