[lxc-users] race condition causing lxc-user-nic failures?

Forest forestcode at ixio.org
Thu Jun 13 22:43:20 UTC 2019

I have a script that launches a bunch of children in their own namespaces,
and uses lxc-user-nic to attach a veth in each one to lxcbr0.

lxc-user-nic sometimes fails with the following output:

cmd/lxc_user_nic.c: 937: lxc_secure_rename_in_ns: Error -1 renaming netdev
vethP73QDAp to eth%d in container
cmd/lxc_user_nic.c: 1304: main: Failed to rename the link

When I sleep for 0.1 seconds before running lxc-user-nic against each
newly-created background process, the failures go away. Looks like a race
condition of some kind.

Can someone help me understand what is causing the failure, and whether it
is a bug or can be avoided with something more reliable than a sleep?

Unfortunately, the "Error -1" text is not helpful, due to inconsistent error
handling in lxc's network.c. The -1 value might represent EPERM, or might
indicate a netlink_transaction() failure for some reason other than EPERM,
since errno never gets captured/reported in that case.

$ lsb_release -sd
Ubuntu 18.04.2 LTS
$ uname -mr
4.15.0-51-generic x86_64
$ dpkg-query --show lxc1
lxc1	3.0.3-0ubuntu1~18.04.1

This script often reproduces the error (on my system) when run with an
argument of "20" (meaning launch 20 children).  It requires the appropriate
entry in /etc/lxc/lxc-usernet, of course.

LXCUSERNIC=/usr/lib/$(uname -p)-linux-gnu/lxc/lxc-user-nic
count="${1:-1}"  # argv[1] indicates child count (default 1)
while [ "$count" -gt 0 ]; do
  unshare --map-root-user --net sh -c "sleep 1" &
  #sleep .1  # Uncomment to avoid lxc-user-nic failure
  "$LXCUSERNIC" create _ _ "$!" veth lxcbr0
  count=$((count - 1))

More information about the lxc-users mailing list