LXC On CentOS 7 HowTo: PAM Configuration

Home » CentOS-Virt » LXC On CentOS 7 HowTo: PAM Configuration
CentOS-Virt 2 Comments

Hi,

I am trying to implement something like an “LXC on CentOS 7 HowTo” for internal use. (Might as well get public afterwards.) I am following the HowTo for CentOS 6
(https://wiki.CentOS.org/HowTos/LXC-on-CentOS6). So, here’s what I did so far (Steps 1-6 can easily be omitted, but I am trying to be complete.)

1.) Disable delta RPM’s in /etc/yum.conf
2.) Remove LibreOffice

sudo yum remove “libreoffice*”

3.) System update

sudo yum -y update

4.) Install some niceties

sudo yum -y install emacs emacs-nox “@Development Tools” git subversion

5.) Reboot
6.) Install VirtualBox Guest Additions
7.) Install libvirt

sudo yum -y install libvirt libvirt-client libvirt-install

8.) Setting up root fs for a container:

sudo su –
mkdir -p /var/lib/libvirt/lxc/CentOS01/etc/yum.repos.d
cat cat /etc/yum.repos.d/CentOS-Base.repo | sed s/’$releasever’/7/g
yum groupinstall core –installroot=/var/lib/libvirt/lxc/CentOS01
# The following command seems to be redundant, as both packages are already installed as part of the core group.
yum -y install plymouth libselinux-python
–installroot=/var/lib/libvirt/lxc/CentOS01

Now, according to the old howto, I am to configure PAM in the new root fs. Reading through that; I don’t really understand what I am to do. For example, I am to replace a line with “session required pam_selinux.so close”. However, the matching line is a comment line, which makes me unsure.

Are those PAM configurations still required? If so, could someone help me on what to do exactly?

Thanks,

Jochen

2 thoughts on - LXC On CentOS 7 HowTo: PAM Configuration

  • _________^
    Well, that needs a explicite explanation on the WHY, IMHO not needed

    _______________^
    Well, that is personal taste, the existence of a installed LibreOffice should not influence LXC in any way.

    This should be first point. No one should start a installation of such a complex matter as Virtualisation on a outdated system. Best add comment about the use of “yum ps” or the real need of a reboot in case of glibc/udev/kernel updates before going further in installing.

    _______________^
    Again personal taste, for some is the installation of emacs a sacred act, for other pure blasphemy. say something about making sure the the favourite text-cli editor is installed is more helpful here. Remember the UNIX way: Less is more. Less software on the host(metal), means more uptime between unavoidable reboots, esp. for servers.

    ________^
    Eh? You want to use LXC, not “VirtualBox”, what are the “Guest Additions”
    for? Explain, if really needed

    _______^
    Give better title here, e.g. “Install packages for LXC: libvirt + co.”
    _______^
    Ok, that can be done better, and easier to read and understand:
    [code]
    cp -t /var/lib/libvirt/lxc/CentOS01/etc/yum.repos.d/ \
    /etc/yum.repos.d/CentOS-Base.repo
    sed –in-place ‘s/$releasever/7/g’ \
    /var/lib/libvirt/lxc/CentOS01/etc/yum.repos.d/CentOS-Base.repo
    [/code]
    If you really need the switched of “Delta RPM” stuff, here and now is the place.

    I have not needed any pam-monging so far, but … [shrugs].

    Please, some other (real-live) expert, go over the installation procedere, too, I’m no guru, nor a last instance.

    Lets give enough input to make this HowTo conform to best practises.

    – Yamaban.