Installing ubuntu-core snap inside a LXD container fails
Stéphane Graber
stephane.graber at canonical.com
Tue Jun 7 16:36:31 UTC 2016
On Wed, Jun 08, 2016 at 01:31:06AM +0900, Mark Shuttleworth wrote:
> On 07/06/16 23:14, Claudio André wrote:
> > 2016-06-07 9:37 GMT-03:00 Sujeevan (svij)
> > Vijayakumaran <svij at ubuntu.com <mailto:svij at ubuntu.com>>:
> >
> > > That's because snapd tickles the kernel in a way that blows[...]
> >
> >
> > That is interesting. Where I can find more about the 'tickles'? My
> > motivation:
> > - I'm seeing closed source software behaves badly, e.g, AMD software
> > prints.
> >
> > Internal Error: as failed
> > Codegen phase failed compilation.
> >
> > If I know what the 'tickles' mean, I might be able to do something.
> > Thanks.
>
> I think it has to do with nesting kernel structures related to security
> (LXD sets those up, then snapd wants to tweak them again), but a much
> clearer answer would come from Stephane cc'd.
>
> Mark
Hi,
Containers cannot mount squashfs file systems, or setup loop mounts or
setup apparmor profiles. All of which are required to get a snap
running.
All of the above are blocked by the kernel as unsafe to use by an
unprivileged user (which you are in a LXD container).
My team is actively working on some kernel changes and some changes to
snapd itself to allow this to work in the near future.
Stéphane
>
>
> >
> > 2016-06-07 8:41 GMT-03:00 Sujeevan (svij) Vijayakumaran
> > <svij at ubuntu.com <mailto:svij at ubuntu.com>>:
> >
> > Hello!
> >
> > I'm trying to install a snap inside a freshly created LXD container,
> > which isn't possible:
> >
> > -----
> > ubuntu at snap-test:~$ sudo snap install
> > taskwarrior_2.5.1-snap0_amd64.snap
> > 64.75 MB / 64.75 MB
> > [========================================================================]
> > 100.00 % 5.38 MB/s
> >
> > error: cannot perform the following tasks:
> > - Mount snap "ubuntu-core" ([start snap-ubuntu\x2dcore-122.mount]
> > failed
> > with exit status 1: Job for snap-ubuntu\x2dcore-122.mount failed. See
> > "systemctl status "snap-ubuntu\\x2dcore-122.mount"" and
> > "journalctl -xe"
> > for details.
> > )
> > ubuntu at snap-test:~$ systemctl status "snap-ubuntu\\x2dcore-122.mount"
> > ● snap-ubuntu\x2dcore-122.mount - Squashfs mount unit for ubuntu-core
> > Loaded: loaded (/etc/systemd/system/snap-ubuntu\x2dcore-122.mount;
> > enabled; vendor preset: enabled)
> > Active: failed (Result: exit-code) since Tue 2016-06-07
> > 11:32:13 UTC;
> > 16s ago
> > Where: /snap/ubuntu-core/122
> > What: /var/lib/snapd/snaps/ubuntu-core_122.snap
> > Process: 8584 ExecMount=/bin/mount
> > /var/lib/snapd/snaps/ubuntu-core_122.snap /snap/ubuntu-core/122
> > (code=exited, status=32)
> >
> > Jun 07 11:32:13 snap-test systemd[1]: Mounting Squashfs mount unit for
> > ubuntu-core...
> > Jun 07 11:32:13 snap-test mount[8584]: mount: /snap/ubuntu-core/122:
> > mount failed: Unknown error -1
> > Jun 07 11:32:13 snap-test systemd[1]: snap-ubuntu\x2dcore-122.mount:
> > Mount process exited, code=exited status=32
> > Jun 07 11:32:13 snap-test systemd[1]: Failed to mount Squashfs mount
> > unit for ubuntu-core.
> > Jun 07 11:32:13 snap-test systemd[1]: snap-ubuntu\x2dcore-122.mount:
> > Unit entered failed state.
> > ------
> >
> > It works fine if it's not inside a LXD container. Is this an issue
> > with
> > LXD or with snapd or am I missing something?
> >
> > Also: Why is there an "ugly" \x2d (which seems to be a hypen-minus) in
> > the systemd-file rather than a "normal" minus?
> >
> > Cheers,
> > Sujeevan
> >
> > --
> > Snapcraft mailing list
> > Snapcraft at lists.ubuntu.com <mailto:Snapcraft at lists.ubuntu.com>
> > Modify settings or unsubscribe at:
> > https://lists.ubuntu.com/mailman/listinfo/snapcraft
> >
> >
> >
> >
>
--
Stéphane Graber
Ubuntu developer
http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/snapcraft/attachments/20160607/9bddf165/attachment.sig>
More information about the Snapcraft
mailing list