[lxc-users] systemd and unprivileged containers: still not working...

Dirk Geschke dirk at lug-erding.de
Wed Feb 4 17:57:19 UTC 2015


Hi all, 

I still try to get jessie with systemd working in an unprivileged
container, without any luck.

The host system is Debian wheezy with an updated shadow package,
a kernel 3.18.4 with lxcfs-0.5, cgmanager-0.35 and LXC-1.1. But 
all I get is (it is wheezy updated to jessie):

   $ lxc-start -n wheezy -F 
   WARN: could not reopen tty: Permission denied
   Mounting cgroup to /sys/fs/cgroup/cpu,cpuacct of type cgroup with
   options cpu,cpuacct.
   Failed to mount cgroup at /sys/fs/cgroup/cpu,cpuacct: Operation not
   permitted
   Mounting cgroup to /sys/fs/cgroup/net_cls,net_prio of type cgroup
   with options net_cls,net_prio.
   Failed to mount cgroup at /sys/fs/cgroup/net_cls,net_prio: Operation
   not permitted
   systemd 215 running in system mode. (+PAM +AUDIT +SELINUX +IMA
   +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR)
   Detected virtualization 'lxc'.
   Detected architecture 'x86-64'.

   Welcome to Debian GNU/Linux 8 (jessie)!

   Set hostname to <wheezy>.
   Failed to configure loopback device: Operation not supported
   Using cgroup controller name=systemd. File system hierarchy is at
   /sys/fs/cgroup/systemd/wheezy/wheezy-1.
   Failed to install release agent, ignoring: No such file or directory

It hangs after "Set hostname to ..." for a few seconds (100% CPU
systemd in container), then there are the two Failed messages and
finally I need a kill -9 to terminate the container.

lxcfs in debug mode shows this:

unique: 46, opcode: GETXATTR (22), nodeid: 23, insize: 68, pid: 9556
   unique: 46, error: -38 (Function not implemented), outsize: 16

I'm not sure, if this is really a problem.

The debug-log is attached.

Does anyone have an idea, what is going on? Where's my mistake?

