<html><head></head><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif;font-size:16px"><div id="yui_3_16_0_ym19_1_1467247905350_21206"><span></span></div> <div id="yui_3_16_0_ym19_1_1467247905350_21232" class="qtdSeparateBR"><br><br></div><div style="display: block;" id="yui_3_16_0_ym19_1_1467247905350_21230" class="yahoo_quoted"> <div id="yui_3_16_0_ym19_1_1467247905350_21229" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;"> <div id="yui_3_16_0_ym19_1_1467247905350_21228" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;"> <div id="yui_3_16_0_ym19_1_1467247905350_21231" dir="ltr"><font face="Arial" size="2"> On Thursday, 30 June 2016, 11:36, Serge E. Hallyn <serge@hallyn.com> wrote:<br></font></div> <br><br> <div id="yui_3_16_0_ym19_1_1467247905350_21227" class="y_msg_container">On Thu, Jun 30, 2016 at 11:24:25AM +1000, Rob wrote:<br>> On 30/06/2016 10:36 AM, Serge E. Hallyn wrote:<br>> >Quoting Rob Edgerton (<a ymailto="mailto:redgerhoo@yahoo.com.au" href="mailto:redgerhoo@yahoo.com.au">redgerhoo@yahoo.com.au</a>):<br>> >> lxc-start 20160628155820.614 ERROR lxc_cgfsng - cgfsng.c:cgfsng_setup_limits:1662 - No such file or directory - Error setting cpuset.cpus to 1-3 for trusty_unp_ibvpn<br>> >ENOENT - that's unexpected...<br>> ><br>> >> lxc-start 20160628155820.615 ERROR lxc_start - start.c:lxc_spawn:1180 - failed to setup the cgroup limits for @virt-host:~$cgm --version<br>> >>0.29<br>> >Can you show 'dpkg -l | grep cgmanager' ?<br>> ><br>> >as well as cat /etc/*release<br>> ><br>> >Hi, For /proc/self/cgroup and /proc/self/mountinfo, we actually<br>> >need to see the contents. Can you show 'cat /proc/self/cgroup' and<br>> >'cat /proc/self/mountinfo'? -serge<br>> >_______________________________________________ lxc-users mailing<br>> >list <a ymailto="mailto:lxc-users@lists.linuxcontainers.org" href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.linuxcontainers.org</a><br>> ><a href="http://lists.linuxcontainers.org/listinfo/lxc-users" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br>> hi Serge,<br>> here is the follow up info (note that I cut the msg above in order<br>> to reduce size)<br>> <br>> $ dpkg -l | grep cgmanager<br>> ii cgmanager 0.39-2ubuntu5 amd64<br>> Central cgroup manager daemon<br>> ii libcgmanager0:amd64 0.39-2ubuntu5<br>> amd64 Central cgroup manager daemon (client library)<br>> <br>> $ cat /etc/*release<br>> DISTRIB_ID=Ubuntu<br>> DISTRIB_RELEASE=16.04<br>> DISTRIB_CODENAME=xenial<br>> DISTRIB_DESCRIPTION="Ubuntu 16.04 LTS"<br>> NAME="Ubuntu"<br>> VERSION="16.04 LTS (Xenial Xerus)"<br>> ID=ubuntu<br>> ID_LIKE=debian<br>> PRETTY_NAME="Ubuntu 16.04 LTS"<br>> VERSION_ID="16.04"<br>> HOME_URL="<a href="http://www.ubuntu.com/" target="_blank">http://www.ubuntu.com/</a>"<br>> SUPPORT_URL="<a href="http://help.ubuntu.com/" target="_blank">http://help.ubuntu.com/</a>"<br>> BUG_REPORT_URL="<a href="http://bugs.launchpad.net/ubuntu/" target="_blank">http://bugs.launchpad.net/ubuntu/</a>"<br>> UBUNTU_CODENAME=xenial<br>> <br>> <br>> $ cat /proc/self/cgroup<br>> 11:blkio:/user.slice<br>> 10:hugetlb:/<br>> 9:freezer:/user/redger/1<br>> 8:pids:/user.slice/user-1000.slice<br>> 7:perf_event:/<br>> 6:cpu,cpuacct:/user.slice<br>> 5:net_cls,net_prio:/<br>> 4:devices:/user.slice<br>> 3:memory:/user/redger/1<br>> 2:cpuset:/<br><br>Oh, ok. I'm sorry, this should have been obvious to me from the start.