访问 LXC root 用户

我对容器还很陌生，正在尝试弄清楚它们。

我不知道如何以 root 用户身份登录容器。我无法让它接受临时密码或更改密码。

（是的，尽管在下面的输出中只出现了一次密码，但我确信我输入的密码是正确的。我自己输入了临时密码，让其他人输入了，然后复制并粘贴了临时密码。并且重复做了上述所有操作。为了简洁起见，我删除了其他尝试。）

有人能帮助我重新开始吗？

我怀疑存在权限问题，但还没能弄清楚权限是什么......

sed: can't read /var/lib/lxc/centostest/rootfs/etc/init/tty.conf: No such file or directory
Storing root password in '/var/lib/lxc/centostest/tmp_root_pass'
chpasswd: cannot open /etc/passwd
Expiring password for user root.
passwd: Libuser error at line: 413 - Error replacing `/etc/passwd': Permission denied.
passwd: Error

这是从容器创建到 root 访问尝试和密码重置尝试的所有终端输出......

[root@centos01 ~]# lxc-create -n centostest -t centos
Host CPE ID from /etc/os-release: cpe:/o:centos:centos:7
Checking cache download in /var/cache/lxc/centos/x86_64/7/rootfs ... 
Cache found. Updating...
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: linorg.usp.br
 * extras: linorg.usp.br
 * updates: linorg.usp.br
No packages marked for update
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
0 package files removed
Update finished
Copy /var/cache/lxc/centos/x86_64/7/rootfs to /var/lib/lxc/centostest/rootfs ... 
Copying rootfs to /var/lib/lxc/centostest/rootfs ...
sed: can't read /var/lib/lxc/centostest/rootfs/etc/init/tty.conf: No such file or directory
Storing root password in '/var/lib/lxc/centostest/tmp_root_pass'
chpasswd: cannot open /etc/passwd
Expiring password for user root.
passwd: Libuser error at line: 413 - Error replacing `/etc/passwd': Permission denied.
passwd: Error
sed: can't read /var/lib/lxc/centostest/rootfs/etc/rc.sysinit: No such file or directory
sed: can't read /var/lib/lxc/centostest/rootfs/etc/rc.d/rc.sysinit: No such file or directory

Container rootfs and config have been created.
Edit the config file to check/enable networking setup.

The temporary root password is stored in:

        '/var/lib/lxc/centostest/tmp_root_pass'


The root password is set up as expired and will require it to be changed
at first login, which you should do as soon as possible.  If you lose the
root password or wish to change it without starting the container, you
can change it from the host by running the following command (which will
also reset the expired flag):

        chroot /var/lib/lxc/centostest/rootfs passwd

[root@centos01 ~]# vi /var/lib/lxc/centostest/tmp_root_pass
[root@centos01 ~]# lxc-start -n centostest -d
[root@centos01 ~]# lxc-console -n centostest -t 0

Connected to tty 0
                  Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself

CentOS Linux 7 (Core)
Kernel 3.10.0-693.17.1.el7.x86_64 on an x86_64

centostest login: root
Password: 
Login incorrect

centostest login: [root@centos01 ~]# 
[root@centos01 ~]# lxc-stop -n centostest
[root@centos01 ~]# chroot /var/lib/lxc/centostest/rootfs passwd
Changing password for user root.
New password: 
Retype new password: 
passwd: Authentication token manipulation error
[root@centos01 ~]# lxc-start -n centostest -d
[root@centos01 ~]# lxc-console -n centostest -t 0

Connected to tty 0
                  Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself

CentOS Linux 7 (Core)
Kernel 3.10.0-693.17.1.el7.x86_64 on an x86_64

centostest login: root
Password: 
Login incorrect

硬件...

• MB：华硕 M5A97 LE R2.0
• 中央处理器：AMD FX-8370
• 内存：芝奇狙击手 DDR3 1866
• 操作系统：CentOS 最小版本

---

之后...

环顾四周，top显示systemd-journal为 100%。当我关闭 LXC 实例时，它就消失了。

所以我去了。这是我启动实例时journalctl看到的内容...journalctl -f

Feb 28 13:11:15 centos01.lan kernel: virbr3: port 2(vethGC75VP) entered blocking state
Feb 28 13:11:15 centos01.lan kernel: virbr3: port 2(vethGC75VP) entered disabled state
Feb 28 13:11:15 centos01.lan kernel: device vethGC75VP entered promiscuous mode
Feb 28 13:11:15 centos01.lan kernel: IPv6: ADDRCONF(NETDEV_UP): vethGC75VP: link is not ready
Feb 28 13:11:15 centos01.lan NetworkManager[3741]: <info>  [1519841475.4600] manager: (veth5WRBVL): new Veth device (/org/freedesktop/NetworkManager/Devices/31)
Feb 28 13:11:15 centos01.lan NetworkManager[3741]: <info>  [1519841475.4645] manager: (vethGC75VP): new Veth device (/org/freedesktop/NetworkManager/Devices/32)
Feb 28 13:11:15 centos01.lan kernel: IPv6: ADDRCONF(NETDEV_CHANGE): vethGC75VP: link becomes ready
Feb 28 13:11:15 centos01.lan kernel: virbr3: port 2(vethGC75VP) entered blocking state
Feb 28 13:11:15 centos01.lan kernel: virbr3: port 2(vethGC75VP) entered forwarding state
Feb 28 13:11:15 centos01.lan NetworkManager[3741]: <info>  [1519841475.4936] device (vethGC75VP): link connected

对我来说不合理的是，我可以看到 LXC 实例在 LAN 上拉取 IP。