Discussion:
Unable to launch a LXC container
(too old to reply)
Muneeb Ahmad
2016-04-08 20:48:41 UTC
Permalink
I'm trying to run LXC containers on ubuntu mate 15.10 on a raspberry pi 2.
The LXD and LXD-client versions are 2.0.0.rc9. Whenever I try to launch a
container, I get this error:

error: Error calling 'lxd forkstart test02 /var/lib/lxd/containers
/var/log/lxd/test02/lxc.conf': err='exit status 1'

Try `lxc info --show-log test02` for more info

Any idea what's wrong? the container log shows few errors:

lxc 20160409012147.844 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160409012147.844 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160409012312.827 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160409012312.828 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160409012313.000 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3

lxc 20160409012313.001 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 9

lxc 20160409012313.019 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to [lxc
monitor] /var/lib/lxd/containers test02

lxc 20160409012313.020 INFO lxc_utils -
utils.c:setproctitle:1460 - setting cmdline failed - Invalid argument

lxc 20160409012313.023 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 9

lxc 20160409012313.025 INFO lxc_lsm - lsm/lsm.c:lsm_init:48
- LSM security driver nop

lxc 20160409012313.026 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .reject_force_umount # comment
this to allow umount -f; not recommended.

lxc 20160409012313.027 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for reject_force_umount
action 0

lxc 20160409012313.027 INFO lxc_seccomp -
seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force
umounts


lxc 20160409012313.027 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .[all].

lxc 20160409012313.027 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.

lxc 20160409012313.027 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for kexec_load action
327681

lxc 20160409012313.027 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1.

lxc 20160409012313.027 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for open_by_handle_at
action 327681

lxc 20160409012313.028 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.

lxc 20160409012313.028 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for init_module action
327681

lxc 20160409012313.028 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.

lxc 20160409012313.028 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for finit_module action
327681

lxc 20160409012313.028 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.

lxc 20160409012313.028 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for delete_module action
327681

lxc 20160409012313.029 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 11 start' for container 'test02', config section 'lxc'

lxc 20160409012313.029 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3

lxc 20160409012313.030 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 9

lxc 20160409012313.046 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/d78a9d7e97b4b375//var/lib/lxd/containers

lxc 20160409012313.235 DEBUG lxc_start -
start.c:setup_signal_fd:289 - sigchild handler set

lxc 20160409012313.239 DEBUG lxc_console -
console.c:lxc_console_peer_default:473 - no console peer

lxc 20160409012313.239 INFO lxc_start -
start.c:lxc_init:488 - 'test02' is initialized

lxc 20160409012313.240 ERROR lxc_start -
start.c:must_drop_cap_sys_boot:647 - failed to clone (0x30000011): Invalid
argument (includes CLONE_NEWUSER)

lxc 20160409012313.240 DEBUG lxc_start -
start.c:__lxc_start:1297 - Dropping cap_sys_boot

lxc 20160409012313.240 INFO lxc_start -
start.c:resolve_clone_flags:999 - Cloning a new user namespace

lxc 20160409012313.281 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160409012313.282 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160409012313.314 DEBUG lxc_conf -
conf.c:instantiate_veth:2613 - instantiated veth 'vethB5EGMP/veth3U2D90',
index is '8'

lxc 20160409012313.314 INFO lxc_cgroup -
cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for test02

lxc 20160409012313.322 ERROR lxc_namespace -
namespace.c:lxc_clone:67 - failed to clone (0x7c020000): Invalid argument

lxc 20160409012313.323 ERROR lxc_start -
start.c:lxc_spawn:1123 - Invalid argument - failed to fork into a new
namespace

lxc 20160409012313.393 ERROR lxc_start -
start.c:__lxc_start:1329 - failed to spawn 'test02'

lxc 20160409012313.393 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.reboot.hook' for container 'test02', config section
'lxc'

lxc 20160409012313.922 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 11 stop' for container 'test02', config section 'lxc'

lxc 20160409012314.051 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response

lxc 20160409012314.051 ERROR lxc_namespace -
namespace.c:lxc_clone:67 - failed to clone (0x10000000): Invalid argument

lxc 20160409012314.051 ERROR lxc_cgfsng -
cgfsng.c:recursive_destroy:999 - Error destroying
/sys/fs/cgroup/systemd//lxc/test02

lxc 20160409012314.051 ERROR lxc_namespace -
namespace.c:lxc_clone:67 - failed to clone (0x10000000): Invalid argument

