[CentOS-virt] LXC on CentOS 7 HowTo: PAM Configuration

Tue Feb 9 09:32:22 UTC 2016
Jochen Wiedmann <jochen.wiedmann at gmail.com>


I am trying to implement something like an "LXC on CentOS 7 HowTo" for
internal use. (Might as well get public afterwards.) I am following
the HowTo for CentOS 6
(https://wiki.centos.org/HowTos/LXC-on-CentOS6). So, here's what I did
so far (Steps 1-6 can easily be omitted, but I am trying to be

1.) Disable delta RPM's in /etc/yum.conf
2.) Remove LibreOffice

    sudo yum remove "libreoffice*"

3.) System update

    sudo yum -y update

4.) Install some niceties

    sudo yum -y install emacs emacs-nox "@Development Tools" git subversion

5.) Reboot
6.) Install VirtualBox Guest Additions
7.) Install libvirt

    sudo yum -y install libvirt libvirt-client libvirt-install

8.) Setting up root fs for a container:

    sudo su -
        mkdir -p /var/lib/libvirt/lxc/centos01/etc/yum.repos.d
        cat cat /etc/yum.repos.d/CentOS-Base.repo | sed
        yum groupinstall core --installroot=/var/lib/libvirt/lxc/centos01
        # The following command seems to be redundant, as both
packages are already installed as part of the core group.
        yum -y install plymouth libselinux-python

Now, according to the old howto, I am to configure PAM in the new root
fs. Reading through that; I don't really understand what I am to do.
For example, I am to replace a line with "session required
pam_selinux.so close". However, the matching line is a comment line,
which makes me unsure.

Are those PAM configurations still required? If so, could someone help
me on what to do exactly?



The next time you hear: "Don't reinvent the wheel!"