[lxc-users] Out of kernel resources

Fajar A. Nugraha list at fajar.net
Fri Jul 3 04:39:37 UTC 2015


(1) does this work on normal, non-lxc F22?
If NO, then you should try fedora/vncserver grup/list first

(2) What happens when you run as that user manually? e.g.
- ssh falves at localhost (I find that su/sudo sometimes does weird
things when it comes to limits, so login with ssh to be safe)
- run whatever command that start vncserver

(3) Have you set up special limits for that user on /etc/security/limits.conf?
open files limit for normal user is usually 1024. However it's
possible to use larger than that if root sets it to something greater,
and run su/sudo. If that limit is reached, "normal" user usession (the
ones not created by root su/sudo) would still be stuck at the old,
smaller limit.

The easiest way to check is to login as that user from ssh, and then
run "ulimit -a". You didn't say where you run your ulimit commands
from, so the results might be different.

(4) Have you tried other remote GUI solutions?
I use x2go with lxde-qt on my ubuntu trusty containers, works fine

-- 
Fajar


On Fri, Jul 3, 2015 at 10:42 AM, Federico Alves <venefax at gmail.com> wrote:
> I have Fedora 22 Workstation and many Fedora 22  containers with GUI
> (vncserver).
>
> After I start a few, after 35 containers, vncserver refuses to start in a
> new container, under a regular user (falves)
> This is the error:
> Jul 02 23:14:13 voice38 runuser[515]: pam_unix(runuser-l:session): session
> opened for user falves by (uid=0)
> Jul 02 23:14:13 voice38 runuser[515]: runuser: failed to execute /bin/bash:
> Resource temporarily unavailable
> Jul 02 23:14:13 voice38 runuser[515]: pam_unix(runuser-l:session): session
> closed for user falves
> Jul 02 23:14:13 voice38 systemd[1]: vncserver@:0.service: control process
> exited, code=exited status=126
> Jul 02 23:14:13 voice38 systemd[1]: Failed to start Remote desktop service
> (VNC).
> -- Subject: Unit vncserver@:0.service has failed
>
> for that user (falves)
> ulimit -a
> core file size          (blocks, -c) 0
> data seg size           (kbytes, -d) unlimited
> scheduling priority             (-e) 0
> file size               (blocks, -f) unlimited
> pending signals                 (-i) 1048576
> max locked memory       (kbytes, -l) unlimited
> max memory size         (kbytes, -m) unlimited
> open files                      (-n) 1048576
> pipe size            (512 bytes, -p) 8
> POSIX message queues     (bytes, -q) 819200
> real-time priority              (-r) 0
> stack size              (kbytes, -s) 8192
> cpu time               (seconds, -t) unlimited
> max user processes              (-u) 4096
> virtual memory          (kbytes, -v) unlimited
> file locks                      (-x) unlimited
>
>
> At the host and at the container:
>  /sbin/sysctl fs.file-nr
> fs.file-nr = 105472     0       26412773
>
> It seems I am breaking some limit, either at the kernel or per user. I donĀ“t
> want to start vncserver as root, because Chrome does not run as root.
>
> Any idea how to unblock this sutuation?
>
> Yours
>
> Federico
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users


More information about the lxc-users mailing list