<br><br>You need to edit /etc/pam.d/common-session and change the line that's<br>something like<br><br>session optional pam_cgfs.so -c freezer,memory,name=systemd<br><br>to add ",cpuset" at the end, i.e.<br><br>session optional pam_cgfs.so -c freezer,memory,name=systemd,cpuset<br><br>It has been removed from the default because on systems which do a lot<br>of cpu hotplugging it can be a problem: with the legacy (non-unified)<br>cpuset hierarchy, when you unplug a cpu that is part of /user, it gets<br><div id="yui_3_16_0_ym19_1_1467247905350_21264">removed, but when you re-plug it it does not get re-added.</div><div id="yui_3_16_0_ym19_1_1467247905350_21337"><br></div><div id="yui_3_16_0_ym19_1_1467247905350_21336">hi Serge,</div><div id="yui_3_16_0_ym19_1_1467247905350_21335" dir="ltr">thanks for the response.</div><div id="yui_3_16_0_ym19_1_1467247905350_21334" dir="ltr"><br></div><div id="yui_3_16_0_ym19_1_1467247905350_21317" dir="ltr">I updated pam.d/common-session</div><div id="yui_3_16_0_ym19_1_1467247905350_21318" dir="ltr"># ================= RE Changed ================= #<br id="yui_3_16_0_ym19_1_1467247905350_21346">#session optional pam_cgfs.so -c freezer,memory,name=systemd<br id="yui_3_16_0_ym19_1_1467247905350_21347">session optional pam_cgfs.so -c freezer,memory,name=systemd,cpuset<br id="yui_3_16_0_ym19_1_1467247905350_21348"># ================= RE Changed ================= #</div><div id="yui_3_16_0_ym19_1_1467247905350_21398" dir="ltr"><br></div><div id="yui_3_16_0_ym19_1_1467247905350_21399" dir="ltr">then restarted, with similar result. Further, the config contains auth for using USB devices too</div><div id="yui_3_16_0_ym19_1_1467247905350_21624" dir="ltr"># USB devices<br></div><div id="yui_3_16_0_ym19_1_1467247905350_21400" dir="ltr">lxc.cgroup.devices.allow = c 10:200 rwm</div><div id="yui_3_16_0_ym19_1_1467247905350_21496" dir="ltr"># CPU & Memory limits<br></div><div id="yui_3_16_0_ym19_1_1467247905350_21414" dir="ltr">lxc.cgroup.cpuset.cpus = 1-3<br id="yui_3_16_0_ym19_1_1467247905350_21459">lxc.cgroup.cpu.shares = 256<br id="yui_3_16_0_ym19_1_1467247905350_21460">lxc.cgroup.memory.limit_in_bytes = 4G<br id="yui_3_16_0_ym19_1_1467247905350_21461">lxc.cgroup.blkio.weight = 500<br id="yui_3_16_0_ym19_1_1467247905350_21349"></div><div id="yui_3_16_0_ym19_1_1467247905350_21401" dir="ltr"><br></div><div id="yui_3_16_0_ym19_1_1467247905350_21541" dir="ltr">Commenting out the first line still results in start failure, as do the other lines. Even just uncommenting the memory.limit lines leads to failure with</div><div id="yui_3_16_0_ym19_1_1467247905350_21621" dir="ltr">$ lxc-start -n trusty_unp_ibvpn -F<br id="yui_3_16_0_ym19_1_1467247905350_21635">lxc-start: cgfsng.c: cgfsng_setup_limits: 1645 No devices cgroup setup for trusty_unp_ibvpn<br id="yui_3_16_0_ym19_1_1467247905350_21636">lxc-start: start.c: lxc_spawn: 1226 failed to setup the devices cgroup for 'trusty_unp_ibvpn'<br id="yui_3_16_0_ym19_1_1467247905350_21637">lxc-start: start.c: __lxc_start: 1353 failed to spawn 'trusty_unp_ibvpn'<br id="yui_3_16_0_ym19_1_1467247905350_21638">lxc-start: lxc_start.c: main: 344 The container failed to start.