Re: [lxc-users] [Unable to start using lvm backend]

Mon, 13 Apr 2015 04:43:16 -0700

It may be useful to give more details about what i am trying to do ;-) I work with a Debian Jessie and LXC 1.0.6 from the Debian repository.
First, i give an ID range to root and i set the container's configuration with this range: 

root # grep root /etc/sub[ug]id
/etc/subgid:root:558752:65536
/etc/subuid:root:558752:65536

root # cat test.conf
lxc.id_map = u 0 558752 65536
lxc.id_map = g 0 558752 65536
lxc.network.type = empty

Then, i create a container with the 'download' template,


root # lxc-create -n test -f test.conf -t download -B lvm --vgname Pool 
-- -d debian -r wheezy -a amd64
File descriptor 3 (/var/lib/lxc/test/partial) leaked on lvcreate 
invocation. Parent PID 1506: lxc-create

  Logical volume "test" created
Using image from local cache
Unpacking the rootfs
[...]

Finally, i try to start this container but it miserably fails,

root # lxc-start -n test --logfile test.log --logpriority DEBUG
lxc-start: failed to determine fs type for '/dev/Pool/test'
lxc-start: failed to determine fs type for '/dev/dm-7'
lxc-start: failed to mount rootfs
lxc-start: failed to setup rootfs for 'test'
lxc-start: Error setting up rootfs mount after spawn
lxc-start: failed to setup the container
lxc-start: invalid sequence number 1. expected 2
lxc-start: failed to spawn 'test'
lxc-start: The container failed to start.

lxc-start: Additional information can be obtained by setting the 
--logfile and --logpriority options.


Here is the content of the log file if it helps,

root # cat test.log

      lxc-start 1428924388.945 INFO     lxc_start_ui - using rcfile 
/var/lib/lxc/test/config
      lxc-start 1428924388.945 INFO     lxc_confile - read uid map: 
type u nsid 0 hostid 558752 range 65536
      lxc-start 1428924388.945 INFO     lxc_confile - read uid map: 
type g nsid 0 hostid 558752 range 65536
      lxc-start 1428924388.945 WARN     lxc_log - lxc_log_init called 
with log already initialized

      lxc-start 1428924388.945 INFO     lxc_lsm - LSM security driver nop

      lxc-start 1428924388.947 DEBUG    lxc_conf - allocated pty 
'/dev/pts/3' (5/6)
      lxc-start 1428924388.947 DEBUG    lxc_conf - allocated pty 
'/dev/pts/4' (7/8)
      lxc-start 1428924388.947 DEBUG    lxc_conf - allocated pty 
'/dev/pts/5' (9/10)
      lxc-start 1428924388.947 DEBUG    lxc_conf - allocated pty 
'/dev/pts/6' (11/12)

      lxc-start 1428924388.947 INFO     lxc_conf - tty's configured
      lxc-start 1428924388.947 DEBUG    lxc_start - sigchild handler set

      lxc-start 1428924388.947 DEBUG    lxc_console - opening /dev/tty 
for console peer
      lxc-start 1428924388.947 DEBUG    lxc_console - using '/dev/tty' 
as console
      lxc-start 1428924388.947 DEBUG    lxc_console - 1587 got SIGWINCH 
fd 17
      lxc-start 1428924388.947 DEBUG    lxc_console - set winsz 
dstfd:14 cols:145 rows:58

      lxc-start 1428924388.947 INFO     lxc_start - 'test' is initialized

      lxc-start 1428924388.948 DEBUG    lxc_start - Not dropping 
cap_sys_boot or watching utmp
      lxc-start 1428924388.961 DEBUG    bdev - trying to mount 
'/dev/Pool/test'->'/usr/lib/x86_64-linux-gnu/lxc/rootfs' with fstype 'ext3'
      lxc-start 1428924388.971 INFO     bdev - mounted '/dev/Pool/test' 
on '/usr/lib/x86_64-linux-gnu/lxc/rootfs', with fstype 'ext3'
      lxc-start 1428924388.971 DEBUG    lxc_conf - mounted 
'/dev/Pool/test' on '/usr/lib/x86_64-linux-gnu/lxc/rootfs'
      lxc-start 1428924388.971 INFO     lxc_start - Set up container 
rootfs as host root
      lxc-start 1428924388.971 INFO     lxc_start - Cloning a new user 
namespace
      lxc-start 1428924388.971 INFO     lxc_cgroup - cgroup driver 
cgroupfs initing for test
      lxc-start 1428924388.983 NOTICE   lxc_start - switching to 
gid/uid 0 in new user namespace
      lxc-start 1428924388.984 DEBUG    bdev - trying to mount 
'/dev/Pool/test'->'/usr/lib/x86_64-linux-gnu/lxc/rootfs' with fstype 'ext3'
      lxc-start 1428924388.984 DEBUG    bdev - mount failed with error: 
Operation not permitted
      lxc-start 1428924388.984 DEBUG    bdev - trying to mount 
'/dev/Pool/test'->'/usr/lib/x86_64-linux-gnu/lxc/rootfs' with fstype 'ext2'
      lxc-start 1428924388.984 DEBUG    bdev - mount failed with error: 
Operation not permitted
      lxc-start 1428924388.984 DEBUG    bdev - trying to mount 
'/dev/Pool/test'->'/usr/lib/x86_64-linux-gnu/lxc/rootfs' with fstype 'ext4'
      lxc-start 1428924388.984 DEBUG    bdev - mount failed with error: 
Operation not permitted
      lxc-start 1428924388.984 ERROR    bdev - failed to determine fs 
type for '/dev/Pool/test'
      lxc-start 1428924388.985 DEBUG    lxc_conf - trying to mount 
'/dev/dm-7'->'/usr/lib/x86_64-linux-gnu/lxc/rootfs' with fstype 'ext3'
      lxc-start 1428924388.985 DEBUG    lxc_conf - mount failed with 
error: Operation not permitted
      lxc-start 1428924388.985 DEBUG    lxc_conf - trying to mount 
'/dev/dm-7'->'/usr/lib/x86_64-linux-gnu/lxc/rootfs' with fstype 'ext2'
      lxc-start 1428924388.985 DEBUG    lxc_conf - mount failed with 
error: Operation not permitted
      lxc-start 1428924388.985 DEBUG    lxc_conf - trying to mount 
'/dev/dm-7'->'/usr/lib/x86_64-linux-gnu/lxc/rootfs' with fstype 'ext4'
      lxc-start 1428924388.985 DEBUG    lxc_conf - mount failed with 
error: Operation not permitted
      lxc-start 1428924388.985 ERROR    lxc_conf - failed to determine 
fs type for '/dev/dm-7'

