Installing ubuntu-core snap inside a LXD container fails
Sujeevan Vijayakumaran
svij at ubuntu.com
Tue Jun 7 16:42:13 UTC 2016
Great, thanks for the clarification!
Am 07.06.2016 um 18:36 schrieb Stéphane Graber:
> On Wed, Jun 08, 2016 at 01:31:06AM +0900, Mark Shuttleworth wrote:
>> On 07/06/16 23:14, Claudio André wrote:
>>> 2016-06-07 9:37 GMT-03:00 Sujeevan (svij)
>>> Vijayakumaran <svij at ubuntu.com <mailto:svij at ubuntu.com>>:
>>>
>>> > That's because snapd tickles the kernel in a way that blows[...]
>>>
>>>
>>> That is interesting. Where I can find more about the 'tickles'? My
>>> motivation:
>>> - I'm seeing closed source software behaves badly, e.g, AMD software
>>> prints.
>>>
>>> Internal Error: as failed
>>> Codegen phase failed compilation.
>>>
>>> If I know what the 'tickles' mean, I might be able to do something.
>>> Thanks.
>>
>> I think it has to do with nesting kernel structures related to security
>> (LXD sets those up, then snapd wants to tweak them again), but a much
>> clearer answer would come from Stephane cc'd.
>>
>> Mark
>
> Hi,
>
> Containers cannot mount squashfs file systems, or setup loop mounts or
> setup apparmor profiles. All of which are required to get a snap
> running.
>
> All of the above are blocked by the kernel as unsafe to use by an
> unprivileged user (which you are in a LXD container).
>
>
> My team is actively working on some kernel changes and some changes to
> snapd itself to allow this to work in the near future.
>
> Stéphane
>
>>
>>
>>>
>>> 2016-06-07 8:41 GMT-03:00 Sujeevan (svij) Vijayakumaran
>>> <svij at ubuntu.com <mailto:svij at ubuntu.com>>:
>>>
>>> Hello!
>>>
>>> I'm trying to install a snap inside a freshly created LXD container,
>>> which isn't possible:
>>>
>>> -----
>>> ubuntu at snap-test:~$ sudo snap install
>>> taskwarrior_2.5.1-snap0_amd64.snap
>>> 64.75 MB / 64.75 MB
>>> [========================================================================]
>>> 100.00 % 5.38 MB/s
>>>
>>> error: cannot perform the following tasks:
>>> - Mount snap "ubuntu-core" ([start snap-ubuntu\x2dcore-122.mount]
>>> failed
>>> with exit status 1: Job for snap-ubuntu\x2dcore-122.mount failed. See
>>> "systemctl status "snap-ubuntu\\x2dcore-122.mount"" and
>>> "journalctl -xe"
>>> for details.
>>> )
>>> ubuntu at snap-test:~$ systemctl status "snap-ubuntu\\x2dcore-122.mount"
>>> ● snap-ubuntu\x2dcore-122.mount - Squashfs mount unit for ubuntu-core
>>> Loaded: loaded (/etc/systemd/system/snap-ubuntu\x2dcore-122.mount;
>>> enabled; vendor preset: enabled)
>>> Active: failed (Result: exit-code) since Tue 2016-06-07
>>> 11:32:13 UTC;
>>> 16s ago
>>> Where: /snap/ubuntu-core/122
>>> What: /var/lib/snapd/snaps/ubuntu-core_122.snap
>>> Process: 8584 ExecMount=/bin/mount
>>> /var/lib/snapd/snaps/ubuntu-core_122.snap /snap/ubuntu-core/122
>>> (code=exited, status=32)
>>>
>>> Jun 07 11:32:13 snap-test systemd[1]: Mounting Squashfs mount unit for
>>> ubuntu-core...
>>> Jun 07 11:32:13 snap-test mount[8584]: mount: /snap/ubuntu-core/122:
>>> mount failed: Unknown error -1
>>> Jun 07 11:32:13 snap-test systemd[1]: snap-ubuntu\x2dcore-122.mount:
>>> Mount process exited, code=exited status=32
>>> Jun 07 11:32:13 snap-test systemd[1]: Failed to mount Squashfs mount
>>> unit for ubuntu-core.
>>> Jun 07 11:32:13 snap-test systemd[1]: snap-ubuntu\x2dcore-122.mount:
>>> Unit entered failed state.
>>> ------
>>>
>>> It works fine if it's not inside a LXD container. Is this an issue
>>> with
>>> LXD or with snapd or am I missing something?
>>>
>>> Also: Why is there an "ugly" \x2d (which seems to be a hypen-minus) in
>>> the systemd-file rather than a "normal" minus?
>>>
>>> Cheers,
>>> Sujeevan
>>>
>>> --
>>> Snapcraft mailing list
>>> Snapcraft at lists.ubuntu.com <mailto:Snapcraft at lists.ubuntu.com>
>>> Modify settings or unsubscribe at:
>>> https://lists.ubuntu.com/mailman/listinfo/snapcraft
>>>
>>>
>>>
>>>
>>
>
>
>
More information about the Snapcraft
mailing list