Let me reiterate what I mentioned in the MM channel. The snap in
question apparently uses device access in which case we'll set up device
filtering. The host being impish, uses cgroup v2, which percolates to
the container. Since it's v2, device filtering is implemented by
attaching a BPF program on the cgorup, hence we need to have a separate
group otherwise we'd break your session. Snap will ask your systemd
--user to create a transient scope for the app, but looking at the logs
this fails with:
Mar 17 16:13:22 b2 systemd[2487]:
snap.snapcraft.snapcraft.237e42c2-4906-439b-a992-743647600bc6.scope: Failed to
add PIDs to scope's control
Mar 17 16:13:22 b2 systemd[2487]:
snap.snapcraft.snapcraft.237e42c2-4906-439b-a992-743647600bc6.scope: Failed
with result 'resources'.
Mar 17 16:13:22 b2 systemd[2487]: Failed to start
snap.snapcraft.snapcraft.237e42c2-4906-439b-a992-743647600bc6.scope.
At this point running snap will fail and the sandbox cannot be
completed.
I think the main problem is why create transient scope fails the way it
did, and whether systemd from bionic even works properly on a host with
unified hierarchy.
** Also affects: systemd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1965328
Title:
transient scope could not be started error in bionic lxd container
Status in Snappy:
New
Status in systemd package in Ubuntu:
New
Bug description:
On my impish development host machine I tend to use lxd containers to
support snap building and other tasks targeting different releases.
Today I came to use a bionic container as per usual and found that I
could not invoke any snap applications. I installed hello-world as the
most simple test of running a snap app:
```
ubuntu@b:~$ hello-world
internal error, please report: running "hello-world" failed: transient scope
could not be started, job /org/freedesktop/systemd1/job/44 finished with result
failed
```
I made sure the container had up to date packages in it (apt & snaps)
and rebooted it. But the problem persisted. I then created a second
container and installed hello-world in it and again the problem was
reproducible. At the time of producing the following attachments I had
not attempted to reboot the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/snappy/+bug/1965328/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
