Hi,
I’m stuck with Ubuntu 14.04 for now and would like to be able to run
unprivileged containers that are systemd-based. I’ve found lots of examples of
problems that are close, but nothing exactly matches. I got the lxc packages
from trusty-backports.
Versions:
ben@ben-sc:~$ lxc-ls --version
2.0.7
ben@ben-sc:~$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.1 LTS"
To keep it simple, I created an unprivileged container of ‘trusty’ using the
download method:
ben@ben-sc:~$ lxc-create -n cd-build -t download
When I try to start the container, it won’t work:
ben@ben-sc:~$ lxc-start -n cd-build -d --logfile cd-build.log
lxc-start: tools/lxc_start.c: main: 366 The container failed to start.
lxc-start: tools/lxc_start.c: main: 368 To get more details, run the container
in foreground mode.
lxc-start: tools/lxc_start.c: main: 370 Additional information can be obtained
by setting the --logfile and --logpriority options.
Logfile contents:
lxc-start 20170503225525.382 ERROR lxc_cgfsng -
cgroups/cgfsng.c:do_secondstage_mounts_if_needed:1557 - Operation not permitted
- Error remounting /usr/lib/x86_64-linux-gnu/lxc/sys/fs/cgroup/cpu read-only
lxc-start 20170503225525.382 ERROR lxc_conf -
conf.c:lxc_mount_auto_mounts:839 - Operation not permitted - error mounting
/sys/fs/cgroup
lxc-start 20170503225525.382 ERROR lxc_conf - conf.c:lxc_setup:3885 -
failed to setup the automatic mounts for 'cd-build'
lxc-start 20170503225525.382 ERROR lxc_start - start.c:do_start:811 -
Failed to setup container "cd-build".
lxc-start 20170503225525.382 ERROR lxc_sync - sync.c:__sync_wait:57 -
An error occurred in another process (expected sequence number 3)
lxc-start 20170503225525.382 ERROR lxc_start -
start.c:__lxc_start:1346 - Failed to spawn container "cd-build".
lxc-start 20170503225530.922 ERROR lxc_start_ui -
tools/lxc_start.c:main:366 - The container failed to start.
lxc-start 20170503225530.923 ERROR lxc_start_ui -
tools/lxc_start.c:main:368 - To get more details, run the container in
foreground mode.
lxc-start 20170503225530.923 ERROR lxc_start_ui -
tools/lxc_start.c:main:370 - Additional information can be obtained by setting
the --logfile and --logpriority options.
Also:
————————————
ben@ben-sc:~$ cat /proc/self/cgroup
12:name=dsystemd:/
11:name=systemd:/user/1001.user/c2.session
10:hugetlb:/user/1001.user/c2.session
9:perf_event:/user/1001.user/c2.session
8:blkio:/user/1001.user/c2.session
7:freezer:/user/1001.user/c2.session
6:devices:/user/1001.user/c2.session
5:memory:/user/1001.user/c2.session
4:cpuacct:/user/1001.user/c2.session
3:cpu:/user/1001.user/c2.session
2:cpuset:/
ben@ben-sc:~$ lxc-checkconfig
Kernel configuration not found at /proc/config.gz; searching...
Kernel configuration found at /boot/config-3.13.0-40-generic
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
Multiple /dev/pts instances: enabled
--- Control groups ---
Cgroup: enabled
Cgroup clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
Bridges: enabled
Advanced netfilter: enabled
CONFIG_NF_NAT_IPV4: enabled
CONFIG_NF_NAT_IPV6: enabled
CONFIG_IP_NF_TARGET_MASQUERADE: enabled
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled
FUSE (for use with lxcfs): enabled
--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabled
Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig
————————————
Hopefully I just missed something obvious.
thanks,
—Ben
_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users
