I wanted to know if it’s possible to execute
cpio command line inside system-wide unprivileged containers (unprivileged container started by root) ?
My goal is to execute :
zcat initrd.gz | cpio -id
As a result, I obtain :
cpio: dev/console cannot mknod operation not permitted
cpio: dev/null cannot mknod operation not permitted
I understood that an unprivileged container cannot use mknod in regards to explications in other post, so I tried to add
lxc.cap.keep = mknod capability with the hope that it could be a solution, but… no . I thought that executing unprivileged containers with root would be enough to do this.
I use LXC 2.0.7 with debian 9 (4.9.0-11-amd64)