Quoting Brian Campbell (lam...@continuation.org):
> On Feb 20, 2014, at 9:21 AM, Serge Hallyn <serge.hal...@ubuntu.com> wrote:
>
> > Quoting Brian Campbell (lam...@continuation.org):
> >> On Feb 18, 2014, at 10:25 AM, Serge Hallyn <serge.hal...@ubuntu.com> wrote:
> >>> It looks like you're in the root cgroup and starting as non-root.
> >>> Without being root you indeed do not have the rights to create new
> >>> cgroups there. You'll need to either use lxc as root, or do something
> >>> like
> >>>
> >>> for d in /sys/fs/cgroup/*; do
> >>> sudo mkdir $d/lambda
> >>> sudo chown -R lambda: $d/lambda
> >>> echo $$ > $d/lambda/tasks
> >>> done
> >>
> >>
> >> Apologies for the slow followup, been a busy few days.
> >>
> >> Doing that gives me an error on the the cpuset cgroup (added an echo to
> >> see which one it was):
> >>
> >> /sys/fs/cgroup/blkio/lambda
> >> /sys/fs/cgroup/cpu/lambda
> >> /sys/fs/cgroup/cpuacct/lambda
> >> /sys/fs/cgroup/cpu,cpuacct/lambda
> >> /sys/fs/cgroup/cpuset/lambda
> >> -bash: echo: write error: No space left on device
> >> /sys/fs/cgroup/devices/lambda
> >> /sys/fs/cgroup/freezer/lambda
> >> /sys/fs/cgroup/net_cls/lambda
> >> /sys/fs/cgroup/perf_event/lambda
> >> /sys/fs/cgroup/systemd/lambda
> >>
> >> I decided to see if it would work anyhow, but it still fails. Any clue why
> >> cpuset would be failing?
> >
> > You need to either echo 1 > /sys/fs/cgroup/cpuset/cgroup.clone_children,
> > or else manually cp cpuset.cpus and cpuset.mems from the parent to the
> > child cgroup. Otherwise you cannot place a task into the cgroup.
>
> Yep, as I mentioned in my followup I figured that out (the manual part, I
> hadn't noticed clone_children), and got a bit further, but it's still failing:
>
> lxc-start 1392878417.586 INFO lxc_start_ui - using rcfile
> /home/lambda/.local/share/lxc/precise-test/config
> lxc-start 1392878417.586 INFO lxc_confile - read uid map: type u
> nsid 0 hostid 100000 range 65536
> lxc-start 1392878417.586 INFO lxc_confile - read uid map: type g
> nsid 0 hostid 100000 range 65536
> lxc-start 1392878417.586 WARN lxc_log - lxc_log_init called with log
> already initialized
> lxc-start 1392878417.586 INFO lxc_lsm - LSM security driver nop
> lxc-start 1392878417.586 DEBUG lxc_conf - allocated pty '/dev/pts/3'
> (5/6)
> lxc-start 1392878417.586 DEBUG lxc_conf - allocated pty '/dev/pts/4'
> (7/8)
> lxc-start 1392878417.586 DEBUG lxc_conf - allocated pty '/dev/pts/5'
> (9/10)
> lxc-start 1392878417.586 DEBUG lxc_conf - allocated pty '/dev/pts/6'
> (11/12)
> lxc-start 1392878417.586 INFO lxc_conf - tty's configured
> lxc-start 1392878417.587 DEBUG lxc_start - sigchild handler set
> lxc-start 1392878417.587 DEBUG lxc_console - opening /dev/tty for
> console peer
> lxc-start 1392878417.587 INFO lxc_caps - Last supported cap was 34
> lxc-start 1392878417.587 DEBUG lxc_console - using '/dev/tty' as
> console
> lxc-start 1392878417.587 DEBUG lxc_console - 21308 got SIGWINCH fd 17
> lxc-start 1392878417.587 DEBUG lxc_console - set winsz dstfd:14
> cols:161 rows:55
> lxc-start 1392878417.847 INFO lxc_start - 'precise-test' is
> initialized
> lxc-start 1392878417.875 DEBUG lxc_start - Not dropping cap_sys_boot
> or watching utmp
> lxc-start 1392878417.875 INFO lxc_start - Cloning a new user
> namespace
> lxc-start 1392878417.875 INFO lxc_cgroup - cgroup driver cgroupfs
> initing for precise-test
> lxc-start 1392878417.876 ERROR lxc_cgfs - Operation not permitted -
> Could not add pid 21330 to cgroup /lambda/precise-test: internal error
> lxc-start 1392878417.909 ERROR lxc_start - failed to spawn
> 'precise-test'
>
> After changing that error to provide a little more information, I found that
> the full path is:
>
> lxc-start: Operation not permitted - Could not add pid 23235 to cgroup
> /sys/fs/cgroup/devices/lambda/precise-test/tasks
Urgh, I'm not sure, but this stuff gets tedious so doing it by hand it's
easy to overlook something (especially after one step has partially
failed).
I just tested on a clean system without cgmanager. I installed
cgroup-lite and did the following on command line:
for d in /sys/fs/cgroup/*; do
f=$(basename $d)
echo "looking at $f"
if [ "$f" = "cpuset" ]; then
echo 1 | sudo tee -a $d/cgroup.clone_children;
elif [ "$f" = "memory" ]; then
echo 1 | sudo tee -a $d/memory.use_hierarchy;
fi
sudo mkdir -p $d/$USER
sudo chown -R $USER $d/$USER
echo $$ > $d/$USER/tasks
done
After this I was able to do an unprivileged lxc-start. Can you
try rebooting then cut-pasting and running the above?
-serge
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
