Your message dated Wed, 24 Apr 2024 18:56:10 +0200 with message-id <87il06g0np....@daath.pimeys.fr> and subject line Closing old bugs has caused the Debian Bug report #875733, regarding lxc.mount.auto = cgroup:mixed doesn't seem to work in Stretch anymore to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 875733: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875733 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: lxc Version: 1:2.0.7-2 Severity: normal Hi, In Jessie I was using a container setup with LXC and unprivileged containers. By unprivileged, I mean container config had a bunch of lxc.cap.drop lines, especially including sys_admin. That means the init system inside the container (systemd) is not able to do any privileged operation, including mounts, so the mounts need to be done before starting the containers. It worked fine in Jessie (both host and guests) with lines suchs as: auto = proc:mixed sys:ro cgroup:mixed Which takes care of mounting /proc, /sys and /sys/fs/cgroup for the container. Now in Stretch with lxc 2.0.7-2, it doesn't work anymore. Console output for a Jessie container shows: Failed to mount tmpfs at /sys/fs/cgroup: Operation not permitted While for a Stretch container I have: Failed to mount tmpfs at /sys/fs/cgroup: Operation not permitted Failed to mount cgroup at /sys/fs/cgroup/systemd: No such file or directory [!!!!!!] Failed to mount API filesystems, freezing. Freezing execution. So it looks like systemd is trying to mount /sys/fs/cgroup and fails (because it doesn't have CAP_SYS_ADMIN, which is expected). That means lxc somehow failed to mount /sys/fs/cgroup in the container, which looks like a regression from Jessie. I'll setup a more simple container and config so I can provide it and some logs to you so you can reproduce. Regards, -- Yves-Alexis -- System Information: Debian Release: 9.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages lxc depends on: ii init-system-helpers 1.48 ii libapparmor1 2.11.0-3 ii libc6 2.24-11+deb9u1 ii libcap2 1:2.25-1 ii libgnutls30 3.5.8-5+deb9u2 ii liblxc1 1:2.0.7-2 ii libseccomp2 2.3.1-2.1 ii libselinux1 2.6-3+b1 ii lsb-base 9.20161125 ii python3 3.5.3-1 ii python3-lxc 1:2.0.7-2 Versions of packages lxc recommends: pn bridge-utils <none> ii debootstrap 1.0.89 ii dirmngr 2.1.18-6 pn dnsmasq-base <none> ii gnupg 2.1.18-6 ii iptables 1.6.0+snapshot20161117-6 pn libpam-cgfs <none> pn lxcfs <none> ii openssl 1.1.0f-3 ii rsync 3.1.2-1 pn uidmap <none> Versions of packages lxc suggests: pn apparmor <none> pn btrfs-tools <none> ii lvm2 2.02.168-2 -- debconf information: * lxc/directory: /srv/lxc lxc/shutdown: /usr/bin/lxc-halt lxc/title: lxc/auto:
--- End Message ---
--- Begin Message ---Hi, These bugs are quite old, and it's not humanly possible to test if they're all still actual to the current versions of LXC. I'm therefore closing them. I do not consider them as solved, and I'd have preferred if we were able to solve them back then. If the bug you reported is still a thing in recent lxc versions, feel free to reopen it or to open a new bug. I hope you'll understand that it's not an attempt to hide problems, but rather an attempt to get a better view on problem I can act upon. Bests, -- PEBsignature.asc
Description: PGP signature
--- End Message ---