Thanks for verifying. What is happening is actually vaguely explained
in the mountcgroup hook itself, and is an unfortunate side effect of a
somewhat recent kernel change:
cd /sys/fs/cgroup/devices
sudo mkdir a
echo a | sudo tee -a a/devices.deny # succeeds
sudo mkdir -p b/c
echo a | sudo tee -a b/devices.deny # fails
If a devices cgroup has any child cgroups, then you can no longer make
certain changes to it.
Marking this confirmed and changing the title to reflect that the
comments in /usr/share/lxc/config/ubuntu.common.conf need to be changed.
** Changed in: lxc
Status: Incomplete => Triaged
** Also affects: lxc (Ubuntu)
Importance: Undecided
Status: New
** Also affects: lxc (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: lxc (Ubuntu)
Status: New => Triaged
** Changed in: lxc (Ubuntu Trusty)
Status: New => Triaged
** Changed in: lxc (Ubuntu Trusty)
Importance: Undecided => High
** Changed in: lxc (Ubuntu)
Importance: Undecided => High
** Summary changed:
- Error setting cgroup devices.deny limit with nested lxc container
+ comments in common.conf must be updated
** Changed in: lxc
Assignee: (unassigned) => Serge Hallyn (serge-hallyn)
** Changed in: lxc
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1342960
Title:
comments in common.conf must be updated
To manage notifications about this bug go to:
https://bugs.launchpad.net/lxc/+bug/1342960/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
