Thanks, Stephen, culprit found. The systemd cgroup was yours - until you did a sudo.
For now you can work around this by commenting out the libpam-cgfs line from /etc/pam.d/common-session-noninteractive. Then re-chown your current systemd cgroup to yourself or log back in. I'm not yet sure whether the proper fix will be to 1. remove the line from noninteractive, 2. have libpam-cgfs check for user-$loginuid.slice in the current systemd cgroup, and create a new one if it doesn't match 3. just add another libpam-cgfs argument to say whether to create a new systemd cgroup, and have it not do so for noninteractive. ** Changed in: lxc (Ubuntu) Importance: Undecided => High ** Also affects: lxcfs (Ubuntu) Importance: Undecided Status: New ** Changed in: lxcfs (Ubuntu) Importance: Undecided => High ** Changed in: lxcfs (Ubuntu) Status: New => Triaged ** Changed in: lxc (Ubuntu) Status: Confirmed => Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1556447 Title: lxc-start fails: lxc_cgfsng - cgfsng.c:all_controllers_found:430 - no systemd controller mountpoint found Status in lxc package in Ubuntu: Triaged Status in lxcfs package in Ubuntu: Triaged Bug description: On Ubuntu Xenial pre-release, I see the following, so can't start a container: [swarren@sprint ~]$ lxc-create -t download -n t2 -- -d ubuntu -r trusty -a amd64 Using image from local cache Unpacking the rootfs --- You just created an Ubuntu container (release=trusty, arch=amd64, variant=default) To enable sshd, run: apt-get install openssh-server For security reason, container images ship without user accounts and without a root password. Use lxc-attach or chroot directly into the rootfs to set a root password or create user accounts. swarren@sprint ~]$ lxc-start -n t2 -d lxc-start: lxc_start.c: main: 344 The container failed to start. lxc-start: lxc_start.c: main: 346 To get more details, run the container in foreground mode. lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options. [swarren@sprint ~]$ lxc-start -n t2 -d -o /dev/stdout -l debug -F lxc-start 20160312101415.704 INFO lxc_start_ui - lxc_start.c:main:264 - using rcfile /home/swarren/.local/share/lxc/t2/config lxc-start 20160312101415.705 WARN lxc_confile - confile.c:config_pivotdir:1859 - lxc.pivotdir is ignored. It will soon become an error. lxc-start 20160312101415.705 INFO lxc_confile - confile.c:config_idmap:1495 - read uid map: type u nsid 0 hostid 100000 range 65536 lxc-start 20160312101415.705 INFO lxc_confile - confile.c:config_idmap:1495 - read uid map: type g nsid 0 hostid 100000 range 65536 lxc-start 20160312101415.707 INFO lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .reject_force_umount # comment this to allow umount -f; not recommended. lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for reject_force_umount action 0 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force umounts lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for reject_force_umount action 0 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force umounts lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .[all]. lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1. lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for kexec_load action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for kexec_load action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1. lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for open_by_handle_at action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for open_by_handle_at action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .init_module errno 1. lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for init_module action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for init_module action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1. lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for finit_module action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for finit_module action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1. lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for delete_module action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for delete_module action 327681 lxc-start 20160312101415.708 INFO lxc_seccomp - seccomp.c:parse_config_v2:456 - Merging in the compat seccomp ctx into the main one lxc-start 20160312101415.708 DEBUG lxc_start - start.c:setup_signal_fd:289 - sigchild handler set lxc-start 20160312101415.708 DEBUG lxc_console - console.c:lxc_console_peer_default:437 - opening /dev/tty for console peer lxc-start 20160312101415.708 INFO lxc_caps - caps.c:lxc_caps_up:101 - Last supported cap was 36 lxc-start 20160312101415.708 DEBUG lxc_console - console.c:lxc_console_peer_default:443 - using '/dev/tty' as console lxc-start 20160312101415.708 DEBUG lxc_console - console.c:lxc_console_sigwinch_init:142 - 3200 got SIGWINCH fd 9 lxc-start 20160312101415.708 DEBUG lxc_console - console.c:lxc_console_winsz:72 - set winsz dstfd:6 cols:347 rows:93 lxc-start 20160312101415.770 INFO lxc_start - start.c:lxc_init:488 - 't2' is initialized lxc-start 20160312101415.771 DEBUG lxc_start - start.c:__lxc_start:1259 - Not dropping cap_sys_boot or watching utmp lxc-start 20160312101415.771 INFO lxc_start - start.c:resolve_clone_flags:956 - Cloning a new user namespace lxc-start 20160312101415.771 INFO lxc_cgroup - cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for t2 lxc-start 20160312101415.771 ERROR lxc_cgfsng - cgfsng.c:all_controllers_found:430 - no systemd controller mountpoint found lxc-start: cgfsng.c: all_controllers_found: 430 no systemd controller mountpoint found lxc-start 20160312101415.771 ERROR lxc_start - start.c:lxc_spawn:1036 - failed initializing cgroup support lxc-start: start.c: lxc_spawn: 1036 failed initializing cgroup support lxc-start 20160312101415.771 ERROR lxc_start - start.c:__lxc_start:1286 - failed to spawn 't2' lxc-start: start.c: __lxc_start: 1286 failed to spawn 't2' lxc-start 20160312101415.771 INFO lxc_conf - conf.c:run_script_argv:367 - Executing script '/usr/share/lxcfs/lxc.reboot.hook' for container 't2', config section 'lxc' lxc-start 20160312101416.276 ERROR lxc_start_ui - lxc_start.c:main:344 - The container failed to start. lxc-start: lxc_start.c: main: 344 The container failed to start. lxc-start 20160312101416.276 ERROR lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options. lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: lxc 2.0.0~rc10-0ubuntu2 ProcVersionSignature: Ubuntu 4.4.0-12.28-generic 4.4.4 Uname: Linux 4.4.0-12-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia_modeset nvidia ApportVersion: 2.20-0ubuntu3 Architecture: amd64 CurrentDesktop: XFCE Date: Sat Mar 12 10:14:22 2016 InstallationDate: Installed on 2016-03-03 (9 days ago) InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Alpha amd64 (20160122.2) PackageArchitecture: all SourcePackage: lxc UpgradeStatus: No upgrade log present (probably fresh install) defaults.conf: lxc.network.type = veth lxc.network.link = lxcbr0 lxc.network.flags = up lxc.network.hwaddr = 00:16:3e:xx:xx:xx To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1556447/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp