Quoting Robert Pendell ([email protected]): > On Mon, May 5, 2014 at 2:14 PM, Serge Hallyn <[email protected]> wrote: > > Quoting Robert Pendell ([email protected]): > >> On Mon, May 5, 2014 at 12:25 PM, Serge Hallyn <[email protected]> > >> wrote: > >> > Quoting Robert Pendell ([email protected]): > >> >> Here is the information as you requested. > >> >> > >> >> lxc-start -n <container> -l info -o outfile > >> >> lxc-start 1399295274.692 INFO lxc_start_ui - using rcfile > >> >> /home/shinji/.local/share/lxc/utest/config > >> >> lxc-start 1399295274.692 INFO lxc_utils - XDG_RUNTIME_DIR > >> >> isn't set in the environment. > >> >> lxc-start 1399295274.692 INFO lxc_confile - read uid map: > >> >> type u nsid 0 hostid 100000 range 65536 > >> >> lxc-start 1399295274.692 INFO lxc_confile - read uid map: > >> >> type g nsid 0 hostid 100000 range 65536 > >> >> lxc-start 1399295274.692 WARN lxc_log - lxc_log_init called > >> >> with log already initialized > >> >> lxc-start 1399295274.692 INFO lxc_lsm - LSM security driver > >> >> nop > >> >> lxc-start 1399295274.692 INFO lxc_utils - XDG_RUNTIME_DIR > >> >> isn't set in the environment. > >> >> lxc-start 1399295274.693 INFO lxc_conf - tty's configured > >> >> lxc-start 1399295275.060 INFO lxc_start - 'utest' is > >> >> initialized > >> >> lxc-start 1399295275.072 INFO lxc_start - Cloning a new user > >> >> namespace > >> >> lxc-start 1399295275.072 INFO lxc_cgroup - cgroup driver > >> >> cgmanager initing for utest > >> >> lxc-start 1399295275.073 ERROR lxc_cgmanager - call to > >> >> cgmanager_create_sync failed: invalid request > >> >> lxc-start 1399295275.073 ERROR lxc_cgmanager - Failed to > >> >> create cpuset:utest > >> > > >> > Thanks - so the problem is here. Chances are you are not in a cgroup > >> > that you own. The easiest way to fix this is > >> > > >> > sudo cgm create all shinji > >> > sudo cgm chown all shinji $(id -u) $(id -g) > >> > cgm movepid all shinji $$ > >> > > >> > Now the lxc-start should work (or at least go on to the next problem) > >> > > >> > >> Ok. So I had determined that before (I didn't realize it until after > >> I sent them message) however I had found a different way of handling > >> it. Yours is more elegant. Now then to the 2nd issue. > >> > >> This doesn't persist between server reboots or login sessions. Is > >> there supposed to be a script that runs that makes this persistent or > >> does one have to move themselves manually whenever they want to run > >> unprivileged containers? > > > > logind should be putting you into a cgroup that you own when you log > > in. I think it's the libpam-systemd package which provides that. > > > > Wow! Thanks alot. You have been a great help. I mentioned my > provider up front earlier because I thought there might be missing > packages and I was hoping I would get that eventually and you just > gave me the missing link. Doing that made great progress. Now after > doing so new sessions seem to update the cgroup that I'm sitting in > however it isn't doing it fully. > > When attempting to start I still get an error but it is later on (an > issue I had before once I figured out it was the cgroup scope at > issue). > > shinji@icarus:/etc/systemd$ lxc-start -n utest > lxc_container: call to cgmanager_create_sync failed: invalid request > lxc_container: Failed to create debug:utest > lxc_container: Error creating cgroup debug:utest > lxc_container: failed creating cgroups > lxc_container: failed to spawn 'utest' > > I'm not even sure where "debug" cgroup is coming from but I suspect it > is due to the way the host is compiling the kernel? > > This is how my /proc/self/cgroup looks after server reboot and relogin. > > shinji@icarus:/etc/systemd$ cat /proc/self/cgroup > 12:net_prio:/ > 11:perf_event:/user/1000.user/1.session > 10:blkio:/user/1000.user/1.session > 9:net_cls:/ > 8:freezer:/user/1000.user/1.session > 7:devices:/user/1000.user/1.session > 6:cpuacct:/user/1000.user/1.session > 5:cpu:/user/1000.user/1.session > 4:debug:/ > 3:cpuset:/user/1000.user/1.session > 2:name=systemd:/user/1000.user/1.session > > I checked the Controllers setting in /etc/systemd/logind.conf and it > is lacking debug, net_cls, and net_prio listed above. Would it be > sufficient to add those 3 to that conf file and relogin?
Yup, that should be the correct solution. _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
