[lxc-users] CRIU with lxc.network.type empty fails
Tycho Andersen
tycho.andersen at canonical.com
Tue Aug 11 14:37:22 UTC 2015
On Tue, Aug 11, 2015 at 09:04:46AM +0200, Dietmar Maurer wrote:
> I no get another error:
>
> (00.000399) Error (proc_parse.c:826): SECCOMP_MODE_FILTER not currently
> supported
> (00.000401) Error (proc_parse.c:839): Error parsing proc status file
>
> So I have to set:
>
> lxc.seccomp =
Yep, I'm working on adding SECCOMP_MODE_FILTER support right now.
> which is bad, because 'umount -f' can be used to terminate lxcfs...
Yes, and since these have to be privileged containers anyway I don't
think they're very secure. But hopefully we'll fix that.
> After that, I get:
>
> ...
> 00.013118) timerfd: Dumping id 0x13 clockid 1 it_value(86392, 143546305)
> it_interval(0, 0)
> (00.013122) fdinfo: type: 0x11 flags: 02004002/01 pos: 0x 0 fd: 24
> (00.013131) 24683 fdinfo 25: pos: 0x 0 flags: 2004000/0x1
> (00.013143) fsnotify: wd: wd 0x00000003 s_dev 0x00700000 i_ino 0x
> 517 mask 0x0800ad84
> (00.013145) fsnotify: [fhandle] bytes 0x00000008 type 0x00000001 __handle
> 0x004f3d2c00000517:0x0
> 000000000000000
> (00.013147) fsnotify: Opening fhandle 700000:4f3d2c00000517...
> (00.013150) Path `/' resolved to `./' mountpoint
> (00.013153) fsnotify: Handle 0x700000:0x517 is openable
> (00.013154) Warn (fsnotify.c:188): fsnotify: Handle 0x700000:0x517 cannot be
> opened
> (00.013156) irmap: Resolving 700:517 path
> (00.013157) irmap: Scanning /etc hint
> (00.013162) irmap: Scanning /var/spool hint
> (00.013163) irmap: Scanning /lib/udev hint
> (00.013165) irmap: Scanning /. hint
> (00.013166) irmap: Scanning /no-such-path hint
> (00.013167) irmap: Refresh stat for /no-such-path
> (00.013174) Error (irmap.c:81): irmap: Can't stat /no-such-path: No such file or
> directory
> (00.013176) Error (fsnotify.c:191): fsnotify: Can't dump that handle
> (00.013183) ----------------------------------------
> (00.013185) Error (cr-dump.c:1255): Dump files (pid: 24683) failed with -1
>
> This is a simple centos7 container - nothing running (onyl systemd).
> Any idea whats wrong?
Not sure, this is likely something that systemd is doing to confuse
CRIU. The CRIU list may have a better idea, I've not seen it before.
Tycho
More information about the lxc-users
mailing list