Best regards

Dirk

-- 
+----------------------------------------------------------------------+
| Dr. Dirk Geschke       / Plankensteinweg 61    / 85435 Erding        |
| Telefon: 08122-559448  / Mobil: 0176-96906350 / Fax: 08122-9818106   |
| dirk at geschke-online.de / dirk at lug-erding.de  / kontakt at lug-erding.de |
+----------------------------------------------------------------------+
-------------- next part --------------
      lxc-start 1423072478.892 INFO     lxc_start_ui - lxc_start.c:main:264 - using rcfile /home/lxcuser/.local/share/lxc/wheezy/config
      lxc-start 1423072478.892 INFO     lxc_utils - utils.c:get_rundir:437 - XDG_RUNTIME_DIR isn't set in the environment.
      lxc-start 1423072478.892 WARN     lxc_confile - confile.c:config_pivotdir:1768 - lxc.pivotdir is ignored.  It will soon become an error.
      lxc-start 1423072478.892 INFO     lxc_confile - confile.c:config_idmap:1376 - read uid map: type u nsid 0 hostid 100000 range 65536
      lxc-start 1423072478.892 INFO     lxc_confile - confile.c:config_idmap:1376 - read uid map: type g nsid 0 hostid 100000 range 65536
      lxc-start 1423072478.894 WARN     lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized
      lxc-start 1423072478.895 WARN     lxc_cgmanager - cgmanager.c:cgm_get:962 - do_cgm_get exited with error
      lxc-start 1423072478.895 INFO     lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver nop
      lxc-start 1423072478.895 INFO     lxc_utils - utils.c:get_rundir:437 - XDG_RUNTIME_DIR isn't set in the environment.
      lxc-start 1423072478.895 DEBUG    lxc_start - start.c:setup_signal_fd:259 - sigchild handler set
      lxc-start 1423072478.896 DEBUG    lxc_console - console.c:lxc_console_peer_default:500 - opening /dev/tty for console peer
      lxc-start 1423072478.896 INFO     lxc_caps - caps.c:lxc_caps_up:101 - Last supported cap was 34
      lxc-start 1423072478.896 DEBUG    lxc_console - console.c:lxc_console_peer_default:506 - using '/dev/tty' as console
      lxc-start 1423072478.896 DEBUG    lxc_console - console.c:lxc_console_sigwinch_init:179 - 9547 got SIGWINCH fd 9
      lxc-start 1423072478.896 DEBUG    lxc_console - console.c:lxc_console_winsz:88 - set winsz dstfd:6 cols:138 rows:24
      lxc-start 1423072478.896 INFO     lxc_caps - caps.c:lxc_caps_up:101 - Last supported cap was 34
      lxc-start 1423072478.896 DEBUG    lxc_console - console.c:lxc_console_create:604 - using '/home/lxcuser/lxc.log' as console log
      lxc-start 1423072478.962 INFO     lxc_start - start.c:lxc_init:451 - 'wheezy' is initialized
      lxc-start 1423072478.963 DEBUG    lxc_start - start.c:__lxc_start:1130 - Not dropping cap_sys_boot or watching utmp
      lxc-start 1423072478.963 INFO     lxc_start - start.c:lxc_spawn:863 - Cloning a new user namespace
      lxc-start 1423072478.963 INFO     lxc_cgroup - cgroup.c:cgroup_init:65 - cgroup driver cgmanager initing for wheezy
      lxc-start 1423072479.030 NOTICE   lxc_start - start.c:do_start:667 - switching to gid/uid 0 in new user namespace
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:setup_rootfs:1267 - mounted '/home/lxcuser/.local/share/lxc/wheezy/rootfs' on '/usr/local/lib/lxc/rootfs'
      lxc-start 1423072479.031 INFO     lxc_conf - conf.c:setup_utsname:902 - 'wheezy' hostname has been setup
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:setup_hw_addr:2219 - mac address '00:16:3e:01:02:03' on 'eth0' has been setup
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:setup_netdev:2446 - 'eth0' has been setup
      lxc-start 1423072479.031 INFO     lxc_conf - conf.c:setup_network:2467 - network has been setup
      lxc-start 1423072479.031 INFO     lxc_conf - conf.c:mount_autodev:1131 - Mounting /dev under /usr/local/lib/lxc/rootfs
      lxc-start 1423072479.031 INFO     lxc_conf - conf.c:mount_autodev:1152 - Mounted tmpfs onto /usr/local/lib/lxc/rootfs/dev
      lxc-start 1423072479.031 INFO     lxc_conf - conf.c:mount_autodev:1170 - Mounted /dev under /usr/local/lib/lxc/rootfs
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1712 - remounting /sys/fs/fuse/connections on /usr/local/lib/lxc/rootfs/sys/fs/fuse/connections to respect bind or remount options
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1727 - (at remount) flags for /sys/fs/fuse/connections was 4096, required extra flags are 0
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1736 - mountflags already was 4096, skipping remount
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1762 - mounted '/sys/fs/fuse/connections' on '/usr/local/lib/lxc/rootfs/sys/fs/fuse/connections', type 'none'
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1712 - remounting /dev/console on /usr/local/lib/lxc/rootfs/dev/console to respect bind or remount options
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1727 - (at remount) flags for /dev/console was 4096, required extra flags are 0
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1736 - mountflags already was 4096, skipping remount
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1762 - mounted '/dev/console' on '/usr/local/lib/lxc/rootfs/dev/console', type 'none'
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1712 - remounting /dev/full on /usr/local/lib/lxc/rootfs/dev/full to respect bind or remount options
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1727 - (at remount) flags for /dev/full was 4096, required extra flags are 0
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1736 - mountflags already was 4096, skipping remount
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1762 - mounted '/dev/full' on '/usr/local/lib/lxc/rootfs/dev/full', type 'none'
