I started experimenting with lxc on Ubuntu 14.04 early August, and I was fairly successful in getting lxc installed, started, cloned and all that.
However, today, I found out that I was not able to start any of my unprivildged containers anymore. The strange thing is that /proc mounts fine, but /sys is not fine. They look identical on my host system:
/dev/mapper/pe110--vg-root on / type ext4 (rw,errors=remount-ro)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /sys/fs/cgroup type tmpfs (rw)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
none on /sys/firmware/efi/efivars type efivarfs (rw)
udev on /dev type devtmpfs (rw,mode=0755)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)
none on /run/shm type tmpfs (rw,nosuid,nodev)
none on /run/user type tmpfs (rw,noexec,nosuid,nodev,size=104857600,mode=0755)
none on /sys/fs/pstore type pstore (rw)
/dev/sda2 on /boot type ext2 (rw)
/dev/sda1 on /boot/efi type vfat (rw)
systemd on /sys/fs/cgroup/systemd type cgroup (rw,noexec,nosuid,nodev,none,name=systemd)
I decided to build a new one, and it cannot be started either using standard command.
Here is the command I used to create the container:
lxc-create -t download -n new1 -- -d ubuntu -r trusty -a amd64
And I tried to start it with the following command:
lxc-start -n new1 --logfile new1log --logpriority DEBUG
and here is the output of new1log:
lxc-start 1441147653.986 INFO lxc_start_ui - lxc_start.c:main:265 - using rcfile /home/user/.local/share/lxc/new1/config
lxc-start 1441147653.987 INFO lxc_confile - confile.c:config_idmap:1325 - read uid map: type u nsid 0 hostid 100000 range 1000000
lxc-start 1441147653.987 INFO lxc_confile - confile.c:config_idmap:1325 - read uid map: type g nsid 0 hostid 100000 range 1000000
lxc-start 1441147653.987 WARN lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized
lxc-start 1441147653.988 WARN lxc_cgmanager - cgmanager.c:cgm_get:954 - do_cgm_get exited with error
lxc-start 1441147653.988 INFO lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/2' (5/6)
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/3' (7/8)
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/5' (9/10)
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/6' (11/12)
lxc-start 1441147653.989 INFO lxc_conf - conf.c:lxc_create_tty:3676 - tty's configured
lxc-start 1441147653.989 DEBUG lxc_start - start.c:setup_signal_fd:247 - sigchild handler set
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_peer_default:500 - opening /dev/tty for console peer
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_peer_default:506 - using '/dev/tty' as console
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_sigwinch_init:179 - 5239 got SIGWINCH fd 17
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_winsz:88 - set winsz dstfd:14 cols:182 rows:55
lxc-start 1441147654.163 INFO lxc_start - start.c:lxc_init:443 - 'new1' is initialized
lxc-start 1441147654.163 DEBUG lxc_start - start.c:__lxc_start:1058 - Not dropping cap_sys_boot or watching utmp
lxc-start 1441147654.163 INFO lxc_start - start.c:lxc_spawn:802 - Cloning a new user namespace
lxc-start 1441147654.163 INFO lxc_cgroup - cgroup.c:cgroup_init:62 - cgroup driver cgmanager initing for new1
lxc-start 1441147662.268 NOTICE lxc_start - start.c:do_start:656 - switching to gid/uid 0 in new user namespace
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:setup_rootfs:1611 - mounted '/home/user/.local/share/lxc/new1/rootfs' on '/usr/lib/x86_64-linux-gnu/lxc'
lxc-start 1441147662.270 INFO lxc_conf - conf.c:setup_utsname:900 - 'new1' hostname has been setup
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:setup_netdev:2784 - 'eth0' has been setup
lxc-start 1441147662.270 INFO lxc_conf - conf.c:setup_network:2805 - network has been setup
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:check_autodev:3906 - Set exec command to /sbin/init
lxc-start 1441147662.270 INFO lxc_conf - conf.c:check_autodev:3944 - Autodev not required.