<br id="yui_3_16_0_ym19_1_1467247905350_21639">lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.<br></div><div id="yui_3_16_0_ym19_1_1467247905350_21737"><br></div><div id="yui_3_16_0_ym19_1_1467247905350_21897" dir="ltr">here's a sample log sequence where ONLY "lxc.cgroup.memory.limit_in_bytes = 4G" was uncommented<br></div><div id="yui_3_16_0_ym19_1_1467247905350_21762" dir="ltr"> lxc-start 20160630023739.583 INFO lxc_conf - conf.c:lxc_create_tty:3303 - tty's configured<br id="yui_3_16_0_ym19_1_1467247905350_21878"> lxc-start 20160630023739.583 INFO lxc_conf - conf.c:setup_tty:995 - 4 tty(s) has been setup<br id="yui_3_16_0_ym19_1_1467247905350_21879"> lxc-start 20160630023739.583 INFO lxc_conf - conf.c:setup_personality:1393 - set personality to '0x0'<br id="yui_3_16_0_ym19_1_1467247905350_21880"> lxc-start 20160630023739.583 DEBUG lxc_conf - conf.c:setup_caps:2056 - drop capability 'mac_admin' (33)<br id="yui_3_16_0_ym19_1_1467247905350_21881"> lxc-start 20160630023739.583 DEBUG lxc_conf - conf.c:setup_caps:2056 - drop capability 'mac_override' (32)<br id="yui_3_16_0_ym19_1_1467247905350_21882"> lxc-start 20160630023739.583 DEBUG lxc_conf - conf.c:setup_caps:2056 - drop capability 'sys_time' (25)<br id="yui_3_16_0_ym19_1_1467247905350_21883"> lxc-start 20160630023739.583 DEBUG lxc_conf - conf.c:setup_caps:2056 - drop capability 'sys_module' (16)<br id="yui_3_16_0_ym19_1_1467247905350_21884"> lxc-start 20160630023739.583 DEBUG lxc_conf - conf.c:setup_caps:2056 - drop capability 'sys_rawio' (17)<br id="yui_3_16_0_ym19_1_1467247905350_21885"> lxc-start 20160630023739.583 DEBUG lxc_conf - conf.c:setup_caps:2065 - capabilities have been setup<br id="yui_3_16_0_ym19_1_1467247905350_21886"> lxc-start 20160630023739.583 NOTICE lxc_conf - conf.c:lxc_setup:3839 - 'trusty_unp_ibvpn' is setup.<br id="yui_3_16_0_ym19_1_1467247905350_21887"> lxc-start 20160630123739.583 ERROR lxc_cgfsng - cgfsng.c:cgfsng_setup_limits:1645 - No devices cgroup setup for trusty_unp_ibvpn<br id="yui_3_16_0_ym19_1_1467247905350_21888"> lxc-start 20160630123739.583 ERROR lxc_start - start.c:lxc_spawn:1226 - failed to setup the devices cgroup for 'trusty_unp_ibvpn'<br id="yui_3_16_0_ym19_1_1467247905350_21889"> lxc-start 20160630123739.583 ERROR lxc_start - start.c:__lxc_start:1353 - failed to spawn 'trusty_unp_ibvpn'<br id="yui_3_16_0_ym19_1_1467247905350_21890"> lxc-start 20160630123739.633 INFO lxc_conf - conf.c:run_script_argv:367 - Executing script '/usr/share/lxcfs/lxc.reboot.hook' for container 'trusty_unp_ibvpn', config section 'lxc'<br id="yui_3_16_0_ym19_1_1467247905350_21891"> lxc-start 20160630123740.147 ERROR lxc_start_ui - lxc_start.c:main:344 - The container failed to start.<br id="yui_3_16_0_ym19_1_1467247905350_21892"> lxc-start 20160630123740.147 ERROR lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options.<br id="yui_3_16_0_ym19_1_1467247905350_21893"><br></div></div> </div> </div> </div></div></body></html>