lxc 20160409012314.051 ERROR lxc_cgfsng -
cgfsng.c:recursive_destroy:999 - Error destroying
/sys/fs/cgroup/devices//lxc/test02

lxc 20160409012314.051 ERROR lxc_namespace -
namespace.c:lxc_clone:67 - failed to clone (0x10000000): Invalid argument

lxc 20160409012314.052 ERROR lxc_cgfsng -
cgfsng.c:recursive_destroy:999 - Error destroying
/sys/fs/cgroup/net_cls//lxc/test02

lxc 20160409012314.052 ERROR lxc_namespace -
namespace.c:lxc_clone:67 - failed to clone (0x10000000): Invalid argument

lxc 20160409012314.052 ERROR lxc_cgfsng -
cgfsng.c:recursive_destroy:999 - Error destroying
/sys/fs/cgroup/cpuset//lxc/test02

lxc 20160409012314.052 ERROR lxc_namespace -
namespace.c:lxc_clone:67 - failed to clone (0x10000000): Invalid argument

lxc 20160409012314.052 ERROR lxc_cgfsng -
cgfsng.c:recursive_destroy:999 - Error destroying
/sys/fs/cgroup/cpu//lxc/test02

lxc 20160409012314.052 ERROR lxc_namespace -
namespace.c:lxc_clone:67 - failed to clone (0x10000000): Invalid argument

lxc 20160409012314.052 ERROR lxc_cgfsng -
cgfsng.c:recursive_destroy:999 - Error destroying
/sys/fs/cgroup/blkio//lxc/test02

lxc 20160409012314.053 ERROR lxc_namespace -
namespace.c:lxc_clone:67 - failed to clone (0x10000000): Invalid argument

lxc 20160409012314.053 ERROR lxc_cgfsng -
cgfsng.c:recursive_destroy:999 - Error destroying
/sys/fs/cgroup/freezer//lxc/test02

lxc 20160409012314.055 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response

lxc 20160409012314.086 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160409012314.086 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160409012526.154 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160409012526.154 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160409012526.200 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160409012526.200 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536
Serge Hallyn
2016-04-08 21:41:38 UTC
Permalink
Your kernel doesn't support user namespaces.
Muneeb Ahmad
2016-04-08 21:42:45 UTC
Permalink
Thanks for the answer. Is there a work around for this? Or should I just go
for some other OS?

On Sat, Apr 09, 2016 at 2:41 AM, Serge Hallyn < ***@ubuntu.com
[***@ubuntu.com] > wrote:
Your kernel doesn't support user namespaces.
Serge Hallyn
2016-04-08 21:51:29 UTC
Permalink
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or should I
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom kernel
in mint.

Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.

-serge
Muneeb Ahmad
2016-04-08 22:34:16 UTC
Permalink
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm interested in
running lxc containers and openstack(nova only)?

Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or should I
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom kernel
in mint.

Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.

-serge
Serge Hallyn
2016-04-09 04:00:16 UTC
Permalink
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the userns_allow_unpriv
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova only)?
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or should I
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom kernel
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Muneeb Ahmad
2016-04-09 07:50:14 UTC
Permalink
I'm using Raspberry pi 2 actually. And I'll take a look at debian and see
if their kernel have the userns_allow_unpriv option.
Post by Serge Hallyn
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the userns_allow_unpriv
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova only)?
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or should I
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom kernel
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Serge Hallyn
2016-04-09 16:25:48 UTC
Permalink
Ok, fwiw rpi2 should work with Ubuntu as well iiuc.
Post by Muneeb Ahmad
I'm using Raspberry pi 2 actually. And I'll take a look at debian and see
if their kernel have the userns_allow_unpriv option.
Post by Serge Hallyn
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the userns_allow_unpriv
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova only)?
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or should I
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom kernel
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Muneeb Ahmad
2016-04-10 21:56:00 UTC
Permalink
I updated the kernel for user namespaces and everything is enabled when I
run "lxc-checkconfig". But I encountered the same error when I tried to run
a container. Container log shows different errors now:

Name: ubuntu-test

Architecture: armv7l

Created: 2016/04/10 21:41 UTC

Status: Stopped

Type: persistent

Profiles: default


Log:


lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536

lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536

lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536

lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536

lxc 20160410214401.815 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3

lxc 20160410214401.816 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8

lxc 20160410214401.833 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to [lxc
monitor] /var/lib/lxd/containers ubuntu-test

lxc 20160410214401.836 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8

lxc 20160410214401.837 INFO lxc_lsm - lsm/lsm.c:lsm_init:48
- LSM security driver nop

lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .reject_force_umount # comment
this to allow umount -f; not recommended.

lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for reject_force_umount
action 0

lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force
umounts


lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .[all].

lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.

lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for kexec_load action
327681

lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1.

lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for open_by_handle_at
action 327681

lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.

lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for init_module action
327681

lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.

lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for finit_module action
327681

lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.

lxc 20160410214401.842 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for delete_module action
327681

lxc 20160410214401.841 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3

lxc 20160410214401.842 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 start' for container 'ubuntu-test', config section 'lxc'

lxc 20160410214401.842 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8

lxc 20160410214401.858 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/d78a9d7e97b4b375//var/lib/lxd/containers

lxc 20160410214402.096 DEBUG lxc_start -
start.c:setup_signal_fd:289 - sigchild handler set

lxc 20160410214402.099 DEBUG lxc_console -
console.c:lxc_console_peer_default:473 - no console peer

lxc 20160410214402.099 INFO lxc_start -
start.c:lxc_init:488 - 'ubuntu-test' is initialized

lxc 20160410214402.102 DEBUG lxc_start -
start.c:__lxc_start:1302 - Not dropping cap_sys_boot or watching utmp

lxc 20160410214402.102 INFO lxc_start -
start.c:resolve_clone_flags:999 - Cloning a new user namespace

lxc 20160410214402.112 DEBUG lxc_conf -
conf.c:instantiate_veth:2613 - instantiated veth 'vethAMHI20/vethM7FMG6',
index is '7'

lxc 20160410214402.113 INFO lxc_cgroup -
cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for ubuntu-test

lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536

lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536

lxc 20160410214402.206 DEBUG lxc_conf -
conf.c:lxc_assign_network:3047 - move 'eth0' to '1465'

lxc 20160410214402.241 NOTICE lxc_start -
start.c:do_start:763 - switching to gid/uid 0/0 in new user namespace

lxc 20160410214402.243 DEBUG lxc_conf -
conf.c:setup_rootfs:1215 - mounted
'/var/lib/lxd/containers/ubuntu-test/rootfs' on
'/usr/lib/arm-linux-gnueabihf/lxc'

lxc 20160410214402.243 INFO lxc_conf -
conf.c:setup_utsname:843 - 'ubuntu-test' hostname has been setup

lxc 20160410214402.276 DEBUG lxc_conf -
conf.c:setup_hw_addr:2144 - mac address '00:16:3e:f1:c3:05' on 'eth0' has
been setup

lxc 20160410214402.277 DEBUG lxc_conf -
conf.c:setup_netdev:2371 - 'eth0' has been setup

lxc 20160410214402.277 INFO lxc_conf -
conf.c:setup_network:2392 - network has been setup

lxc 20160410214402.277 INFO lxc_conf -
conf.c:mount_autodev:1072 - Mounting container /dev

lxc 20160410214402.278 INFO lxc_conf -
conf.c:mount_autodev:1095 - Mounted tmpfs onto
/usr/lib/arm-linux-gnueabihf/lxc/dev

lxc 20160410214402.279 INFO lxc_conf -
conf.c:mount_autodev:1113 - Mounted container /dev

lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /proc/sys/fs/binfmt_misc on
/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc to respect bind or
remount options

lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /proc/sys/fs/binfmt_misc
was 4096, required extra flags are 0

lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount

lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/proc/sys/fs/binfmt_misc' on
'/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc', type 'none'

lxc 20160410214402.281 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'

lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/efivars'

lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/fs/fuse/connections on
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections to respect bind or
remount options

lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/fs/fuse/connections
was 4096, required extra flags are 0

lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount

lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/fs/fuse/connections' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections', type 'none'

lxc 20160410214402.281 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'

lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'

lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/kernel/debug on
/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug to respect bind or
remount options

lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/kernel/debug was
4096, required extra flags are 0

lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount

lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/kernel/debug' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug', type 'none'

lxc 20160410214402.282 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'

lxc 20160410214402.282 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'

lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /dev/mqueue on
/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue to respect bind or remount
options

lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /dev/mqueue was 4096,
required extra flags are 0

lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount

lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/dev/mqueue' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue', type 'none'

lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/devlxd on
/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd to respect bind or remount options

lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /var/lib/lxd/devlxd was
1024, required extra flags are 0

lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount

lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/devlxd' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd', type 'none'

lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/shmounts/ubuntu-test on
/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts to respect bind or remount
options

lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/var/lib/lxd/shmounts/ubuntu-test was 1024, required extra flags are 0

lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount

lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/shmounts/ubuntu-test' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts', type 'none'

lxc 20160410214402.284 INFO lxc_conf -
conf.c:mount_file_entries:1926 - mount points have been setup

lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd read-only

lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/systemd//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test

lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test

lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer read-only

lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/freezer//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test

lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test

lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio read-only

lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/blkio//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test

lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test

lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu read-only

lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpu//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test

lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test

lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls read-only

lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/net_cls//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test

lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test

lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices read-only

lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/devices//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test

lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test

lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset read-only

lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpuset//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test

lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test

lxc 20160410214402.289 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.mount.hook' for container 'ubuntu-test', config
section 'lxc'

lxc 20160410214402.495 ERROR lxc_conf -
conf.c:run_buffer:347 - Script exited with status 1

lxc 20160410214402.495 ERROR lxc_conf -
conf.c:lxc_setup:3751 - failed to run mount hooks for container
'ubuntu-test'.

lxc 20160410214402.495 ERROR lxc_start -
start.c:do_start:819 - failed to setup the container

lxc 20160410214402.495 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process (expected
sequence number 2)

lxc 20160410214402.495 WARN lxc_conf -
conf.c:lxc_delete_network:2908 - failed to remove interface 7 'eth0'

lxc 20160410214402.497 ERROR lxc_start -
start.c:__lxc_start:1329 - failed to spawn 'ubuntu-test'

lxc 20160410214402.606 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 stop' for container 'ubuntu-test', config section 'lxc'

lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response

lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response

lxc 20160410214402.831 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536

lxc 20160410214402.832 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536

lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536

lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536

lxc 20160410214513.362 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536

lxc 20160410214513.363 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536

lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536

lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536

lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536

lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536


Please someone help me out.
regards
Post by Serge Hallyn
Ok, fwiw rpi2 should work with Ubuntu as well iiuc.
Post by Muneeb Ahmad
I'm using Raspberry pi 2 actually. And I'll take a look at debian and see
if their kernel have the userns_allow_unpriv option.
Post by Serge Hallyn
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the userns_allow_unpriv
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova only)?
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or should I
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom kernel
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Serge Hallyn
2016-04-15 19:33:23 UTC
Permalink
/usr/share/lxcfs/lxc.mount.hook failed. Can you please who us its
contents? What are your versions of lxc and lxcfs?
Post by Muneeb Ahmad
I updated the kernel for user namespaces and everything is enabled when I
run "lxc-checkconfig". But I encountered the same error when I tried to run
Name: ubuntu-test
Architecture: armv7l
Created: 2016/04/10 21:41 UTC
Status: Stopped
Type: persistent
Profiles: default
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214401.815 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.816 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.833 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to [lxc
monitor] /var/lib/lxd/containers ubuntu-test
lxc 20160410214401.836 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.837 INFO lxc_lsm - lsm/lsm.c:lsm_init:48
- LSM security driver nop
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .reject_force_umount # comment
this to allow umount -f; not recommended.
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for reject_force_umount
action 0
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force
umounts
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .[all].
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for kexec_load action
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for open_by_handle_at
action 327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for init_module action
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for finit_module action
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.
lxc 20160410214401.842 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for delete_module action
327681
lxc 20160410214401.841 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.842 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 start' for container 'ubuntu-test', config section 'lxc'
lxc 20160410214401.842 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.858 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/d78a9d7e97b4b375//var/lib/lxd/containers
lxc 20160410214402.096 DEBUG lxc_start -
start.c:setup_signal_fd:289 - sigchild handler set
lxc 20160410214402.099 DEBUG lxc_console -
console.c:lxc_console_peer_default:473 - no console peer
lxc 20160410214402.099 INFO lxc_start -
start.c:lxc_init:488 - 'ubuntu-test' is initialized
lxc 20160410214402.102 DEBUG lxc_start -
start.c:__lxc_start:1302 - Not dropping cap_sys_boot or watching utmp
lxc 20160410214402.102 INFO lxc_start -
start.c:resolve_clone_flags:999 - Cloning a new user namespace
lxc 20160410214402.112 DEBUG lxc_conf -
conf.c:instantiate_veth:2613 - instantiated veth 'vethAMHI20/vethM7FMG6',
index is '7'
lxc 20160410214402.113 INFO lxc_cgroup -
cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for ubuntu-test
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214402.206 DEBUG lxc_conf -
conf.c:lxc_assign_network:3047 - move 'eth0' to '1465'
lxc 20160410214402.241 NOTICE lxc_start -
start.c:do_start:763 - switching to gid/uid 0/0 in new user namespace
lxc 20160410214402.243 DEBUG lxc_conf -
conf.c:setup_rootfs:1215 - mounted
'/var/lib/lxd/containers/ubuntu-test/rootfs' on
'/usr/lib/arm-linux-gnueabihf/lxc'
lxc 20160410214402.243 INFO lxc_conf -
conf.c:setup_utsname:843 - 'ubuntu-test' hostname has been setup
lxc 20160410214402.276 DEBUG lxc_conf -
conf.c:setup_hw_addr:2144 - mac address '00:16:3e:f1:c3:05' on 'eth0' has
been setup
lxc 20160410214402.277 DEBUG lxc_conf -
conf.c:setup_netdev:2371 - 'eth0' has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:setup_network:2392 - network has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:mount_autodev:1072 - Mounting container /dev
lxc 20160410214402.278 INFO lxc_conf -
conf.c:mount_autodev:1095 - Mounted tmpfs onto
/usr/lib/arm-linux-gnueabihf/lxc/dev
lxc 20160410214402.279 INFO lxc_conf -
conf.c:mount_autodev:1113 - Mounted container /dev
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /proc/sys/fs/binfmt_misc on
/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc to respect bind or
remount options
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /proc/sys/fs/binfmt_misc
was 4096, required extra flags are 0
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/proc/sys/fs/binfmt_misc' on
'/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc', type 'none'
lxc 20160410214402.281 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/efivars'
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/fs/fuse/connections on
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections to respect bind or
remount options
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/fs/fuse/connections
was 4096, required extra flags are 0
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/fs/fuse/connections' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections', type 'none'
lxc 20160410214402.281 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/kernel/debug on
/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug to respect bind or
remount options
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/kernel/debug was
4096, required extra flags are 0
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/kernel/debug' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug', type 'none'
lxc 20160410214402.282 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.282 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /dev/mqueue on
/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue to respect bind or remount
options
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /dev/mqueue was 4096,
required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/dev/mqueue' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue', type 'none'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/devlxd on
/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd to respect bind or remount options
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /var/lib/lxd/devlxd was
1024, required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/devlxd' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd', type 'none'
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/shmounts/ubuntu-test on
/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts to respect bind or remount
options
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/var/lib/lxd/shmounts/ubuntu-test was 1024, required extra flags are 0
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/shmounts/ubuntu-test' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts', type 'none'
lxc 20160410214402.284 INFO lxc_conf -
conf.c:mount_file_entries:1926 - mount points have been setup
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd read-only
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/systemd//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer read-only
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/freezer//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/blkio//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpu//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls read-only
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/net_cls//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/devices//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpuset//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.mount.hook' for container 'ubuntu-test', config
section 'lxc'
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:run_buffer:347 - Script exited with status 1
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:lxc_setup:3751 - failed to run mount hooks for container
'ubuntu-test'.
lxc 20160410214402.495 ERROR lxc_start -
start.c:do_start:819 - failed to setup the container
lxc 20160410214402.495 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process (expected
sequence number 2)
lxc 20160410214402.495 WARN lxc_conf -
conf.c:lxc_delete_network:2908 - failed to remove interface 7 'eth0'
lxc 20160410214402.497 ERROR lxc_start -
start.c:__lxc_start:1329 - failed to spawn 'ubuntu-test'
lxc 20160410214402.606 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 stop' for container 'ubuntu-test', config section 'lxc'
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc 20160410214402.831 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214402.832 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214513.362 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214513.363 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
Please someone help me out.
regards
Post by Serge Hallyn
Ok, fwiw rpi2 should work with Ubuntu as well iiuc.
Post by Muneeb Ahmad
I'm using Raspberry pi 2 actually. And I'll take a look at debian and see
if their kernel have the userns_allow_unpriv option.
Post by Serge Hallyn
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the userns_allow_unpriv
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova only)?
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or should I
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom kernel
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Muneeb Ahmad
2016-04-18 16:38:28 UTC
Permalink
lxcfs=2.0.0
lxc=2.0.0.rc9
And the contents of lxc.mount.hook are;

