[lxc-users] lxc-start of unprivileged container errors out with sysfs mount

Ranjib Dey dey.ranjib at gmail.com
Tue Sep 8 22:41:44 UTC 2015 

what kernel version you are using? 3.16 has a bug that gives this error,
you have to install 3.19 (vivid lts?) or rollback to a older kernel

On Tue, Sep 1, 2015 at 4:38 PM, Lucian Cherish <lxc1 at gmx.us> wrote:

> I started experimenting with lxc on Ubuntu 14.04 early August, and I was
> fairly successful in getting lxc installed, started, cloned and all that.
>
> However, today, I found out that I was not able to start any of my
> unprivildged containers anymore.  The strange thing is that /proc mounts
> fine, but /sys is not fine.  They look identical on my host system:
>
> /dev/mapper/pe110--vg-root on / type ext4 (rw,errors=remount-ro)
> proc on /proc type proc (rw,noexec,nosuid,nodev)
> sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
> none on /sys/fs/cgroup type tmpfs (rw)
> none on /sys/fs/fuse/connections type fusectl (rw)
> none on /sys/kernel/debug type debugfs (rw)
> none on /sys/kernel/security type securityfs (rw)
> none on /sys/firmware/efi/efivars type efivarfs (rw)
> udev on /dev type devtmpfs (rw,mode=0755)
> devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
> tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
> none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)
> none on /run/shm type tmpfs (rw,nosuid,nodev)
> none on /run/user type tmpfs
> (rw,noexec,nosuid,nodev,size=104857600,mode=0755)
> none on /sys/fs/pstore type pstore (rw)
> /dev/sda2 on /boot type ext2 (rw)
> /dev/sda1 on /boot/efi type vfat (rw)
> systemd on /sys/fs/cgroup/systemd type cgroup
> (rw,noexec,nosuid,nodev,none,name=systemd)
>
> I decided to build a new one, and it cannot be started either using
> standard command.
>
> Here is the command I used to create the container:
>
> lxc-create -t download -n new1 -- -d ubuntu -r trusty -a amd64
>
> And I tried to start it with the following command:
>
> lxc-start -n new1 --logfile new1log --logpriority DEBUG
>
> and here is the output of new1log:
>
>       lxc-start 1441147653.986 INFO     lxc_start_ui -
> lxc_start.c:main:265 - using rcfile /home/user/.local/share/lxc/new1/config
>       lxc-start 1441147653.987 INFO     lxc_confile -
> confile.c:config_idmap:1325 - read uid map: type u nsid 0 hostid 100000
> range 1000000
>       lxc-start 1441147653.987 INFO     lxc_confile -
> confile.c:config_idmap:1325 - read uid map: type g nsid 0 hostid 100000
> range 1000000
>       lxc-start 1441147653.987 WARN     lxc_log - log.c:lxc_log_init:316 -
> lxc_log_init called with log already initialized
>       lxc-start 1441147653.988 WARN     lxc_cgmanager -
> cgmanager.c:cgm_get:954 - do_cgm_get exited with error
>       lxc-start 1441147653.988 INFO     lxc_lsm - lsm/lsm.c:lsm_init:48 -
> LSM security driver AppArmor
>       lxc-start 1441147653.989 DEBUG    lxc_conf -
> conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/2' (5/6)
>       lxc-start 1441147653.989 DEBUG    lxc_conf -
> conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/3' (7/8)
>       lxc-start 1441147653.989 DEBUG    lxc_conf -
> conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/5' (9/10)
>       lxc-start 1441147653.989 DEBUG    lxc_conf -
> conf.c:lxc_create_tty:3665 - allocated pty '/dev/pts/6' (11/12)
>       lxc-start 1441147653.989 INFO     lxc_conf -
> conf.c:lxc_create_tty:3676 - tty's configured
>       lxc-start 1441147653.989 DEBUG    lxc_start -
> start.c:setup_signal_fd:247 - sigchild handler set
>       lxc-start 1441147653.989 DEBUG    lxc_console -
> console.c:lxc_console_peer_default:500 - opening /dev/tty for console peer
>       lxc-start 1441147653.989 DEBUG    lxc_console -
> console.c:lxc_console_peer_default:506 - using '/dev/tty' as console
>       lxc-start 1441147653.989 DEBUG    lxc_console -
> console.c:lxc_console_sigwinch_init:179 - 5239 got SIGWINCH fd 17
>       lxc-start 1441147653.989 DEBUG    lxc_console -
> console.c:lxc_console_winsz:88 - set winsz dstfd:14 cols:182 rows:55
>       lxc-start 1441147654.163 INFO     lxc_start - start.c:lxc_init:443 -
> 'new1' is initialized
>       lxc-start 1441147654.163 DEBUG    lxc_start -
> start.c:__lxc_start:1058 - Not dropping cap_sys_boot or watching utmp
>       lxc-start 1441147654.163 INFO     lxc_start - start.c:lxc_spawn:802
> - Cloning a new user namespace
>       lxc-start 1441147654.163 INFO     lxc_cgroup -
> cgroup.c:cgroup_init:62 - cgroup driver cgmanager initing for new1
>       lxc-start 1441147662.268 NOTICE   lxc_start - start.c:do_start:656 -
> switching to gid/uid 0 in new user namespace
>       lxc-start 1441147662.270 DEBUG    lxc_conf -
> conf.c:setup_rootfs:1611 - mounted
> '/home/user/.local/share/lxc/new1/rootfs' on '/usr/lib/x86_64-linux-gnu/lxc'
>       lxc-start 1441147662.270 INFO     lxc_conf -
> conf.c:setup_utsname:900 - 'new1' hostname has been setup
>       lxc-start 1441147662.270 DEBUG    lxc_conf -
> conf.c:setup_netdev:2784 - 'eth0' has been setup
>       lxc-start 1441147662.270 INFO     lxc_conf -
> conf.c:setup_network:2805 - network has been setup
>       lxc-start 1441147662.270 DEBUG    lxc_conf -
> conf.c:check_autodev:3906 - Set exec command to /sbin/init
>       lxc-start 1441147662.270 INFO     lxc_conf -
> conf.c:check_autodev:3944 - Autodev not required.
>       lxc-start 1441147662.270 DEBUG    lxc_conf - conf.c:mount_entry:2106
> - mounted 'proc' on '/usr/lib/x86_64-linux-gnu/lxc/proc', type 'proc'
>       lxc-start 1441147662.271 ERROR    lxc_conf - conf.c:mount_entry:2049
> - Operation not permitted - failed to mount 'sysfs' on
> '/usr/lib/x86_64-linux-gnu/lxc/sys'
>       lxc-start 1441147662.271 ERROR    lxc_conf - conf.c:lxc_setup:4163 -
> failed to setup the mount entries for 'new1'
>       lxc-start 1441147662.271 ERROR    lxc_start - start.c:do_start:688 -
> failed to setup the container
>       lxc-start 1441147662.271 ERROR    lxc_sync - sync.c:__sync_wait:51 -
> invalid sequence number 1. expected 2
>       lxc-start 1441147662.302 ERROR    lxc_start -
> start.c:__lxc_start:1080 - failed to spawn 'new1'
>       lxc-start 1441147662.309 ERROR    lxc_start_ui -
> lxc_start.c:main:342 - The container failed to start.
>       lxc-start 1441147662.309 ERROR    lxc_start_ui -
> lxc_start.c:main:346 - Additional information can be obtained by setting
> the --logfile and --logpriority options.
>
> Any ideas?
>
> LC
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150908/f35be03d/attachment-0001.html>

More information about the lxc-users mailing list