<html><head></head><body><div style="font-family: Verdana;font-size: 12.0px;"><div>I started experimenting with lxc on Ubuntu 14.04 early August, and I was fairly successful in getting lxc installed, started, cloned and all that.</div>
<div><br/>
However, today, I found out that I was not able to start any of my unprivildged containers anymore. The strange thing is that /proc mounts fine, but /sys is not fine. They look identical on my host system:</div>
<div><br/>
/dev/mapper/pe110--vg-root on / type ext4 (rw,errors=remount-ro)<br/>
proc on /proc type proc (rw,noexec,nosuid,nodev)<br/>
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)<br/>
none on /sys/fs/cgroup type tmpfs (rw)<br/>
none on /sys/fs/fuse/connections type fusectl (rw)<br/>
none on /sys/kernel/debug type debugfs (rw)<br/>
none on /sys/kernel/security type securityfs (rw)<br/>
none on /sys/firmware/efi/efivars type efivarfs (rw)<br/>
udev on /dev type devtmpfs (rw,mode=0755)<br/>
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)<br/>
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)<br/>
none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)<br/>
none on /run/shm type tmpfs (rw,nosuid,nodev)<br/>
none on /run/user type tmpfs (rw,noexec,nosuid,nodev,size=104857600,mode=0755)<br/>
none on /sys/fs/pstore type pstore (rw)<br/>
/dev/sda2 on /boot type ext2 (rw)<br/>
/dev/sda1 on /boot/efi type vfat (rw)<br/>
systemd on /sys/fs/cgroup/systemd type cgroup (rw,noexec,nosuid,nodev,none,name=systemd)</div>
<div> </div>
<div>I decided to build a new one, and it cannot be started either using standard command.</div>
<div> </div>
<div>Here is the command I used to create the container:</div>
<div>
<div>lxc-create -t download -n new1 -- -d ubuntu -r trusty -a amd64</div>
<div> </div>
<div>And I tried to start it with the following command:</div>
<div> </div>
<div>lxc-start -n new1 --logfile new1log --logpriority DEBUG</div>
<div> </div>
<div>and here is the output of new1log:</div>
<div> </div>
<div> lxc-start 1441147653.986 INFO lxc_start_ui - lxc_start.c:main:265 - using rcfile /home/user/.local/share/lxc/new1/config<br/>
lxc-start 1441147653.987 INFO lxc_confile - confile.c:config_idmap:1325 - read uid map: type u nsid 0 hostid 100000 range 1000000<br/>
lxc-start 1441147653.987 INFO lxc_confile - confile.c:config_idmap:1325 - read uid map: type g nsid 0 hostid 100000 range 1000000<br/>
lxc-start 1441147653.987 WARN lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized<br/>
lxc-start 1441147653.988 WARN lxc_cgmanager - cgmanager.c:cgm_get:954 - do_cgm_get exited with error<br/>
lxc-start 1441147653.988 INFO lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor<br/>
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/2' (5/6)<br/>
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/3' (7/8)<br/>
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/5' (9/10)<br/>
lxc-start 1441147653.989 DEBUG lxc_conf - conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/6' (11/12)<br/>
lxc-start 1441147653.989 INFO lxc_conf - conf.c:lxc_create_tty:3676 - tty's configured<br/>
lxc-start 1441147653.989 DEBUG lxc_start - start.c:setup_signal_fd:247 - sigchild handler set<br/>
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_peer_default:500 - opening /dev/tty for console peer<br/>
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_peer_default:506 - using '/dev/tty' as console<br/>
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_sigwinch_init:179 - 5239 got SIGWINCH fd 17<br/>
lxc-start 1441147653.989 DEBUG lxc_console - console.c:lxc_console_winsz:88 - set winsz dstfd:14 cols:182 rows:55<br/>
lxc-start 1441147654.163 INFO lxc_start - start.c:lxc_init:443 - 'new1' is initialized<br/>
lxc-start 1441147654.163 DEBUG lxc_start - start.c:__lxc_start:1058 - Not dropping cap_sys_boot or watching utmp<br/>
lxc-start 1441147654.163 INFO lxc_start - start.c:lxc_spawn:802 - Cloning a new user namespace<br/>
lxc-start 1441147654.163 INFO lxc_cgroup - cgroup.c:cgroup_init:62 - cgroup driver cgmanager initing for new1<br/>
lxc-start 1441147662.268 NOTICE lxc_start - start.c:do_start:656 - switching to gid/uid 0 in new user namespace<br/>
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:setup_rootfs:1611 - mounted '/home/user/.local/share/lxc/new1/rootfs' on '/usr/lib/x86_64-linux-gnu/lxc'<br/>
lxc-start 1441147662.270 INFO lxc_conf - conf.c:setup_utsname:900 - 'new1' hostname has been setup<br/>
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:setup_netdev:2784 - 'eth0' has been setup<br/>
lxc-start 1441147662.270 INFO lxc_conf - conf.c:setup_network:2805 - network has been setup<br/>
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:check_autodev:3906 - Set exec command to /sbin/init<br/>
lxc-start 1441147662.270 INFO lxc_conf - conf.c:check_autodev:3944 - Autodev not required.<br/>
lxc-start 1441147662.270 DEBUG lxc_conf - conf.c:mount_entry:2106 - mounted 'proc' on '/usr/lib/x86_64-linux-gnu/lxc/proc', type 'proc'<br/>
lxc-start 1441147662.271 ERROR lxc_conf - conf.c:mount_entry:2049 - Operation not permitted - failed to mount 'sysfs' on '/usr/lib/x86_64-linux-gnu/lxc/sys'<br/>
lxc-start 1441147662.271 ERROR lxc_conf - conf.c:lxc_setup:4163 - failed to setup the mount entries for 'new1'<br/>
lxc-start 1441147662.271 ERROR lxc_start - start.c:do_start:688 - failed to setup the container<br/>
lxc-start 1441147662.271 ERROR lxc_sync - sync.c:__sync_wait:51 - invalid sequence number 1. expected 2<br/>
lxc-start 1441147662.302 ERROR lxc_start - start.c:__lxc_start:1080 - failed to spawn 'new1'<br/>
lxc-start 1441147662.309 ERROR lxc_start_ui - lxc_start.c:main:342 - The container failed to start.<br/>
lxc-start 1441147662.309 ERROR lxc_start_ui - lxc_start.c:main:346 - Additional information can be obtained by setting the --logfile and --logpriority options.</div>
<div> </div>
<div>Any ideas?</div>
<div> </div>
<div>LC</div>
<div> </div>
</div></div></body></html>