[Bug 1533833] Re: unprivileged lxc containers won't start, need to put sessions into "pids" cgroup controller
Bas Zoetekouw
bas at debian.org
Tue Feb 16 20:13:20 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi Martin,
> On 11-02-16 10:24, Martin Pitt wrote:
>> Bas, any chance to test the update in -proposed so that we can
>> release that?
>
> I'll try to test it later this week, if that's ok.
Unfortunately, the xenial 4.4 kernel won't boot for me at the moment
(keyboard doesn't work while inputting disk decryption key), so I
can't test if thisis fixed...
Gr,
Bas.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWw4LgAAoJENGDpRe/qY3mp+QQAM5EESKhWB5MjZUn3cvDh+ku
IGKEqKjDg+luKuHxvHHiXh1KNNCdHCffko33Qa2LSMsivX1WHNocN+n7Hvv1Wq0N
DmUHqth5b+BefemEF+sfJVz+gyV6W9r37QtJxKbjb8pUr05vnlzdMma7qF9qkZmv
rA+bOQbjP20JSuohWvMM0tRC9+gNX4GBiZYD/8Ac3WGMLA8l2FNXjnCrWFgyb+oF
hhPcgudcv9L2JAx+7JlXs7oNMoXjQ57k/d1dIQW+uyGL/24X2CV1btcEmznowYMo
lYZPP99i3PpsmhnhwAd+VYYPd1o1052HfkEYIx/dVMoK5usxgpcwl5wsdgFLaTog
hpPA/poC7RCIFdGpXFt31dhjQMIOR4mQ41NiuJtPxXrp5H3Bu5Q0bCgq3o5WJMNw
85bzJ5uxE3cGFDSeeBb/j8gxeK1yW1hqP5t051f40C98sfX4hyOyZmuKLyakKyW9
I/h8kQOFaLFi8MlmcV6MnA0E66nIO5J+ODWeSmdAeMLWAzA9b911YfecCB8PMboq
RtR/ddc0/cttmtDWgQ8sz3lO7d2vNwzWqMIJW2qDy4IexK9jOIlHiOw9CLuJdjqm
f2sfZZWhNjeGIddAJ0tZB6TKmCHuZ07XYeaiyOaFTGSTF5MhDmPtyV7/51d6pOU4
QqbgijCYBiyM1m04NNep
=HBJX
-----END PGP SIGNATURE-----
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1533833
Title:
unprivileged lxc containers won't start, need to put sessions into
"pids" cgroup controller
Status in lxc package in Ubuntu:
Fix Released
Status in systemd package in Ubuntu:
Fix Released
Status in lxc source package in Wily:
New
Status in systemd source package in Wily:
Fix Committed
Bug description:
I'n trying to get (unpriviliged) lxc containers to run on wily. I
create a container like this:
> lxc-create -t download -n u1 -- -d ubuntu -r wily -a amd64
that works. However, starting the container fails:
> lxc-start -n u1
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 346 To get more details, run the container in foreground mode.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
Setting the log priority to debug shows the following (relevant part
only):
lxc-start 1452717530.484 INFO lxc_start - start.c:lxc_init:474 - 'u1' is initialized
lxc-start 1452717530.484 DEBUG lxc_start - start.c:__lxc_start:1186 - Not dropping cap_sys_boot or watching utmp
lxc-start 1452717530.484 INFO lxc_start - start.c:resolve_clone_flags:883 - Cloning a new user namespace
lxc-start 1452717530.484 INFO lxc_cgroup - cgroup.c:cgroup_init:65 - cgroup driver cgmanager initing for u1
lxc-start 1452717530.489 ERROR lxc_cgmanager - cgmanager.c:lxc_cgmanager_enter:698 - call to cgmanager_move_pid_sync failed: invalid request
lxc-start: cgmanager.c: lxc_cgmanager_enter: 698 call to cgmanager_move_pid_sync failed: invalid request
lxc-start 1452717530.490 ERROR lxc_start - start.c:__lxc_start:1213 - failed to spawn 'u1'
lxc-start: start.c: __lxc_start: 1213 failed to spawn 'u1'
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.c:main:344 - The container failed to start.
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
lxc-start 1452717530.484 INFO lxc_start - start.c:lxc_init:474 - 'u1' is initialized
lxc-start 1452717530.484 DEBUG lxc_start - start.c:__lxc_start:1186 - Not dropping cap_sys_boot or watching utmp
lxc-start 1452717530.484 INFO lxc_start - start.c:resolve_clone_flags:883 - Cloning a new user namespace
lxc-start 1452717530.484 INFO lxc_cgroup - cgroup.c:cgroup_init:65 - cgroup driver cgmanager initing for u1
lxc-start 1452717530.489 ERROR lxc_cgmanager - cgmanager.c:lxc_cgmanager_enter:698 - call to cgmanager_move_pid_sync failed: invalid request
lxc-start: cgmanager.c: lxc_cgmanager_enter: 698 call to cgmanager_move_pid_sync failed: invalid request
lxc-start 1452717530.490 ERROR lxc_start - start.c:__lxc_start:1213 - failed to spawn 'u1'
lxc-start: start.c: __lxc_start: 1213 failed to spawn 'u1'
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.c:main:344 - The container failed to start.
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
So it seems a cgmanager issue. Syslog shows:
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager:do_create_main: pid 25615 (uid 1000 gid 1000) may not create under /run/cgmanager/fs/pids
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager: Invalid path /run/cgmanager/fs/pids/lxc/u1
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager:per_ctrl_move_pid_main: Invalid path /run/cgmanager/fs/pids/lxc/u1
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager:do_create_main: pid 25632 (uid 1000 gid 1000) may not create under /run/cgmanager/fs/pids
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager: Invalid path /run/cgmanager/fs/pids/lxc/u1
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager:per_ctrl_move_pid_main: Invalid path /run/cgmanager/fs/pids/lxc/u1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1533833/+subscriptions
More information about the foundations-bugs
mailing list