Ok - if you'd like to send a patch for that that'd be great. I don't have any systems where I ever run over that codepath, not sure how many others do, so i'm not entirely surprised that noone else has reported this.
thanks, -serge Quoting Przemyslaw Rudy ([email protected]): > Yes, commenting out 'return -1' makes it starts and it seems to behave > correctly. > > The /proc/self/mountinfo done from inside the container is empty (as no proc > is mounted). > If I mount it (by lxc.mount.auto or directly inside the container) then: > > 42 20 0:2 /containers/mycnt/rootfs / rw - rootfs rootfs > rw,size=90972k,nr_inodes=22743 > 43 42 0:19 / /dev rw,nodev,relatime - tmpfs none > rw,size=100k,mode=755,uid=100000,gid=100000 > 44 43 0:5 /null /dev/null rw,relatime - devtmpfs devtmpfs > rw,size=90972k,nr_inodes=22743,mode=755 > 45 43 0:5 /zero /dev/zero rw,relatime - devtmpfs devtmpfs > rw,size=90972k,nr_inodes=22743,mode=755 > 46 43 0:5 /full /dev/full rw,relatime - devtmpfs devtmpfs > rw,size=90972k,nr_inodes=22743,mode=755 > 47 43 0:5 /urandom /dev/urandom rw,relatime - devtmpfs devtmpfs > rw,size=90972k,nr_inodes=22743,mode=755 > 48 43 0:5 /random /dev/random rw,relatime - devtmpfs devtmpfs > rw,size=90972k,nr_inodes=22743,mode=755 > 49 43 0:5 /tty /dev/tty rw,relatime - devtmpfs devtmpfs > rw,size=90972k,nr_inodes=22743,mode=755 > 50 43 0:5 /console /dev/console rw,relatime - devtmpfs devtmpfs > rw,size=90972k,nr_inodes=22743,mode=755 > 51 50 0:11 /0 /dev/console rw,relatime - devpts devpts > rw,gid=5,mode=620,ptmxmode=000 > 52 42 0:2 /shared /tmp rw - rootfs rootfs rw,size=90972k,nr_inodes=22743 > 30 43 0:20 / /dev/pts rw,relatime - devpts devpts > rw,gid=100005,mode=620,ptmxmode=666 > 31 43 0:20 /0 /dev/tty1 rw,relatime - devpts devpts > rw,gid=100005,mode=620,ptmxmode=666 > 32 42 0:18 / /proc rw,nodev,relatime - proc proc rw > > > BTW. Just to be exact, in first mount log before starting lxc I forgot to > enable cloning, so the exact line is: > 19 18 0:16 / /sys/fs/cgroup rw,relatime - cgroup cgroup > rw,cpuset,cpuacct,memory,devices,freezer,net_cls,clone_children > instead of: > 19 18 0:16 / /sys/fs/cgroup rw,relatime - cgroup cgroup > rw,cpuset,cpuacct,memory,devices,freezer,net_cls > > On 29.07.2015 15:32, Serge Hallyn wrote: > > If you rebuild lxc patching that paragraph to warn but not return > > failure when the umount of './proc' fails, does the container start > > properly? What does /proc/self/mountinfo inside the container then > > look like? > > > > -serge > > > > Quoting Przemyslaw Rudy ([email protected]): > >> /proc/self/mountinfo before the lxc-start: > >> > >> 1 1 0:2 / / rw - rootfs rootfs rw,size=90972k,nr_inodes=22743 > >> 13 1 0:5 / /dev rw,relatime - devtmpfs devtmpfs > >> rw,size=90972k,nr_inodes=22743,mode=755 > >> 14 1 0:4 / /proc rw,relatime - proc proc rw > >> 15 13 0:11 / /dev/pts rw,relatime - devpts devpts > >> rw,gid=5,mode=620,ptmxmode=000 > >> 16 13 0:13 / /dev/shm rw,relatime - tmpfs tmpfs rw,mode=777 > >> 17 1 0:14 / /tmp rw,relatime - tmpfs tmpfs rw > >> 18 1 0:15 / /sys rw,relatime - sysfs sysfs rw > >> 19 18 0:16 / /sys/fs/cgroup rw,relatime - cgroup cgroup > >> rw,cpuset,cpuacct,memory,devices,freezer,net_cls > >> > >> > >> On 07/29/2015 04:07 AM, Serge Hallyn wrote: > >>> I suspect you're right and we should simply ignore the failure. > >>> > >>> Can you show /proc/self/mountinfo before the lxc-start? > >>> > >>> Quoting