Re: [lxc-users] Problem starting trusty container on 16.04

Mike Bernson Tue, 31 May 2016 08:10:12 -0700


On 05/30/2016 11:51 PM, Fajar A. Nugraha wrote:

On Tue, May 31, 2016 at 8:31 AM, Mike Bernson <[email protected] 
<mailto:[email protected]>> wrote:

    I have create a 16.04 container on 16.04 as unprivileged container and it 
works.

    I then tried to create 14.04 container on 16.04 as unprivileged container 
and it does not get
    to the login prompt.

    If create 14.04 container privileged and start it that works.


    I have done everything as root.


    root@mike-desktop:/var/lib/lxc/lxc-1404# cat /etc/subuid
    mike:100000:65536
    root:2000000:2000001
    root@mike-desktop:/var/lib/lxc/lxc-1404# cat /etc/subgid
    mike:100000:65536
    root:2000000:2000001


     lxc-create -n lxc-1404 -t download -- -d ubuntu -r trusty -a amd64
     lxc-start -n lxc-1404
     lxc-attach -n lxc-1404


Do you do this as root too?

yes

Since you say "unprivileged", either:
- you run it as user (not root), or

I did everything as root.

- you customize it (e.g. shift uids manually)

I add lxc.id_map into the /etc/lxc/defaut.conf before making the container
and it create rootfs shifted.


    config file:

    # Container specific configuration
    lxc.id_map = u 0 3100000 65536
    lxc.id_map = g 0 3100000 65536


That is different from the lines in your /etc/sub[ug]id

It CAN work (since you have such large uid range allocated to root), but you 
need to make sure your rootfs use the same uids.

    root@lxc-1404:/# ps -ax
      PID TTY      STAT   TIME COMMAND
        1 ?        Ss     0:00 /sbin/init
       38 ?        S      0:00 @sbin/plymouthd --mode=boot --attach-to-session
       45 ?        Ss     0:00 plymouth-upstart-bridge
       49 ?        S      0:00 mountall --daemon
      628 ?        S      0:00 upstart-socket-bridge --daemon
     1493 pts/6    Ss     0:00 /bin/bash
     1504 pts/6    R+     0:00 ps -ax



IIRC similar thing occured to me a while ago. Wrong uids in rootfs. Try
- ls -la /var/lib/lxc/lxc-1404/rootfs (on the host)

root@mike-desktop:/var/lib/lxc/lxc-1404#  ls -la /var/lib/lxc/lxc-1404/rootfs
total 155
drwxr-xr-x 21 3100000 3100000  21 May 29 23:55 .
drwxrwx---  3 3100000 3100000   4 May 30 21:14 ..
drwxr-xr-x  2 3100000 3100000 120 May 29 23:56 bin
drwxr-xr-x  2 3100000 3100000   2 Apr 10  2014 boot
drwxr-xr-x  3 3100000 3100000  10 May 29 23:54 dev
drwxr-xr-x 63 3100000 3100000 128 May 31 10:53 etc
drwxr-xr-x  3 3100000 3100000   3 May 29 23:56 home
drwxr-xr-x 12 3100000 3100000  13 May 29 23:56 lib
drwxr-xr-x  2 3100000 3100000   3 May 29 23:55 lib64
drwxr-xr-x  2 3100000 3100000   2 May 29 23:54 media
drwxr-xr-x  2 3100000 3100000   2 Apr 10  2014 mnt
drwxr-xr-x  2 3100000 3100000   2 May 29 23:54 opt
drwxr-xr-x  2 3100000 3100000   2 Apr 10  2014 proc
drwx------  2 3100000 3100000   5 May 30 21:20 root
drwxr-xr-x  8 3100000 3100000  11 May 30 21:15 run
drwxr-xr-x  2 3100000 3100000 127 May 29 23:56 sbin
drwxr-xr-x  2 3100000 3100000   2 May 29 23:54 srv
drwxr-xr-x  2 3100000 3100000   2 Mar 12  2014 sys
drwxrwxrwt  2 3100000 3100000   2 May 29 23:56 tmp
drwxr-xr-x 10 3100000 3100000  10 May 29 23:54 usr
drwxr-xr-x 11 3100000 3100000  13 May 29 23:54 var

- ls -la / (inside the container)

root@lxc-1404:/# ls -la /
total 137
drwxr-xr-x   21 root   root     21 May 30 03:55 .
drwxr-xr-x   21 root   root     21 May 30 03:55 ..
drwxr-xr-x    2 root   root    120 May 30 03:56 bin
drwxr-xr-x    2 root   root      2 Apr 10  2014 boot
drwxr-xr-x    6 root   root    500 May 31 14:57 dev
drwxr-xr-x   63 root   root    128 May 31 14:57 etc
drwxr-xr-x    3 root   root      3 May 30 03:56 home
drwxr-xr-x   12 root   root     13 May 30 03:56 lib
drwxr-xr-x    2 root   root      3 May 30 03:55 lib64
drwxr-xr-x    2 root   root      2 May 30 03:54 media
drwxr-xr-x    2 root   root      2 Apr 10  2014 mnt
drwxr-xr-x    2 root   root      2 May 30 03:54 opt
dr-xr-xr-x 1038 nobody nogroup   0 May 31 14:57 proc
drwx------    2 root   root      5 May 31 01:20 root
drwxr-xr-x    8 root   root    240 May 31 14:57 run
drwxr-xr-x    2 root   root    127 May 30 03:56 sbin
drwxr-xr-x    2 root   root      2 May 30 03:54 srv
dr-xr-xr-x   13 nobody nogroup   0 May 30 01:33 sys
drwxrwxrwt    2 root   root      2 May 30 03:56 tmp
drwxr-xr-x   10 root   root     10 May 30 03:54 usr
drwxr-xr-x   11 root   root     13 May 30 03:54 var


If you need to shift uids manually, use fuidshift from lxd-tools package

--
Fajar


_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users

_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] Problem starting trusty container on 16.04

Reply via email to