An update... On Mon, May 02, 2022 at 08:21:13AM +0100, Julian Gilbey wrote: > [...] > > Since autopkgtest-build-lxc doesn't allow a --logfile option, I > > attempted to start the container manually, using the command > > lxc-start -n autopkgtest-sid --logfile /tmp/lxc.log --logpriority INFO > > and got the following warnings and errors in the log file (I've > > excluded the INFO entries): > > > > >>>>> > [...] > > lxc-start autopkgtest-sid 20220501145802.681 ERROR cgfsng - > > cgroups/cgfsng.c:cg_legacy_set_data:2675 - No such file or directory - > > Failed to setup limits for the "devices" controller. The controller seems > > to be unused by "cgfsng" cgroup driver or not enabled on the cgroup > > hierarchy > > lxc-start autopkgtest-sid 20220501145802.681 ERROR cgfsng - > > cgroups/cgfsng.c:cgfsng_setup_limits_legacy:2742 - No such file or > > directory - Failed to set "devices.deny" to "a" > [...]
I've now done more searching, and the conclusion I've come to is that this is that this is the same issue discussed in https://wiki.debian.org/LXC/CGroupV2#LXC_containers_started_by_root (and in various other bug reports); by adding the two lines lxc.cgroup.devices.allow = lxc.cgroup.devices.deny = to the file /var/lib/lxc/autopkgtest-unstable/config, I was able to start the container. But I'm running lxc version 1:4.0.11-1 and that wiki page says this change is unnecessary from version 4.0.2-1~1 onwards, which does not seem to be the case. lxc: I don't know whether the wiki is wrong or some change made in 4.0.2-1 has been reverted more recently. Either way, it would be great to resolve this discrepancy. autopkgtest-build-lxc: perhaps it would be good to add these lines at the end of the config file when the container is built, especially if the lxc folks can't fix this. Best wishes, Julian
