[lxc-users] Something changed between 1.1.2 and 1.1.4 for unprivileged containers?

Dirk Geschke dirk at lug-erding.de
Sun Oct 18 14:42:09 UTC 2015 

Hi Fajar,

> > Do you have an idea, what's going wrong?
> 
> 
> Well, for one thing, listing the relevant part of your setup should
> help. That includes what your container config looks like, including
> the "few bind mounts".

ah, yes, I thought it was only minor issue to fix it, so I skipped
this part so far. Indeed, the container config is quite small
and has only two special bind mounts for a tap interface and
kvm in the container (I replaced the container and user name
by geschke):

$ grep -v ^# .local/share/lxc/lxc-geschke/config

lxc.include = /usr/local/share/lxc/config/debian.common.conf
lxc.include = /usr/local/share/lxc/config/debian.userns.conf
lxc.arch = x86_64

lxc.include = /usr/local/share/lxc/config/debian.common.conf
lxc.include = /usr/local/share/lxc/config/debian.userns.conf
lxc.arch = x86_64
lxc.id_map = u 0 624288 65536
lxc.id_map = g 0 624288 65536
lxc.mount.entry = /dev/net/tun dev/net/tun none bind,create=file 0 0
lxc.mount.entry = /dev/kvm dev/kvm none bind,create=file 0 0
lxc.mount.entry = /opt/images opt/images none bind,create=dir 0 0

lxc.rootfs = /home/geschke/.local/share/lxc/lxc-geschke/rootfs
lxc.utsname = lxc-geschke

lxc.network.type = veth
lxc.network.link = lxcbr0
lxc.network.flags = up
lxc.network.hwaddr = 00:16:3e:6c:fc:1a

The container runs without problems with 1.1.2. It is a debian wheezy
version upgraded to jessie without systemd.

The idea was to start it per init-script, which worked with 1.1.2
But actually we are at the point where I log in as the unprivileged
user, start the container with lxc-start and it fails. But if I add
the -F option, it seems to work without major problems:

$ lxc-start --version     
1.1.4

$ lxc-start -n lxc-geschke -l DEBUG -o /tmp/lxc.1.1.4.out-d
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 346 To get more details, run the container in foreground mode.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.

$ lxc-start -n lxc-geschke -F -l DEBUG -o /tmp/lxc.1.1.4.out-F
lxc-start: utils.c: open_without_symlink: 1575 No such file or directory - Error examining fuse in /usr/local/lib/lxc/rootfs/sys/fs/fuse/connections 
lxc-start: utils.c: open_without_symlink: 1575 No such file or directory - Error examining fuse in /usr/local/lib/lxc/rootfs/sys/fs/fuse/connections
INIT: version 2.88 booting
Using makefile-style concurrent boot in runlevel S.
Activating lvm and md swap...done.
Checking file systems...fsck from util-linux 2.25.2
done.
Cleaning up temporary files... /tmp /run /run/lock /run/shm.
mount: permission denied
Mounting local filesystems...done.
Activating swapfile swap...done.
Cleaning up temporary files....
Setting kernel variables ...done.
Configuring network interfaces...done.
Cleaning up temporary files....
Setting up X socket directories... /tmp/.X11-unix /tmp/.ICE-unix.
INIT: Entering runlevel: 3
Using makefile-style concurrent boot in runlevel 3.
Starting enhanced syslogd: rsyslogd.
Starting periodic command scheduler: cron.
Starting system message bus: dbus.
Starting OpenBSD Secure Shell server: sshd.
Starting MTA: exim4.

Debian GNU/Linux 8 lxc-geschke console

lxc-geschke login: 


If I look at the log files, I see this difference:

lxc-start 1445177681.195 ERROR    lxc_utils - utils.c:open_without_symlink:1575 - No such device or address - Error examining tty in /usr/local/lib/lxc/rootfs/dev/tty
lxc-start 1445177681.195 ERROR    lxc_conf - conf.c:mount_entry:1731 - No such device or address - failed to mount '/dev/tty' on '/usr/local/lib/lxc/rootfs/dev/tty'
lxc-start 1445177681.195 ERROR    lxc_conf - conf.c:lxc_setup:3745 - failed to setup the mount entries for 'lxc-geschke'
lxc-start 1445177681.195 ERROR    lxc_start - start.c:do_start:702 - failed to setup the container

Earlier in the log I see:

lxc-start 1445177681.195 DEBUG    lxc_conf - conf.c:mount_entry:1788 - mounted '/dev/tty' on '/usr/local/lib/lxc/rootfs/dev/tty', type 'none'

So in one case (with -F) this is not a problem and in other case
it results in a failing start of the container. Do I need a /dev/tty
if the container starts in background? Strange...

I did not find the time to install a new container from scratch, in
the moment I have limited access to the server.

The log files are attached, maybe you can see something?

Best regards and thanks for your patience

Dirk
-- 
+----------------------------------------------------------------------+
| Dr. Dirk Geschke       / Plankensteinweg 61    / 85435 Erding        |
| Telefon: 08122-559448  / Mobil: 0176-96906350 / Fax: 08122-9818106   |
| dirk at geschke-online.de / dirk at lug-erding.de  / kontakt at lug-erding.de |
+----------------------------------------------------------------------+

More information about the lxc-users mailing list