From 276f7954afcc68d517b6e2fc22dcc7c642cf4794 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sun, 31 Dec 2017 18:27:55 -0200
Subject: Initial code and notes, but still not working

---
 README.md | 41 +++++++++++++++++++++++++++++++++++++++--
 1 file changed, 39 insertions(+), 2 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 1392101..32f5387 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,39 @@
-beggar
-======
+Beggar Containers
+=================
+
+A wrapper for LXC unprivileged containers.
+
+Example
+-------
+
+Enforcing `PATH` to avoid issues with firejail:
+
+    PATH=/bin:/usr/bin lxc-create --name alpine -t download -- -d alpine -r edge -a amd64
+
+Development notes
+-----------------
+
+### ACL
+
+    getfacl . .local .local/share
+    sudo setfacl -m u:427680:x . .local .local/share
+    sudo setfacl --remove-all  . .local .local/share
+
+### AppArmor
+
+      lxc-start 20171227032456.513 WARN     lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:218 - Incomplete AppArmor support in your kernel
+      lxc-start 20171227032456.516 ERROR    lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:220 - If you really want to start this container, set
+      lxc-start 20171227032456.519 ERROR    lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:221 - lxc.aa_allow_incomplete = 1
+      lxc-start 20171227032456.521 ERROR    lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:222 - in your container configuration file
+      lxc-start 20171227032456.527 ERROR    lxc_sync - sync.c:__sync_wait:57 - An error occurred in another process (expected sequence number 5)
+
+References
+----------
+
+* [LXC 1.0: Blog post series [0/10] | Stéphane Graber's website](https://stgraber.org/2013/12/20/lxc-1-0-blog-post-series/).
+* [Linux Containers - LXC - Getting started](https://linuxcontainers.org/lxc/getting-started/).
+* [Configuring Unprivileged LXC containers in Debian Jessie](https://myles.sh/configuring-lxc-unprivileged-containers-in-debian-jessie/).
+* [userns - What is an unprivileged LXC container? - Unix & Linux Stack Exchange](https://unix.stackexchange.com/questions/177030/what-is-an-unprivileged-lxc-container#177031).
+* [Flockport - LXC using unprivileged containers](https://archives.flockport.com/lxc-using-unprivileged-containers/).
+* [Flockport - Run accelerated GUI apps in LXC containers](https://archives.flockport.com/run-gui-apps-in-lxc-containers/).
+* [How to create unprivileged LXC container on Ubuntu Linux 14.04 LTS – nixCraft](https://www.cyberciti.biz/faq/how-to-create-unprivileged-linux-containers-on-ubuntu-linux/).
-- 
cgit v1.2.3