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:mount_entry:2106 - mounted 'proc' on '/usr/lib/x86_64-linux-gnu/lxc/proc', type 'proc'
lxc-start 1441147662.271 ERROR lxc_conf - conf.c:mount_entry:2049 - Operation not permitted - failed to mount 'sysfs' on '/usr/lib/x86_64-linux-gnu/lxc/sys'
lxc-start 1441147662.271 ERROR lxc_conf - conf.c:lxc_setup:4163 - failed to setup the mount entries for 'new1'
lxc-start 1441147662.271 ERROR lxc_start - start.c:do_start:688 - failed to setup the container
lxc-start 1441147662.271 ERROR lxc_sync - sync.c:__sync_wait:51 - invalid sequence number 1. expected 2
lxc-start 1441147662.302 ERROR lxc_start - start.c:__lxc_start:1080 - failed to spawn 'new1'
lxc-start 1441147662.309 ERROR lxc_start_ui - lxc_start.c:main:342 - The container failed to start.
lxc-start 1441147662.309 ERROR lxc_start_ui - lxc_start.c:main:346 - Additional information can be obtained by setting the --logfile and --logpriority options.
lxc-start 1441147653.987 INFO lxc_confile - confile.c:config_idmap:1325 - read uid map: type u nsid 0 hostid 100000 range 1000000
lxc-start 1441147653.987 INFO lxc_confile - confile.c:config_idmap:1325 - read uid map: type g nsid 0 hostid 100000 range 1000000
lxc-start 1441147653.987 WARN lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized
lxc-start 1441147653.988 WARN lxc_cgmanager - cgmanager.c:cgm_get:954 - do_cgm_get exited with error
lxc-start 1441147653.988 INFO lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/2' (5/6)
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/3' (7/8)
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/5' (9/10)
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/6' (11/12)
lxc-start 1441147653.989 INFO lxc_conf - conf.c:lxc_create_tty:3676 - tty's configured
lxc-start 1441147653.989 DEBUG lxc_start - start.c:setup_signal_fd:247 - sigchild handler set
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_peer_default:500 - opening /dev/tty for console peer
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_peer_default:506 - using '/dev/tty' as console
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_sigwinch_init:179 - 5239 got SIGWINCH fd 17
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_winsz:88 - set winsz dstfd:14 cols:182 rows:55
lxc-start 1441147654.163 INFO lxc_start - start.c:lxc_init:443 - 'new1' is initialized
lxc-start 1441147654.163 DEBUG lxc_start - start.c:__lxc_start:1058 - Not dropping cap_sys_boot or watching utmp
lxc-start 1441147654.163 INFO lxc_start - start.c:lxc_spawn:802 - Cloning a new user namespace
lxc-start 1441147654.163 INFO lxc_cgroup - cgroup.c:cgroup_init:62 - cgroup driver cgmanager initing for new1
lxc-start 1441147662.268 NOTICE lxc_start - start.c:do_start:656 - switching to gid/uid 0 in new user namespace
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:setup_rootfs:1611 - mounted '/home/user/.local/share/lxc/new1/rootfs' on '/usr/lib/x86_64-linux-gnu/lxc'
lxc-start 1441147662.270 INFO lxc_conf - conf.c:setup_utsname:900 - 'new1' hostname has been setup
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:setup_netdev:2784 - 'eth0' has been setup
lxc-start 1441147662.270 INFO lxc_conf - conf.c:setup_network:2805 - network has been setup
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:check_autodev:3906 - Set exec command to /sbin/init
lxc-start 1441147662.270 INFO lxc_conf - conf.c:check_autodev:3944 - Autodev not required.
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:mount_entry:2106 - mounted 'proc' on '/usr/lib/x86_64-linux-gnu/lxc/proc', type 'proc'
lxc-start 1441147662.271 ERROR lxc_conf - conf.c:mount_entry:2049 - Operation not permitted - failed to mount 'sysfs' on '/usr/lib/x86_64-linux-gnu/lxc/sys'
lxc-start 1441147662.271 ERROR lxc_conf - conf.c:lxc_setup:4163 - failed to setup the mount entries for 'new1'
lxc-start 1441147662.271 ERROR lxc_start - start.c:do_start:688 - failed to setup the container
lxc-start 1441147662.271 ERROR lxc_sync - sync.c:__sync_wait:51 - invalid sequence number 1. expected 2
lxc-start 1441147662.302 ERROR lxc_start - start.c:__lxc_start:1080 - failed to spawn 'new1'
lxc-start 1441147662.309 ERROR lxc_start_ui - lxc_start.c:main:342 - The container failed to start.
lxc-start 1441147662.309 ERROR lxc_start_ui - lxc_start.c:main:346 - Additional information can be obtained by setting the --logfile and --logpriority options.
Any ideas?
LC
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