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1712 - remounting /dev/null on /usr/local/lib/lxc/rootfs/dev/null to respect bind or remount options
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1727 - (at remount) flags for /dev/null was 4096, required extra flags are 0
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1736 - mountflags already was 4096, skipping remount
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1762 - mounted '/dev/null' on '/usr/local/lib/lxc/rootfs/dev/null', type 'none'
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1712 - remounting /dev/random on /usr/local/lib/lxc/rootfs/dev/random to respect bind or remount options
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1727 - (at remount) flags for /dev/random was 4096, required extra flags are 0
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1736 - mountflags already was 4096, skipping remount
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1762 - mounted '/dev/random' on '/usr/local/lib/lxc/rootfs/dev/random', type 'none'
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1712 - remounting /dev/tty on /usr/local/lib/lxc/rootfs/dev/tty to respect bind or remount options
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1727 - (at remount) flags for /dev/tty was 4096, required extra flags are 0
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1736 - mountflags already was 4096, skipping remount
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1762 - mounted '/dev/tty' on '/usr/local/lib/lxc/rootfs/dev/tty', type 'none'
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1712 - remounting /dev/urandom on /usr/local/lib/lxc/rootfs/dev/urandom to respect bind or remount options
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1727 - (at remount) flags for /dev/urandom was 4096, required extra flags are 0
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1736 - mountflags already was 4096, skipping remount
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1762 - mounted '/dev/urandom' on '/usr/local/lib/lxc/rootfs/dev/urandom', type 'none'
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1712 - remounting /dev/zero on /usr/local/lib/lxc/rootfs/dev/zero to respect bind or remount options
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1727 - (at remount) flags for /dev/zero was 4096, required extra flags are 0
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1736 - mountflags already was 4096, skipping remount
      lxc-start 1423072479.031 DEBUG    lxc_conf - conf.c:mount_entry:1762 - mounted '/dev/zero' on '/usr/local/lib/lxc/rootfs/dev/zero', type 'none'
      lxc-start 1423072479.031 INFO     lxc_conf - conf.c:mount_file_entries:2011 - mount points have been setup
      lxc-start 1423072479.032 INFO     lxc_conf - conf.c:run_script_argv:345 - Executing script '/usr/local/share/lxcfs/lxc.mount.hook' for container 'wheezy', config section 'lxc'
      lxc-start 1423072479.086 INFO     lxc_conf - conf.c:run_script_argv:345 - Executing script '/usr/local/share/lxcfs/lxc.mount.hook' for container 'wheezy', config section 'lxc'
      lxc-start 1423072479.143 INFO     lxc_conf - conf.c:fill_autodev:1198 - Creating initial consoles under /usr/local/lib/lxc/rootfs/dev
      lxc-start 1423072479.143 INFO     lxc_conf - conf.c:fill_autodev:1209 - Populating /dev under /usr/local/lib/lxc/rootfs
      lxc-start 1423072479.143 INFO     lxc_conf - conf.c:fill_autodev:1241 - Populated /dev under /usr/local/lib/lxc/rootfs
      lxc-start 1423072479.143 INFO     lxc_conf - conf.c:setup_dev_console:1492 - console has been setup
      lxc-start 1423072479.143 INFO     lxc_conf - conf.c:do_tmp_proc_mount:3542 - I am 1, /proc/self points to '1'
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:setup_rootfs_pivot_root:1109 - pivot_root syscall to '/usr/local/lib/lxc/rootfs' successful
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:lxc_create_tty:3330 - allocated pty '/dev/pts/0' (12/15)
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:lxc_create_tty:3330 - allocated pty '/dev/pts/1' (17/18)
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:lxc_create_tty:3330 - allocated pty '/dev/pts/2' (19/20)
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:lxc_create_tty:3330 - allocated pty '/dev/pts/3' (21/22)
      lxc-start 1423072479.158 INFO     lxc_conf - conf.c:lxc_create_tty:3341 - tty's configured
      lxc-start 1423072479.158 INFO     lxc_conf - conf.c:setup_tty:1054 - 4 tty(s) has been setup
      lxc-start 1423072479.158 INFO     lxc_conf - conf.c:setup_personality:1447 - set personality to '0x0'
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:setup_caps:2130 - drop capability 'mac_admin' (33)
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:setup_caps:2130 - drop capability 'mac_override' (32)
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:setup_caps:2130 - drop capability 'sys_time' (25)
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:setup_caps:2130 - drop capability 'sys_module' (16)
      lxc-start 1423072479.158 DEBUG    lxc_conf - conf.c:setup_caps:2139 - capabilities have been setup
      lxc-start 1423072479.158 NOTICE   lxc_conf - conf.c:lxc_setup:3921 - 'wheezy' is setup.
      lxc-start 1423072479.158 NOTICE   lxc_start - start.c:start:1232 - exec'ing '/sbin/init'
      lxc-start 1423072479.159 NOTICE   lxc_start - start.c:post_start:1243 - '/sbin/init' started with pid '9556'
      lxc-start 1423072479.159 INFO     lxc_utils - utils.c:get_rundir:437 - XDG_RUNTIME_DIR isn't set in the environment.
      lxc-start 1423072479.159 WARN     lxc_start - start.c:signal_handler:307 - invalid pid for SIGCHLD


More information about the lxc-users mailing list