[lxc-users] unprivileged LXC and lxc-attach...
Serge E. Hallyn
serge at hallyn.com
Fri Jul 21 11:31:32 UTC 2017
Quoting Dirk Geschke (dirk at lug-erding.de):
> Hi Serge,
>
> > No, I'm afraid you're being misled. You simply can't strace lxc-attach.
>
> ah, ok...
>
> > Better to do
> >
> > lxc-attach -l trace -o debugout -n containername
> >
> > and look at (or mail here) the contents of the file debugout.
>
> Now I get two error messages:
>
> lxc_cgfs - cgroups/cgfs.c:lxc_cgroupfs_attach:2538 - could not move attached process 22869 to cgroup of container
> lxc_attach - attach.c:lxc_attach:992 - Expected to receive sequence number 0: No such file or directory.
Ok, if you look at the source, that message is a bit misleading - lxc
never got around to trying to move the task into the cgroup, it failed
to load a suitable set of cgroups data in the first place.
You really should be using cfsng, not cgfs. Can you show your
cgroup layout? (cat /proc/self/cgroup and mount | grep cgroup)
It might help if you set the lxc.cgroup.use in your personal
lxc.system.conf (~/.config/lxc/lxc.conf) to only include the cgroups
your container needs - just freezer is the bare minimum. That might
get your container running without switching to cgfsng.
-serge
More information about the lxc-users
mailing list