      lxc-start 1428924388.986 ERROR    lxc_conf - failed to mount rootfs

      lxc-start 1428924388.986 ERROR    lxc_conf - failed to setup 
rootfs for 'test'
      lxc-start 1428924388.987 ERROR    lxc_conf - Error setting up 
rootfs mount after spawn
      lxc-start 1428924388.988 ERROR    lxc_start - failed to setup the 
container
      lxc-start 1428924388.988 ERROR    lxc_sync - invalid sequence 
number 1. expected 2

      lxc-start 1428924388.989 ERROR    lxc_start - failed to spawn 'test'

      lxc-start 1428924388.989 WARN     lxc_conf - Failed to locate 
autodev /dev/.lxc and /dev/.lxc/user.
      lxc-start 1428924388.990 ERROR    lxc_start_ui - The container 
failed to start.
      lxc-start 1428924388.990 ERROR    lxc_start_ui - Additional 
information can be obtained by setting the --logfile and --logpriority 
options.



The problem seems to be that the subuid is not allowed to mount the 
rootfs. Naively, i thought that starting the container as root would 
avoid such a complication. It is the case at time 1428924388.971 but it 
begins to fail after switching to the new user namespace at time 
1428924388.983.


Thanks for help!
Xavier

Le 25/01/2015 01:11, Serge Hallyn a écrit :

Yes, unprivileged users cannot manipulate the lvm devices on the host.

You can still use user namespaces though.  I have a few containers on my main
server which do that.  They each run in a unique uid range, but are started by
root, so that they can use lvm (actually luks-encrypted lvm) backends.

Just add the lxc.id_map lines as per usual to containers which are owned by
root.  And make sure to allocate the ranges to root in /etc/sub[ug]id.

-serge

Quoting Andrea Masi ([email protected]):

The problem seems related to unprivileged containers that seems cannot work
with -B lvm.
Must we assume that lvm backed store (and maybe others) actually cannot
work with unprivileged containers?


2015-01-23 17:02 GMT+01:00 Andrea Masi <[email protected]>:


Hi,
I'm using lxc 1.0.6 on ubuntu 14.04.
I've no problems creating/running on dir backing store but when I use lvm
I cannot start containers getting these errors:

lxc-start 1422026234.562 ERROR    bdev - failed to determine fs type for
'/dev/lxc/lvm-cont'
lxc-start 1422026234.563 ERROR    lxc_conf - failed to determine fs type
for '/dev/dm-0'
lxc-start 1422026234.564 ERROR    lxc_conf - failed to mount rootfs
lxc-start 1422026234.564 ERROR    lxc_conf - failed to setup rootfs for
'lvm-cont'
lxc-start 1422026234.565 ERROR    lxc_conf - Error setting up rootfs mount
after spawn
lxc-start 1422026234.565 ERROR    lxc_start - failed to setup the container
lxc-start 1422026234.566 ERROR    lxc_sync - invalid sequence number 1.
expected 2
lxc-start 1422026234.566 ERROR    lxc_start - failed to spawn 'lvm-cont'
lxc-start 1422026234.574 ERROR    lxc_start_ui - The container failed to
start.
lxc-start 1422026234.575 ERROR    lxc_start_ui - Additional information
can be obtained by setting the --logfile and --logpriority options.

I've tried different template createds with -t download for example:
lxc-create -t download -n lvm-cont -B lvm -- -d ubuntu -r utopic -a amd64

I can manually mount with no problem /dev/lxc/lvm-cont

Any idea on what can it be wrong?

Thanks.

--
www.eraclitux.com





--
www.eraclitux.com



_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users


_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users


_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users





















					Reply via email to