[lxc-users] Ubuntu Server errors on Fedora 20 container start

Michael H. Warfield mhw at WittsEnd.com
Sat Jun 7 14:43:08 UTC 2014 

On Sat, 2014-06-07 at 08:19 -0400, CDR wrote:
> I moved a Fedora 20 privileged container from one server to another using
> rsync -qarlpt --sparse

Were they both Ubuntu servers with the same kernel rev and did you copy
the configuration over as well?  Same version of LXC on both servers?
What version LXC?

> and now when the container starts I get the messages below:

> Failed to insert module 'autofs4'
> Set hostname to <fedora-1>.
> Failed to install release agent, ignoring: File exists
> Socket service systemd-journald.service not loaded, refusing.
> [FAILED] Failed to listen on Journal Socket.
> See 'systemctl status systemd-journald.socket' for details.
>          Mounting RPC Pipe File System...
>          Mounting RPC Pipe File System...
> Failed to open /dev/autofs: No such file or directory
> Failed to initialize automounter: No such file or directory
> [FAILED] Failed to set up automount Arbitrary Executable File Formats
> File System Automount Point.
> See 'systemctl status proc-sys-fs-binfmt_misc.automount' for details.
> Unit proc-sys-fs-binfmt_misc.automount entered failed state.
> 
> systemd-journal-flush.service: main process exited, code=exited,
> status=1/FAILURE
> [FAILED] Failed to start Trigger Flushing of Journal to Persistent Storage.
> 
> 
> <38>systemd-logind[80]: New seat seat0.
> <36>systemd-logind[80]: Failed to open event0: No such file or directory
> <27>systemd-udevd[39]: inotify_add_watch(7, /dev/loop3, 10) failed: No
> such file or directory
> <27>systemd-udevd[37]: <27>inotify_add_watch(7, /dev/loop1, 10)
> failed: No such file or directory
> systemd-udevd<27>systemd-udevd[35]: inotify_add_watch(7, /dev/ram10,
> 10) failed: No such file or directory
> [49]: inotify_add_watch(7, /dev/ram15, 10) failed: No such file or directory
> <27><27>systemd-udevd[57]: inotify_add_watch(7, /dev/ram9, 10) failed:
> No such file or directory
> systemd-udevd[48]: inotify_add_watch(7, /dev/ram13, 10) failed: No
> such file or directory
> <27>systemd-udevd[50]: inotify_add_watch(7, /dev/ram2, 10) failed: No
> such file or directory
> <27>systemd-udevd[40]: <27>systemd-udevd[34]: inotify_add_watch(7,
> /dev/ram11, 10) failed: No such file or directoryinotify_add_watch(7,
> /dev/loop4, 10) failed: No such file or directory
> <27>
> <27>systemd-udevd[53]: inotify_add_watch(7, /dev/ram5, 10) failed: No
> such file or directory
> systemd-udevd[52]: inotify_add_watch(7, /dev/ram4, 10) failed: No such
> file or directory
> <27>systemd-udevd[56]: inotify_add_watch(7, /dev/ram8, 10) failed: No
> such file or directory
> <27>systemd-udevd[38]: inotify_add_watch(7, /dev/loop2, 10) failed: No
> such file or directory
> <27>systemd-udevd<27>systemd-udevd[43]: inotify_add_watch(7,
> /dev/loop7, 10) failed: No such file or directory
> <27>systemd-udevd[46]: inotify_add_watch(7, /dev/ram1, 10) failed: No
> such file or directory
> [33]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
> <27><27>systemd-udevd[42]: inotify_add_watch(7, /dev/loop6, 10)
> failed: No such file or directory
> systemd-udevd[51]: inotify_add_watch(7, /dev/ram3, 10) failed: No such
> file or directory
> <27><27>systemd-udevd[47]: inotify_add_watch(7, /dev/ram12, 10)
> failed: No such file or directory
> systemd-udevd[54]: inotify_add_watch(7, /dev/ram6, 10) failed: No such
> file or directory
> <27>systemd-udevd[44]: inotify_add_watch(7, /dev/ram0, 10) failed: No
> such file or directory
> <27>systemd-udevd[55]: inotify_add_watch(7, /dev/ram7, 10) failed: No
> such file or directory
> <27>systemd-udevd[36]: inotify_add_watch(7, /dev/ram14, 10) failed: No
> such file or directory
> <27>systemd-udevd[41]: inotify_add_watch(7, /dev/loop5, 10) failed: No
> such file or directory
> <27>systemd-udevd[36]: Failed to apply ACL on /dev/kvm: No such file
> or directory
> 
> Any idea what may be causing this?
> This is the config file, except the network definitions
> lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
> lxc.mount.entry = sysfs sys sysfs defaults  0 0
> lxc.mount.entry = /usr/src /var/lib/lxc/fedora-1/rootfs/usr/src none bind 0 0
> lxc.mount.auto = cgroup:mixed
> lxc.tty = 4
> lxc.pts = 1024
> lxc.cgroup.devices.deny = a
> lxc.cgroup.devices.allow = c 1:3 rwm
> lxc.cgroup.devices.allow = c 1:5 rwm
> lxc.cgroup.devices.allow = c 5:1 rwm
> lxc.cgroup.devices.allow = c 5:0 rwm
> lxc.cgroup.devices.allow = c 4:0 rwm
> lxc.cgroup.devices.allow = c 4:1 rwm
> lxc.cgroup.devices.allow = c 1:9 rwm
> lxc.cgroup.devices.allow = c 1:8 rwm
> lxc.cgroup.devices.allow = c 136:* rwm
> lxc.cgroup.devices.allow = c 5:2 rwm
> lxc.cgroup.devices.allow = c 254:0 rwm
> lxc.cgroup.devices.allow = c 10:137 rwm # loop-control
> lxc.cgroup.devices.allow = b 7:* rwm    # loop*
> lxc.cgroup.memory.limit_in_bytes = 2536870910
> lxc.utsname = fedora-1
> lxc.rootfs = /var/lib/lxc/fedora-1/rootfs
> lxc.start.auto = 1
> lxc.start.delay = 5
> lxc.start.order = 1

This doesn't look like a configuration file that would have been
generated by the Fedora template.  For one thing, the template most
certainly would have set "lxc.autodev = 1" for a systemd container.
Fortunately, lxc-start has some heuristics for figuring that out itself
but the lack of its presence in this configuration is curious.

For another, if your running this on an Ubuntu server, as indicated in
your subject, you most likely need to set the apparour profile like
this:

lxc.aa_profile = unconfined

This has caused systemd failures just like what you describe.

More disturbing are the messages above regarding udevd.  The Fedora
template disables and masks udevd in the container when it's created.
Udev will not work in a container.  Was this container created using an
older version of LXC or how?

> Philip

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140607/f83c4e96/attachment.sig>

More information about the lxc-users mailing list