[lxc-users] Unable to Start Unprivileged Containers on Debian / Jessie

Serge Hallyn serge.hallyn at ubuntu.com
Thu Sep 25 13:49:43 UTC 2014

Quoting Chris (berzerkatives at gmail.com):
> On 24/09/14 20:56, Serge Hallyn wrote:
> >Quoting Chris (berzerkatives at gmail.com):
> >>On 24/09/14 17:32, Serge Hallyn wrote:
> >>>Ok in that case /sys/fs/cgroup should still be mounted read-write.  After
> >>>you login, what does /proc/self/cgroup show, and what does the tree under
> >>>/sys/fs/cgroup/freezer/ look like?
> >>OK. I've got this from a login via SSH immediately following a
> >>reboot of plato.
> >>
> >>     socrates at plato:~$ find /proc/self/cgroup -ls
> >>      10551    0 -r--r--r--   1 socrates   socrates          0 Sep 24
> >Oh I meant cat /proc/self/cgroup.
> >
> Ah, right.
> socrates at plato:~$ cat /proc/self/cgroup
> 9:perf_event:/
> 8:blkio:/
> 7:net_cls:/
> 6:freezer:/
> 5:devices:/
> 4:cpu,cpuacct:/
> 3:cpuset:/
> 2:name=systemd:/system.slice/ssh.service

Ok, so now you run the prep.sh, then /proc/self/cgroup shows:

socrates at plato:~$ cat /proc/self/cgroup

?  (We'll hope that the name=systemd one isn't a problem).  Can you
show the result of

ls -ld /sys/fs/cgroup/freezer/socrates
ls -l /sys/fs/cgroup/freezer/socrates

then finally do the 'lxc-start -n container -l trace -o xxx' and attach
xxx one more time.  I've got a bad feeling this won't give *new* info,
but at least I know where we're at at this point.  Actually, exactly
how did you create the container?  Could you create a new one using the
same command, start it, and make sure it fails the same way?  (that
shoudl give me all i need to reproduce)

More information about the lxc-users mailing list