[Bug 1813622] Re: systemd-resolved, systemd-networkd and others fail to start in lxc container with v240 systemd

Dimitri John Ledkov launchpad at surgut.co.uk
Tue Jan 29 12:37:48 UTC 2019 

This is similar to https://github.com/systemd/systemd/issues/10032
But this time around with apparmor, under lxd, on ubuntu
Regression from 1beab8b0d0ff2d7d1436b52d4a0c3d56dc908962
Will be tracing this further now.

** Bug watch added: github.com/systemd/systemd/issues #10032
   https://github.com/systemd/systemd/issues/10032

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1813622

Title:
  systemd-resolved, systemd-networkd and others fail to start in lxc
  container with v240 systemd

Status in apparmor package in Ubuntu:
  New
Status in lxd package in Ubuntu:
  New
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  This is a regression from 239-7ubuntu15 to 240-5ubuntu1.

  Steps to reproduce:

  lxc launch ubuntu-daily:disco rbasak-resolv
  lxc exec rbasak-resolv bash
  systemctl status systemd-resolved  # observe running
  echo "deb http://archive.ubuntu.com/ubuntu/ disco-proposed main universe multiverse restricted" >> /etc/apt/sources.list
  apt update
  # Update to 240-5ubuntu1 from proposed
  apt install systemd libsystemd0 systemd-sysv libnss-systemd libpam-systemd
  reboot
  lxc exec rbasak-resolv bash
  systemctl status systemd-resolved  # observe failed

  ● systemd-resolved.service - Network Name Resolution
     Loaded: loaded (/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Mon 2019-01-28 16:50:37 UTC; 2min 28s ago
       Docs: man:systemd-resolved.service(8)
             https://www.freedesktop.org/wiki/Software/systemd/resolved
             https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
             https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
    Process: 290 ExecStart=/lib/systemd/systemd-resolved (code=exited, status=226/NAMESPACE)
   Main PID: 290 (code=exited, status=226/NAMESPACE)

  Jan 28 16:50:37 rbasak-resolv systemd[1]: systemd-resolved.service: Service has no hold-off time (RestartSec=0), scheduling restart.
  Jan 28 16:50:37 rbasak-resolv systemd[1]: systemd-resolved.service: Scheduled restart job, restart counter is at 5.
  Jan 28 16:50:37 rbasak-resolv systemd[1]: Stopped Network Name Resolution.
  Jan 28 16:50:37 rbasak-resolv systemd[1]: systemd-resolved.service: Start request repeated too quickly.
  Jan 28 16:50:37 rbasak-resolv systemd[1]: systemd-resolved.service: Failed with result 'exit-code'.
  Jan 28 16:50:37 rbasak-resolv systemd[1]: Failed to start Network Name Resolution.

  This causes /etc/resolv.conf to point to a file that isn't created, so
  all name resolution fails. As far as I can determine, landing this in
  the release pocket would cause all default LXD containers to stop
  working.

  In my case it breaks "autopkgtest -U --apt-pocket=proposed ... -- lxd
  ubuntu-daily:disco"

  Tagging block-proposed as migration would regress the release pocket,
  and marking Critical as it breaks the system (presumably only in a
  container though, and it is only in proposed currently).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1813622/+subscriptions

More information about the foundations-bugs mailing list