[Bug 1309923] [NEW] Unprivileged lxc containers fail to start

Arthur Schiwon blizzz at arthur-schiwon.de
Sat Apr 19 11:17:29 UTC 2014 

Public bug reported:

After upgrading to 14.04 I created an unprivileged lxc container
following https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-
containers/

Unlike root containers they fail to start. With logging level strace I
get this output:

      lxc-start 1397905196.384 INFO     lxc_start_ui - using rcfile /home/blizzz/.local/share/lxc/ubuntu1404/config
      lxc-start 1397905196.384 INFO     lxc_confile - read uid map: type u nsid 0 hostid 120000 range 65536
      lxc-start 1397905196.384 INFO     lxc_confile - read uid map: type g nsid 0 hostid 120000 range 65536
      lxc-start 1397905196.386 WARN     lxc_log - lxc_log_init called with log already initialized
      lxc-start 1397905196.392 INFO     lxc_lsm - LSM security driver AppArmor
      lxc-start 1397905196.393 DEBUG    lxc_conf - allocated pty '/dev/pts/12' (5/6)
      lxc-start 1397905196.394 DEBUG    lxc_conf - allocated pty '/dev/pts/13' (7/8)
      lxc-start 1397905196.394 DEBUG    lxc_conf - allocated pty '/dev/pts/15' (9/10)
      lxc-start 1397905196.394 DEBUG    lxc_conf - allocated pty '/dev/pts/16' (11/12)
      lxc-start 1397905196.394 INFO     lxc_conf - tty's configured
      lxc-start 1397905196.394 DEBUG    lxc_start - sigchild handler set
      lxc-start 1397905196.394 DEBUG    lxc_console - no console peer
      lxc-start 1397905196.396 INFO     lxc_monitor - using monitor sock name lxc/f59b2b10dfad8de3//home/blizzz/.local/share/lxc
      lxc-start 1397905196.708 INFO     lxc_start - 'ubuntu1404' is initialized
      lxc-start 1397905196.715 DEBUG    lxc_start - Not dropping cap_sys_boot or watching utmp
      lxc-start 1397905196.715 INFO     lxc_start - Cloning a new user namespace
      lxc-start 1397905196.715 INFO     lxc_cgroup - cgroup driver cgroupfs initing for ubuntu1404
      lxc-start 1397905196.716 ERROR    lxc_cgfs - Permission denied - failed to set memory.use_hierarchy to 1; continuing
      lxc-start 1397905196.716 ERROR    lxc_cgfs - Could not set clone_children to 1 for cpuset hierarchy in parent cgroup.
      lxc-start 1397905196.717 ERROR    lxc_cgfs - Permission denied - cgroup_rmdir: failed to delete /var/local/cgroup/
      lxc-start 1397905196.717 ERROR    lxc_start - failed creating cgroups
      lxc-start 1397905196.717 ERROR    lxc_start - failed to spawn 'ubuntu1404'
      lxc-start 1397905196.717 ERROR    lxc_commands - command get_cgroup failed to receive response
      lxc-start 1397905196.718 WARN     lxc_cgfs - Not attaching to cgroup hugetlb unknown to /home/blizzz/.local/share/lxc ubuntu1404

Given, it sounds there are permission issues with regard to
cloning/configuring cgroups, on the other hand I did not change anything
knowingly (and I would not know how).

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: lxc 1.0.3-0ubuntu3
ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9
Uname: Linux 3.13.0-24-generic x86_64
ApportVersion: 2.14.1-0ubuntu3
Architecture: amd64
CurrentDesktop: KDE
Date: Sat Apr 19 13:09:20 2014
EcryptfsInUse: Yes
InstallationDate: Installed on 2012-09-19 (576 days ago)
InstallationMedia: Kubuntu 12.10 "Quantal Quetzal" - Alpha amd64 (20120919)
SourcePackage: lxc
UpgradeStatus: Upgraded to trusty on 2014-04-18 (0 days ago)
defaults.conf:
 lxc.network.type = veth
 lxc.network.link = lxcbr0
 lxc.network.flags = up
 lxc.network.hwaddr = 00:16:3e:xx:xx:xx

** Affects: lxc (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apparmor apport-bug trusty

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1309923

Title:
  Unprivileged lxc containers fail to start

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1309923/+subscriptions

More information about the Ubuntu-server-bugs mailing list