<html><head></head><body><div style="font-family: Verdana;font-size: 12.0px;"><div>Hi,</div>
<div> </div>
<div>I'm new to LXC and cgroups in general, so please cut me some slack if I'm missing something obvious.</div>
<div> </div>
<div>I'm trying to run nested unprivileged containers (host->unprivileged->unprivileged) on Debian Jessie. The outer container runs just fine.</div>
<div> </div>
<div>For future reference, the outer container is called "horde" and the inner "apache". The users owning the containers have the same name as their container.</div>
<div> </div>
<div>Executing "apache@horde:~# lxc-start -n apache --logfile log --logpriority debug" results in these error messages:</div>
<div> </div>
<div> lxc-start 20160507202527.752 ERROR lxc_cgfsng - cgfsng.c:parse_hierarchies:820 - Failed to find current cgroup for controller 'name=cgmanager.lower'<br/>
lxc-start 20160507202527.758 ERROR lxc_cgfsng - cgfsng.c:all_controllers_found:430 - no freezer controller mountpoint found<br/>
lxc-start 20160507202527.758 ERROR lxc_start - start.c:lxc_spawn:1079 - failed initializing cgroup support</div>
<div> </div>
<div>I get this for the nested container's cgroups:</div>
<div> </div>
<div>
<div>apache@horde:~$ cat /proc/self/cgroup<br/>
9:pids:/<br/>
8:perf_event:/horde/lxc/horde<br/>
7:net_cls,net_prio:/horde/lxc/horde<br/>
6:freezer:/horde/lxc/horde<br/>
5:devices:/horde/lxc/horde<br/>
4:blkio:/horde/lxc/horde<br/>
3:cpu,cpuacct:/horde/lxc/horde<br/>
2:cpuset:/horde/lxc/horde<br/>
1:name=systemd:/user.slice/user-1001.slice/session-c3.scope/lxc/horde/user.slice/user-1000.slice/session-1.scope</div>
<div> </div>
<div>But there exists a cgmanager.lower in the outer container's cgroups:</div>
<div> </div>
<div>
<div>root@horde:/root# ls /sys/fs/cgroup/<br/>
blkio cgmanager cgmanager.lower cpu cpu,cpuacct cpuacct cpuset devices freezer net_cls net_cls,net_prio net_prio perf_event pids systemd</div>
</div>
<div> </div>
<div>I appreciate all input.</div>
<div>Cyclonit</div>
</div></div></body></html>