[lxc-devel] `top` within unprivileged container breaks host

Serge Hallyn serge.hallyn at ubuntu.com
Fri Jan 23 18:13:52 UTC 2015


Quoting Mathias Gibbens (mathias at calenhad.com):
> Hello,
> 
>   I've been testing LXC 1.1-rc1 on a Debian jessie system. Specifically,
> since all the pieces are now in place to support systemd in unprivileged
> containers, I've been testing running Debian jessie within an
> unprivileged container.
> 
>   The jessie container successfully starts (there are some errors along
> the way, but that's another issue), and I can do a `lxc-attach`, add a
> user and log in. However, if I run `top` within the container I only get
> two lines of output:
> 
> top - 00:13:25 up 4 min,  0 users,  load average: 0.01, 0.05, 0.05
> Tasks:  10 total,   1 running,   9 sleeping,   0 stopped,   0 zombie
> 
>   Furthermore, the host system breaks spectacularly:
> 
> lxc at lxc:~$ top
> Error, do this: mount -t proc proc /proc
> lxc at lxc:~$ /sbin/ifconfig
> Warning: cannot open /proc/net/dev (No such file or directory). Limited
> output.
> lxc at lxc:~$ mount
> mount: failed to read mtab: No such file or directory
> lxc at lxc:~$ df
> df: cannot read table of mounted file systems: No such file or directory
> lxc at lxc:~$ sudo reboot
> Running in chroot, ignoring request.
> 
>   It seems that /proc is being unmounted somehow on the host. I can
> re-mount /proc on the host, and things seem to work again. (I haven't
> tested too much after re-mounting, instead opting to just reboot the
> host back to a known good state.)
> 
>   Any idea what is causing this to happen? I have also tried running
> Ubuntu Vivid as an unprivileged container and see the same results. I
> have not yet tried a different Linux distro for the host system.
> 
>   Host system details: Debian jessie with kernel 3.16.7-ckt2-1 x86_64,
> systemd-215, LXC-1.1-rc1 and lxcfs built from current git checkout,
> cgmanager-0.35 as packaged from the sid repository.

Wowzer.  I can confirm I'm having the same behavior on a ubuntu vivid
host with systemd as pid1.


More information about the lxc-devel mailing list