[lxc-users] Cannot start unprivileged containers after first provisioning Ubuntu 14.04 instance

Serge Hallyn serge.hallyn at ubuntu.com
Fri Aug 22 19:04:09 UTC 2014


Quoting Justin Hume (justin.df.hume at gmail.com):
> >>* I've tried things suggested (restart cgmanager etc.)  in this thread, with
> *>>* no result. The only additional info I've found is a discrepancy of the
> *>>* contents of the "/proc/self/cgroup" file before and after restart of the
> *>>* instance.
> *>> >>* Before:
> *>>* 11:hugetlb:/
> *>>* 10:perf_event:/
> *>>* 9:blkio:/
> *>>* 8:freezer:/
> *>>* 7:devices:/
> *>>* 6:memory:/
> *>>* 5:cpuacct:/
> *>>* 4:cpu:/
> *>>* 3:cpuset:/
> *>>* 2:name=systemd:/user/1000.user/1.session
> *>> >>* After:
> *>>* 11:hugetlb:/user/1000.user/1.session
> *>>* 10:perf_event:/user/1000.user/1.session
> *>>* 9:blkio:/user/1000.user/1.session
> *>>* 8:freezer:/user/1000.user/1.session
> *>>* 7:devices:/user/1000.user/1.session
> *>>* 6:memory:/user/1000.user/1.session
> *>>* 5:cpuacct:/user/1000.user/1.session
> *>>* 4:cpu:/user/1000.user/1.session
> *>>* 3:cpuset:/user/1000.user/1.session
> *>>* 2:name=systemd:/user/1000.user/1.session
> *>
> > so 'After' unprivileged container start will work.
> >
> >>* It looks like required cgroups have not been delegated? I don't have a deep
> *>>* understanding of cgroups, or of how cgroups and LXC interact, so the answer
> *>>* may be obvious to someone else. Thanks in advance for your time,
> *>
> > What exactly is your question?
> 
> Sorry, should have been explicit. I want to understand why I am unable
> to start an unprivileged container without rebooting the system after
> installing LXC on a fresh 14.04 instance.

When you installed lxc, you also then installed the pieces (libpam-systemd,
systemd-shim, and cgmanager) which arrange for your login session to be placed
into a delegated cgroup.  It *should* be the case that after you've
installed those you could simply log out and log back in, but I'm pretty
sure I've seen the same thing where I needed to reboot.  It's possible that
dbus needs to be restarted for systemd-shim to be properly registered, or
something like that.  It may be solvable, but it's not high priority.
Certainly you'll at least need to log out and log back in.

-serge


More information about the lxc-users mailing list