[lxc-users] Problem starting trusty container on 16.04

Mike Bernson mike at mlb.org
Tue May 31 15:09:21 UTC 2016 


On 05/30/2016 11:51 PM, Fajar A. Nugraha wrote:
> On Tue, May 31, 2016 at 8:31 AM, Mike Bernson <mike at mlb.org <mailto:mike at mlb.org>> wrote:
>
>     I have create a 16.04 container on 16.04 as unprivileged container and it works.
>
>     I then tried to create 14.04 container on 16.04 as unprivileged container and it does not get
>     to the login prompt.
>
>     If create 14.04 container privileged and start it that works.
>
>
>     I have done everything as root.
>
>
>     root at mike-desktop:/var/lib/lxc/lxc-1404# cat /etc/subuid
>     mike:100000:65536
>     root:2000000:2000001
>     root at mike-desktop:/var/lib/lxc/lxc-1404# cat /etc/subgid
>     mike:100000:65536
>     root:2000000:2000001
>
>
>      lxc-create -n lxc-1404 -t download -- -d ubuntu -r trusty -a amd64
>      lxc-start -n lxc-1404
>      lxc-attach -n lxc-1404
>
>
> Do you do this as root too?
yes
> Since you say "unprivileged", either:
> - you run it as user (not root), or
I did everything as root.
> - you customize it (e.g. shift uids manually)
I add lxc.id_map into the /etc/lxc/defaut.conf before making the container
and it create rootfs shifted.
>
>     config file:
>
>     # Container specific configuration
>     lxc.id_map = u 0 3100000 65536
>     lxc.id_map = g 0 3100000 65536
>
>
> That is different from the lines in your /etc/sub[ug]id
>
> It CAN work (since you have such large uid range allocated to root), but you need to make sure your rootfs use the same uids.
>
>     root at lxc-1404:/# ps -ax
>       PID TTY      STAT   TIME COMMAND
>         1 ?        Ss     0:00 /sbin/init
>        38 ?        S      0:00 @sbin/plymouthd --mode=boot --attach-to-session
>        45 ?        Ss     0:00 plymouth-upstart-bridge
>        49 ?        S      0:00 mountall --daemon
>       628 ?        S      0:00 upstart-socket-bridge --daemon
>      1493 pts/6    Ss     0:00 /bin/bash
>      1504 pts/6    R+     0:00 ps -ax
>
>
>
> IIRC similar thing occured to me a while ago. Wrong uids in rootfs. Try
> - ls -la /var/lib/lxc/lxc-1404/rootfs (on the host)
root at mike-desktop:/var/lib/lxc/lxc-1404#  ls -la /var/lib/lxc/lxc-1404/rootfs
total 155
drwxr-xr-x 21 3100000 3100000  21 May 29 23:55 .
drwxrwx---  3 3100000 3100000   4 May 30 21:14 ..
drwxr-xr-x  2 3100000 3100000 120 May 29 23:56 bin
drwxr-xr-x  2 3100000 3100000   2 Apr 10  2014 boot
drwxr-xr-x  3 3100000 3100000  10 May 29 23:54 dev
drwxr-xr-x 63 3100000 3100000 128 May 31 10:53 etc
drwxr-xr-x  3 3100000 3100000   3 May 29 23:56 home
drwxr-xr-x 12 3100000 3100000  13 May 29 23:56 lib
drwxr-xr-x  2 3100000 3100000   3 May 29 23:55 lib64
drwxr-xr-x  2 3100000 3100000   2 May 29 23:54 media
drwxr-xr-x  2 3100000 3100000   2 Apr 10  2014 mnt
drwxr-xr-x  2 3100000 3100000   2 May 29 23:54 opt
drwxr-xr-x  2 3100000 3100000   2 Apr 10  2014 proc
drwx------  2 3100000 3100000   5 May 30 21:20 root
drwxr-xr-x  8 3100000 3100000  11 May 30 21:15 run
drwxr-xr-x  2 3100000 3100000 127 May 29 23:56 sbin
drwxr-xr-x  2 3100000 3100000   2 May 29 23:54 srv
drwxr-xr-x  2 3100000 3100000   2 Mar 12  2014 sys
drwxrwxrwt  2 3100000 3100000   2 May 29 23:56 tmp
drwxr-xr-x 10 3100000 3100000  10 May 29 23:54 usr
drwxr-xr-x 11 3100000 3100000  13 May 29 23:54 var

> - ls -la / (inside the container)
root at lxc-1404:/# ls -la /
total 137
drwxr-xr-x   21 root   root     21 May 30 03:55 .
drwxr-xr-x   21 root   root     21 May 30 03:55 ..
drwxr-xr-x    2 root   root    120 May 30 03:56 bin
drwxr-xr-x    2 root   root      2 Apr 10  2014 boot
drwxr-xr-x    6 root   root    500 May 31 14:57 dev
drwxr-xr-x   63 root   root    128 May 31 14:57 etc
drwxr-xr-x    3 root   root      3 May 30 03:56 home
drwxr-xr-x   12 root   root     13 May 30 03:56 lib
drwxr-xr-x    2 root   root      3 May 30 03:55 lib64
drwxr-xr-x    2 root   root      2 May 30 03:54 media
drwxr-xr-x    2 root   root      2 Apr 10  2014 mnt
drwxr-xr-x    2 root   root      2 May 30 03:54 opt
dr-xr-xr-x 1038 nobody nogroup   0 May 31 14:57 proc
drwx------    2 root   root      5 May 31 01:20 root
drwxr-xr-x    8 root   root    240 May 31 14:57 run
drwxr-xr-x    2 root   root    127 May 30 03:56 sbin
drwxr-xr-x    2 root   root      2 May 30 03:54 srv
dr-xr-xr-x   13 nobody nogroup   0 May 30 01:33 sys
drwxrwxrwt    2 root   root      2 May 30 03:56 tmp
drwxr-xr-x   10 root   root     10 May 30 03:54 usr
drwxr-xr-x   11 root   root     13 May 30 03:54 var

>
> If you need to shift uids manually, use fuidshift from lxd-tools package
>
> -- 
> Fajar
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160531/5adc5a8f/attachment.html>

More information about the lxc-users mailing list