[Bug 1533833] Re: unprivileged lxc containers won't start, need to put sessions into "pids" cgroup controller
Bas Zoetekouw
bas at debian.org
Mon Feb 15 10:15:34 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi Martin,
On 11-02-16 10:24, Martin Pitt wrote:
> Bas, any chance to test the update in -proposed so that we can
> release that?
I'll try to test it later this week, if that's ok.
Best regards,
Bas.
- --
And what shoulder and what art
Could twist the sinews of thy heart?
And when thy heart began to beat
What dread hand and what dread feet?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWwaVGAAoJENGDpRe/qY3m3hEP/Rl0oDvDYBiVQLr8L0ziSW4B
CC19e9WaR76hhtuKnPpARqY9KteOeIOfJ2JC37DoAIi39k6I3ze5r61KGqxmB72W
Kgajvjy3AcqzWOxEAZC5wEJX9wMI/cT8vSgtUjhQT8TIsTKsGCXXDzBlICzQ51eU
CfkFtDJPrTJtkxS/IewomwvQwEy+vYM9sdBAVt/eEeBB2h0V0oNlD5k41p5p80ll
1Go9C9b0KHN0fWmkrjcT69b0GJG94/tsLbP/vMCsOpcH9f1RiLz02ruBSeNsrB8s
OUD9xi+hbB55Qvg3dtHjD0InqOn2eOxp+UOoeIwr4IbOP15IenK/7wLVQAvzi0yO
GysISesys69zRAAWOEpFHyHb/YX9DBlnRcEO+cRCRXCDV8mod4Y/CUWFPMk37Plv
+HCJhl3dlf8eZc3YKXOSCfL70ue25JXo/s+/KKoAai4cQyuWzGZ1cMk4RGQRjnhT
26WL2pOAnB02UqmVTcO4xRx452AFVZbOG0+qi1CdzvTc1zlgRYQrGZPzz2h2fsA3
/+iZzMfcd1N45kr/UMavslhWgkye6wJ5hRJdyMG+n6lyNo3oqGMLyvTuC5v8xVbV
m5UaHDULX3NDkk9d1joMsw02qzTuMIZuPdlzTHPr/VPpw15B0b+x4gzHbOxPsACx
DKLdRCkiKPUEkXMY2Fbl
=oRTc
-----END PGP SIGNATURE-----
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1533833
Title:
unprivileged lxc containers won't start, need to put sessions into
"pids" cgroup controller
Status in lxc package in Ubuntu:
Fix Released
Status in systemd package in Ubuntu:
Fix Released
Status in lxc source package in Wily:
New
Status in systemd source package in Wily:
Fix Committed
Bug description:
I'n trying to get (unpriviliged) lxc containers to run on wily. I
create a container like this:
> lxc-create -t download -n u1 -- -d ubuntu -r wily -a amd64
that works. However, starting the container fails:
> lxc-start -n u1
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 346 To get more details, run the container in foreground mode.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
Setting the log priority to debug shows the following (relevant part
only):
lxc-start 1452717530.484 INFO lxc_start - start.c:lxc_init:474 - 'u1' is initialized
lxc-start 1452717530.484 DEBUG lxc_start - start.c:__lxc_start:1186 - Not dropping cap_sys_boot or watching utmp
lxc-start 1452717530.484 INFO lxc_start - start.c:resolve_clone_flags:883 - Cloning a new user namespace
lxc-start 1452717530.484 INFO lxc_cgroup - cgroup.c:cgroup_init:65 - cgroup driver cgmanager initing for u1
lxc-start 1452717530.489 ERROR lxc_cgmanager - cgmanager.c:lxc_cgmanager_enter:698 - call to cgmanager_move_pid_sync failed: invalid request
lxc-start: cgmanager.c: lxc_cgmanager_enter: 698 call to cgmanager_move_pid_sync failed: invalid request
lxc-start 1452717530.490 ERROR lxc_start - start.c:__lxc_start:1213 - failed to spawn 'u1'
lxc-start: start.c: __lxc_start: 1213 failed to spawn 'u1'
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.c:main:344 - The container failed to start.
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
lxc-start 1452717530.484 INFO lxc_start - start.c:lxc_init:474 - 'u1' is initialized
lxc-start 1452717530.484 DEBUG lxc_start - start.c:__lxc_start:1186 - Not dropping cap_sys_boot or watching utmp
lxc-start 1452717530.484 INFO lxc_start - start.c:resolve_clone_flags:883 - Cloning a new user namespace
lxc-start 1452717530.484 INFO lxc_cgroup - cgroup.c:cgroup_init:65 - cgroup driver cgmanager initing for u1
lxc-start 1452717530.489 ERROR lxc_cgmanager - cgmanager.c:lxc_cgmanager_enter:698 - call to cgmanager_move_pid_sync failed: invalid request
lxc-start: cgmanager.c: lxc_cgmanager_enter: 698 call to cgmanager_move_pid_sync failed: invalid request
lxc-start 1452717530.490 ERROR lxc_start - start.c:__lxc_start:1213 - failed to spawn 'u1'
lxc-start: start.c: __lxc_start: 1213 failed to spawn 'u1'
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.c:main:344 - The container failed to start.
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
So it seems a cgmanager issue. Syslog shows:
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager:do_create_main: pid 25615 (uid 1000 gid 1000) may not create under /run/cgmanager/fs/pids
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager: Invalid path /run/cgmanager/fs/pids/lxc/u1
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager:per_ctrl_move_pid_main: Invalid path /run/cgmanager/fs/pids/lxc/u1
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager:do_create_main: pid 25632 (uid 1000 gid 1000) may not create under /run/cgmanager/fs/pids
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager: Invalid path /run/cgmanager/fs/pids/lxc/u1
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager:per_ctrl_move_pid_main: Invalid path /run/cgmanager/fs/pids/lxc/u1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1533833/+subscriptions
More information about the foundations-bugs
mailing list