Przemyslaw Rudy ([email protected]): > >>>> -1 is rv, errno is 22 EINVAL > >>>> > >>>> The log: > >>>> lxc-start 40.086 INFO lxc_start_ui - > >>>> lxc_start.c:main:264 - using rcfile /containers/mycnt/config > >>>> lxc-start 40.087 INFO lxc_confile - > >>>> confile.c:config_idmap:1376 - read uid map: type u nsid 0 hostid 100000 > >>>> range 65536 > >>>> lxc-start 40.087 INFO lxc_confile - > >>>> confile.c:config_idmap:1376 - read uid map: type g nsid 0 hostid 100000 > >>>> range 65536 > >>>> lxc-start 40.087 WARN lxc_cgfs - > >>>> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup > >>>> cpuset unknown to /containers mycnt > >>>> lxc-start 40.087 DEBUG lxc_start - > >>>> start.c:setup_signal_fd:259 - sigchild handler set > >>>> lxc-start 40.089 DEBUG lxc_console - > >>>> console.c:lxc_console_peer_default:500 - opening /dev/tty for console > >>>> peer > >>>> lxc-start 40.089 DEBUG lxc_console - > >>>> console.c:lxc_console_peer_default:506 - using '/dev/tty' as console > >>>> lxc-start 40.089 DEBUG lxc_console - > >>>> console.c:lxc_console_sigwinch_init:179 - 509 got SIGWINCH fd 9 > >>>> lxc-start 40.089 DEBUG lxc_console - > >>>> console.c:lxc_console_winsz:88 - set winsz dstfd:6 cols:0 rows:0 > >>>> lxc-start 40.089 INFO lxc_start - start.c:lxc_init:451 > >>>> - 'mycnt' is initialized > >>>> lxc-start 40.095 DEBUG lxc_start - > >>>> start.c:__lxc_start:1137 - Not dropping cap_sys_boot or watching utmp > >>>> lxc-start 40.097 INFO lxc_start - > >>>> start.c:resolve_clone_flags:848 - Cloning a new user namespace > >>>> lxc-start 40.112 DEBUG lxc_conf - > >>>> conf.c:instantiate_veth:2703 - instantiated veth > >>>> 'veth-mycnt/vethNPPNHE', index is '12' > >>>> lxc-start 40.112 INFO lxc_cgroup - > >>>> cgroup.c:cgroup_init:65 - cgroup driver cgroupfs initing for mycnt > >>>> lxc-start 40.122 DEBUG lxc_conf - > >>>> conf.c:lxc_assign_network:3120 - move 'eth0' to '512' > >>>> lxc-start 40.122 NOTICE lxc_start - start.c:do_start:667 > >>>> - switching to gid/uid 0 in new user namespace > >>>> lxc-start 40.125 DEBUG lxc_conf - > >>>> conf.c:setup_rootfs:1284 - mounted '/containers/mycnt/rootfs' on > >>>> '/usr/lib/lxc/rootfs' > >>>> lxc-start 40.125 INFO lxc_conf - > >>>> conf.c:setup_utsname:919 - 'mycnt' hostname has been setup > >>>> lxc-start 40.153 DEBUG lxc_conf - > >>>> conf.c:setup_netdev:2479 - 'eth0' has been setup > >>>> lxc-start 40.153 INFO lxc_conf - > >>>> conf.c:setup_network:2500 - network has been setup > >>>> lxc-start 40.153 INFO lxc_conf - > >>>> conf.c:mount_autodev:1148 - Mounting /dev under /usr/lib/lxc/rootfs > >>>> lxc-start 40.153 INFO lxc_conf - > >>>> conf.c:mount_autodev:1169 - Mounted tmpfs onto /usr/lib/lxc/rootfs/dev > >>>> lxc-start 40.153 INFO lxc_conf - > >>>> conf.c:mount_autodev:1187 - Mounted /dev under /usr/lib/lxc/rootfs > >>>> lxc-start 40.153 DEBUG lxc_conf - > >>>> conf.c:mount_entry:1735 - remounting /shared on /usr/lib/lxc/rootfs/tmp > >>>> to respect bind or remount optios > >>>> lxc-start 40.153 DEBUG lxc_conf - > >>>> conf.c:mount_entry:1750 - (at remount) flags for /shared was 0, required > >>>> extra flags are 0 > >>>> lxc-start 40.153 DEBUG lxc_conf - > >>>> conf.c:mount_entry:1759 - mountflags already was 4098, skipping remount > >>>> lxc-start 40.153 DEBUG lxc_conf - > >>>> conf.c:mount_entry:1785 - mounted '/shared' on > >>>> '/usr/lib/lxc/rootfs/tmp', type 'none' > >>>> lxc-start 40.153 INFO lxc_conf - > >>>> conf.c:mount_file_entries:2034 - mount points have been setup > >>>> lxc-start 40.153 INFO lxc_conf - > >>>> conf.c:fill_autodev:1215 - Creating initial consoles under > >>>> /usr/lib/lxc/rootfs/dev > >>>> lxc-start 40.153 INFO lxc_conf - > >>>> conf.c:fill_autodev:1226 - Populating /dev under /usr/lib/lxc/rootfs > >>>> lxc-start 40.154 INFO lxc_conf - > >>>> conf.c:fill_autodev:1258 - Populated /dev under /usr/lib/lxc/rootfs > >>>> lxc-start 40.154 INFO lxc_conf - > >>>> conf.c:setup_dev_console:1515 - console has been setup > >>>> lxc-start 40.154 INFO lxc_conf - > >>>> conf.c:do_tmp_proc_mount:3576 - I am 1, /proc/self points to '' > >>>> lxc-start 40.161 INFO lxc_conf - > >>>> conf.c:do_tmp_proc_mount:3602 - Mounted /proc in container for security > >>>> transition > >>>> lxc-start 40.500 ERROR lxc_conf - > >>>> conf.c:prepare_ramfs_root:1378 - Invalid argument - Unable to umount > >>>> /proc > >>>> lxc-start 40.500 ERROR lxc_conf - conf.c:lxc_setup:3917 > >>>> - failed to set rootfs for 'mycnt' > >>>> lxc-start 40.500 ERROR lxc_start - start.c:do_start:699 > >>>> - failed to setup the container > >>>> lxc-start 40.500 ERROR lxc_sync - sync.c:__sync_wait:51 > >>>> - invalid sequence number 1. expected 2 > >>>> lxc-start 40.500 WARN lxc_conf - > >>>> conf.c:lxc_delete_network:2996 - failed to remove interface 'eth0' > >>>> lxc-start 40.515 ERROR lxc_start - > >>>> start.c:__lxc_start:1164 - failed to spawn 'mycnt' > >>>> lxc-start 40.669 ERROR lxc_start_ui - > >>>> lxc_start.c:main:344 - The container failed to start. > >>>> lxc-start 40.669 ERROR lxc_start_ui - > >>>> lxc_start.c:main:348 - Additional information can be obtained by setting > >>>> the --logfile and --logprio. > >>>> > >>>> > >>>> On 07/28/2015 05:09 PM, Serge Hallyn wrote: > >>>>> Quoting Przemyslaw Rudy ([email protected]): > >>>>>> Referring to this patch: > >>>>>> https://lists.linuxcontainers.org/pipermail/lxc-devel/2014-October/010604.html > >>>>>> > >>>>>> Starting lxc with userns in prepare_ramfs_root() I got -1 from: > >>>>> > >>>>> rv or errno? > >>>>> > >>>>>> if (umount2("./proc", MNT_DETACH)) { > >>>>>> > >>>>>> Shall this error be rather ignored in case of userns? Thus the same > >>>>>> logic as for other mount points processed by mentioned function? > >>>>> > >>>>> Can you give full (-l trace -o debug.output) startup log? > >>>>> _______________________________________________ > >>>>> lxc-devel mailing list > >>>>> [email protected] > >>>>> http://lists.linuxcontainers.org/listinfo/lxc-devel > >>>>> > >>>> _______________________________________________ > >>>> lxc-devel mailing list > >>>> [email protected] > >>>> http://lists.linuxcontainers.org/listinfo/lxc-devel > >>> _______________________________________________ > >>> lxc-devel mailing list > >>> [email protected] > >>> http://lists.linuxcontainers.org/listinfo/lxc-devel > >>> > >> _______________________________________________ > >> lxc-devel mailing list > >> [email protected] > >> http://lists.linuxcontainers.org/listinfo/lxc-devel > > _______________________________________________ > > lxc-devel mailing list > > [email protected] > > http://lists.linuxcontainers.org/listinfo/lxc-devel > > > _______________________________________________ > lxc-devel mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-devel _______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
