[lxc-users] Unprivileged Lxc won't start on Debian Sid

Serge Hallyn serge.hallyn at ubuntu.com
Wed Jan 28 14:35:16 UTC 2015 

Quoting zer0 divide (zer0.divide at yahoo.fr):
> Hi,
> I try to start an unprivileged Lxc container under Debian Sid for a
> while, I tried a lot of things, but it does not work.
> 
> Futhermore, I asked here if it was a bug, but it seems not :
> https://github.com/lxc/lxc/issues/414#issuecomment-71414827
> 
> Now, I'am wondering if it is not a Debian specific problem related
> to some right access on /sys/fs/cgroup.
> 
> Here the ouput of systemctl status cgconfig
> 
> /hur//aira//@debian:~$ systemctl status cgconfig //
> //● cgconfig.service//
> //   Loaded: not-found (Reason: No such file or directory)//
> //   Active: inactive (dead)/

> Here some packages installed on my system :
> /lxc            1:1.0.7-1    amd64//
> //cgmanager      0.35-1       amd64//

A few things i notice here,

1. you have cgmanager and cgroup-bin both installed.  That can
sometime be a problem
2. your container is using cgfs, not cgmanager.  Is cgmanager
actually running?
3. do you have systemd-logind and (if not running systemd as pid 1)
systemd-shim installed?  those are supposed to, upon login, give
you cgroups which you can administer so that lxc can create
cgroups under your uid.

So what do

ps -ef | grep cgmanager
ls /sys/fs/cgroup /sys/fs/cgroup/cgmanager
cat /proc/self/cgroup

show?

> //cgroup-bin     0.41-6       all//
> //cgroup-tools   0.41-6       amd64//
> //libcgmanager0: 0.35-1       amd64//
> //libcgroup1:amd 0.41-6       amd64//
> //libpam-cgroup: 0.41-6//      amd64/
> 
> Here the log *lxc-start -n test -l DEBUG -o /tmp/lxc_test.log -f
> ~/.config/lxc/default.conf*:
> /
> //      lxc-start 1422302714.376 INFO     lxc_confile -
> confile.c:config_idmap:1325 - read uid map: type u nsid 0 hostid
> 1214112 range 65536//
> //      lxc-start 1422302714.376 INFO     lxc_confile -
> confile.c:config_idmap:1325 - read uid map: type g nsid 0 hostid
> 1214112 range 65536//
> //      lxc-start 1422302714.377 WARN     lxc_log -
> log.c:lxc_log_init:316 - lxc_log_init called with log already
> initialized//
> //      lxc-start 1422302714.378 INFO     lxc_confile -
> confile.c:config_idmap:1325 - read uid map: type u nsid 0 hostid
> 1214112 range 65536//
> //      lxc-start 1422302714.378 INFO     lxc_confile -
> confile.c:config_idmap:1325 - read uid map: type g nsid 0 hostid
> 1214112 range 65536//
> //      lxc-start 1422302714.378 WARN     lxc_cgfs -
> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup
> cpuset unknown to /home/huraira/.local/share/lxc test//
> //      lxc-start 1422302714.378 WARN     lxc_cgfs -
> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup
> perf_event unknown to /home/huraira/.local/share/lxc test//
> //      lxc-start 1422302714.378 WARN     lxc_cgfs -
> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup
> cpu unknown to /home/huraira/.local/share/lxc test//
> //      lxc-start 1422302714.378 WARN     lxc_cgfs -
> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup
> net_cls unknown to /home/huraira/.local/share/lxc test//
> //      lxc-start 1422302714.378 WARN     lxc_cgfs -
> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup
> blkio unknown to /home/huraira/.local/share/lxc test//
> //      lxc-start 1422302714.378 WARN     lxc_cgfs -
> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup
> memory unknown to /home/huraira/.local/share/lxc test//
> //      lxc-start 1422302714.378 WARN     lxc_cgfs -
> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup
> freezer unknown to /home/huraira/.local/share/lxc test//
> //      lxc-start 1422302714.378 WARN     lxc_cgfs -
> cgfs.c:lxc_cgroup_get_container_info:1100 - Not attaching to cgroup
> devices unknown to /home/huraira/.local/share/lxc test//
> //      lxc-start 1422302714.378 INFO     lxc_lsm -
> lsm/lsm.c:lsm_init:48 - LSM security driver nop//
> //      lxc-start 1422302714.378 DEBUG    lxc_start -
> start.c:setup_signal_fd:247 - sigchild handler set//
> //      lxc-start 1422302714.378 INFO     lxc_start -
> start.c:lxc_init:443 - 'test' is initialized//
> //      lxc-start 1422302714.379 DEBUG    lxc_start -
> start.c:__lxc_start:1058 - Not dropping cap_sys_boot or watching
> utmp//
> //      lxc-start 1422302714.379 INFO     lxc_start -
> start.c:lxc_spawn:802 - Cloning a new user namespace//
> //      lxc-start 1422302714.379 INFO     lxc_cgroup -
> cgroup.c:cgroup_init:62 - cgroup driver cgroupfs initing for test//
> //      lxc-start 1422302714.379 ERROR    lxc_cgfs -
> cgfs.c:lxc_cgroupfs_create:956 - Permission denied - Could not
> create cgroup '/test' in '/sys/fs/cgroup/devices'.//
> //      lxc-start 1422302714.379 ERROR    lxc_cgfs -
> cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed
> to delete /sys/fs/cgroup/devices///
> //      lxc-start 1422302714.379 ERROR    lxc_cgfs -
> cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed
> to delete /sys/fs/cgroup/freezer///
> //      lxc-start 1422302714.379 ERROR    lxc_cgfs -
> cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed
> to delete /sys/fs/cgroup/memory///
> //      lxc-start 1422302714.379 ERROR    lxc_cgfs -
> cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed
> to delete /sys/fs/cgroup/blkio///
> //      lxc-start 1422302714.380 ERROR    lxc_cgfs -
> cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed
> to delete /sys/fs/cgroup/net_cls,net_prio///
> //      lxc-start 1422302714.380 ERROR    lxc_cgfs -
> cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed
> to delete /sys/fs/cgroup/cpu,cpuacct///
> //      lxc-start 1422302714.380 ERROR    lxc_cgfs -
> cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed
> to delete /sys/fs/cgroup/perf_event///
> //      lxc-start 1422302714.380 ERROR    lxc_cgfs -
> cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed
> to delete /sys/fs/cgroup/cpuset///
> //      lxc-start 1422302714.380 ERROR    lxc_start -
> start.c:lxc_spawn:861 - failed creating cgroups//
> //      lxc-start 1422302714.380 ERROR    lxc_start -
> start.c:__lxc_start:1080 - failed to spawn 'test'//
> //      lxc-start 1422302714.380 WARN     lxc_conf -
> conf.c:lxc_delete_autodev:1575 - Failed to locate autodev /dev/.lxc
> and /dev/.lxc/user.//
> //      lxc-start 1422302714.380 ERROR    lxc_start_ui -
> lxc_start.c:main:342 - The container failed to start./

> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list