[Bug 1813622] Re: systemd-resolved, systemd-networkd and others fail to start in lxc container with v240 systemd
Launchpad Bug Tracker
1813622 at bugs.launchpad.net
Sun Feb 3 22:58:43 UTC 2019
This bug was fixed in the package systemd - 240-5ubuntu3
---------------
systemd (240-5ubuntu3) disco; urgency=medium
* debian/tests: blacklist upstream test-24-unit-tests on ppc64le.
Fails, not a regression as it's a new test case, which was never before
executed on ppc64le.
File: debian/tests/upstream
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8062b9a2712c390010d2948eaf764a1b52e68715
-- Dimitri John Ledkov <xnox at ubuntu.com> Sat, 02 Feb 2019 11:05:12
+0100
** Changed in: systemd (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1813622
Title:
systemd-resolved, systemd-networkd and others fail to start in lxc
container with v240 systemd
Status in lxd:
Fix Released
Status in systemd:
Fix Released
Status in apparmor package in Ubuntu:
Invalid
Status in lxd package in Ubuntu:
Confirmed
Status in systemd package in Ubuntu:
Fix Released
Bug description:
This is a regression from 239-7ubuntu15 to 240-5ubuntu1.
Steps to reproduce:
lxc launch ubuntu-daily:disco rbasak-resolv
lxc exec rbasak-resolv bash
systemctl status systemd-resolved # observe running
echo "deb http://archive.ubuntu.com/ubuntu/ disco-proposed main universe multiverse restricted" >> /etc/apt/sources.list
apt update
# Update to 240-5ubuntu1 from proposed
apt install systemd libsystemd0 systemd-sysv libnss-systemd libpam-systemd
reboot
lxc exec rbasak-resolv bash
systemctl status systemd-resolved # observe failed
● systemd-resolved.service - Network Name Resolution
Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Mon 2019-01-28 16:50:37 UTC; 2min 28s ago
Docs: man:systemd-resolved.service(8)
https://www.freedesktop.org/wiki/Software/systemd/resolved
https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
Process: 290 ExecStart=/lib/systemd/systemd-resolved (code=exited, status=226/NAMESPACE)
Main PID: 290 (code=exited, status=226/NAMESPACE)
Jan 28 16:50:37 rbasak-resolv systemd[1]: systemd-resolved.service: Service has no hold-off time (RestartSec=0), scheduling restart.
Jan 28 16:50:37 rbasak-resolv systemd[1]: systemd-resolved.service: Scheduled restart job, restart counter is at 5.
Jan 28 16:50:37 rbasak-resolv systemd[1]: Stopped Network Name Resolution.
Jan 28 16:50:37 rbasak-resolv systemd[1]: systemd-resolved.service: Start request repeated too quickly.
Jan 28 16:50:37 rbasak-resolv systemd[1]: systemd-resolved.service: Failed with result 'exit-code'.
Jan 28 16:50:37 rbasak-resolv systemd[1]: Failed to start Network Name Resolution.
This causes /etc/resolv.conf to point to a file that isn't created, so
all name resolution fails. As far as I can determine, landing this in
the release pocket would cause all default LXD containers to stop
working.
In my case it breaks "autopkgtest -U --apt-pocket=proposed ... -- lxd
ubuntu-daily:disco"
Tagging block-proposed as migration would regress the release pocket,
and marking Critical as it breaks the system (presumably only in a
container though, and it is only in proposed currently).
=== Workaround ===
$ lxc config set test-v240 raw.apparmor 'mount options=(ro,nodev,remount,bind),
mount options=(ro,nosuid,nodev,remount,bind),
mount options=(ro,nosuid,noexec,remount,strictatime),
mount options=(ro,nosuid,noexec,remount,bind,strictatime),
mount options=(ro,nosuid,nodev,noexec,remount,bind),'
To manage notifications about this bug go to:
https://bugs.launchpad.net/lxd/+bug/1813622/+subscriptions
More information about the foundations-bugs
mailing list