[lxc-devel] Unprivilege containers do not work on kernel 3.14.8, 3.15.1

KATOH Yasufumi karma at jazz.email.ne.jp
Thu Jun 19 10:58:11 UTC 2014 

Hi,

I've used 3.14.5 and 3.15.0 vanilla kernel (on plamolinux). And on
that host, I can use unprivilege containers.

But, I update the kernel to 3.14.8 and 3.15.1, then unpriv containers
don't work.

  $ lxc-start -n ct01 -l debug -o log
  chown: changing ownership of '/dev/pts/1': Operation not permitted
  lxc-start: Failed to chown /dev/pts/1
  lxc-start: Failed to shift tty into container
  lxc-start: failed to initialize the container

log is:
  lxc-start 1403175346.553 INFO     lxc_start_ui - using rcfile /home/karma/.local/share/lxc/ct01/config
  lxc-start 1403175346.592 INFO     lxc_utils - XDG_RUNTIME_DIR isn't set in the environment.
  lxc-start 1403175346.734 INFO     lxc_confile - read uid map: type u nsid 0 hostid 100000 range 65536
  lxc-start 1403175346.734 INFO     lxc_confile - read uid map: type g nsid 0 hostid 100000 range 65536
  lxc-start 1403175346.734 WARN     lxc_log - lxc_log_init called with log already initialized
  lxc-start 1403175346.734 INFO     lxc_utils - XDG_RUNTIME_DIR isn't set in the environment.
  lxc-start 1403175346.773 DEBUG    lxc_conf - allocated pty '/dev/pts/1' (7/8)
  lxc-start 1403175346.773 DEBUG    lxc_conf - allocated pty '/dev/pts/2' (9/10)
  lxc-start 1403175346.773 DEBUG    lxc_conf - allocated pty '/dev/pts/3' (11/12)
  lxc-start 1403175346.773 DEBUG    lxc_conf - allocated pty '/dev/pts/4' (13/14)
  lxc-start 1403175346.773 INFO     lxc_conf - tty's configured
  lxc-start 1403175346.773 DEBUG    lxc_start - sigchild handler set
  lxc-start 1403175346.774 DEBUG    lxc_console - opening /dev/tty for console peer
  lxc-start 1403175346.774 INFO     lxc_caps - Last supported cap was 34
  lxc-start 1403175346.774 DEBUG    lxc_console - using '/dev/tty' as console
  lxc-start 1403175346.774 DEBUG    lxc_console - 5324 got SIGWINCH fd 19
  lxc-start 1403175346.774 DEBUG    lxc_console - set winsz dstfd:16 cols:80 rows:24
  lxc-start 1403175346.882 ERROR    lxc_conf - Failed to chown /dev/pts/1
  lxc-start 1403175346.882 ERROR    lxc_start - Failed to shift tty into container
  lxc-start 1403175346.882 INFO     lxc_utils - XDG_RUNTIME_DIR isn't set in the environment.
  lxc-start 1403175346.882 ERROR    lxc_start - failed to initialize the container

In those versions, the fix related to userns have been made. 
  https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=d3c8656bc29be81894dc78a300c37b84d281ec03
So I tried to apply the reversed patch of the fix, then unpriv
containers work.

The above was just a quick report.
Thanks.

-- 
KATOH Yasufumi / karma at jazz.email.ne.jp

More information about the lxc-devel mailing list