[lxc-devel] Unprivileged containers don't start with lxcfs 2.0.0

[Serge Hallyn]

Quoting Mathias Gibbens (mathias at calenhad.com):
>   This evening I upgraded my lxc/lxcfs install, seeing as how lxcfs
> 2.0.0 was tagged earlier today. However, with the current lxcfs (2.0.0)
> my unprivileged containers fail to start:
> 
> > lxc at narya:~$ lxc-start -F -n aule.calenhad.com
> > systemd 215 running in system mode. (+PAM +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR)
> > Detected virtualization 'lxc'.
> > Detected architecture 'x86-64'.
> > 
> > Welcome to Debian GNU/Linux 8 (jessie)!
> > 
> > Set hostname to <aule.calenhad.com>.
> > Failed to configure loopback device: Operation not supported
> > Failed to install release agent, ignoring: No such file or directory
> > Failed to create root cgroup hierarchy: Invalid argument
> > Failed to allocate manager object: Invalid argument

...  And does this still happen when you 'fix' the systemd
service unit as below?

>   Previously I had been running lxcfs 2.0.0.beta1, which works fine.
> 
>   I am running Debian 8 (jessie) on both the host as well as in the unprivileged containers. Current software versions are lxc 2.0.0.rc15, lxcfs 2.0.0.beta1, cgmanager 0.37.
> 
>   Additionally, with the now-included systemd unit file in lxcfs, I receive this error when attempting to start the service:
> 
> > [/lib/systemd/system/lxcfs.service:11] Unknown lvalue 'Delegate' in section 'Service'
> 
>   Maybe this isn't supported in the version of systemd that ships in the current stable release of Debian; I simply commented it out and then the lxcfs service starts properly.

Ugh.  So debian/rules in the jessie package should sed -i '/Delegate/d' that
files I guess.  Would be nice if there were a nicer way to handle that.