#!/bin/sh -e


# We're dealing with mount entries, so expand any symlink

LXC_ROOTFS_MOUNT=$(readlink -f *${LXC_ROOTFS_MOUNT}*)


# /proc files

if [ -d /var/lib/lxcfs/proc/ ]; then

for entry in /var/lib/lxcfs/proc/*; do

[ -e *"${LXC_ROOTFS_MOUNT}/proc/$(basename $entry)"* ] || continue

mount -n --bind *$entry* *${LXC_ROOTFS_MOUNT}*/proc/$(basename
*$entry*)

done

fi



# Allow nesting lxcfs

if [ -d *${LXC_ROOTFS_MOUNT}*/var/lib/lxcfs/ ]; then

mount -n --bind /var/lib/lxcfs *${LXC_ROOTFS_MOUNT}*/var/lib/lxcfs/

fi


# no need for lxcfs cgroups if we have cgroup namespaces

[ -n *"$LXC_CGNS_AWARE"* ] && [ -f /proc/self/ns/cgroup ] && exit 0


# Don*'t mess with containers that don'*t have /sys/fs/cgroup configured

# (lxc.mount.auto = cgroup:mixed)

if *touch* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/lxcfs; then

*rm* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/lxcfs

else

exit 0

fi


# /sys/fs/cgroup files

if [ -d *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup"* ]; then

if [ -d /var/lib/lxcfs/cgroup ]; then

# Cleanup existing mounts

for entry in *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*; do

DEST=$(basename *$entry*)


if [ *"${DEST}"* = *"cgmanager"* ]; then

continue

fi


if [ ! -d *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"* ]; then

continue

fi


while *grep* -q *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"*
/proc/self/mountinfo; do

*grep* *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"*
/proc/self/mountinfo | cut -d*' '* -f5 | while read line; do

[ -e *"${line}"* ] && umount -l *"${line}"* || true

done

done


*rm* -Rf *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}*

done


# Mount the new entries

for entry in /var/lib/lxcfs/cgroup/*; do

DEST=$(basename *$entry*)

if [ *"$DEST"* = *"name=systemd"* ]; then

DEST=*"systemd"*

fi


if [ ! -d *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}* ]; then

*mkdir* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}*

fi


mount -n --bind *$entry* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/
*$DEST*


# make sure that cpu,cpuacct shows up as cpu and cpuacct

# separately, else systemd is unhappy

if *echo* *$DEST* | *grep* -q *","*; then

arr=$(*echo* *$DEST* | tr *","* *"\n"*)

for single in *$arr*

do

if [ ! -L *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*$single*
]; then

*ln* -s *$DEST* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/
*$single*

fi

done

fi

done

fi

fi


exit 0
Post by Serge Hallyn
/usr/share/lxcfs/lxc.mount.hook failed. Can you please who us its
contents? What are your versions of lxc and lxcfs?
Post by Muneeb Ahmad
I updated the kernel for user namespaces and everything is enabled when I
run "lxc-checkconfig". But I encountered the same error when I tried to
run
Post by Muneeb Ahmad
Name: ubuntu-test
Architecture: armv7l
Created: 2016/04/10 21:41 UTC
Status: Stopped
Type: persistent
Profiles: default
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214401.815 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.816 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.833 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to [lxc
monitor] /var/lib/lxd/containers ubuntu-test
lxc 20160410214401.836 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.837 INFO lxc_lsm -
lsm/lsm.c:lsm_init:48
Post by Muneeb Ahmad
- LSM security driver nop
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .reject_force_umount #
comment
Post by Muneeb Ahmad
this to allow umount -f; not recommended.
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for
reject_force_umount
Post by Muneeb Ahmad
action 0
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force
umounts
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .[all].
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for kexec_load action
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for open_by_handle_at
action 327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for init_module action
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for finit_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.
lxc 20160410214401.842 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for delete_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.842 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 start' for container 'ubuntu-test', config section 'lxc'
lxc 20160410214401.842 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.858 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/d78a9d7e97b4b375//var/lib/lxd/containers
lxc 20160410214402.096 DEBUG lxc_start -
start.c:setup_signal_fd:289 - sigchild handler set
lxc 20160410214402.099 DEBUG lxc_console -
console.c:lxc_console_peer_default:473 - no console peer
lxc 20160410214402.099 INFO lxc_start -
start.c:lxc_init:488 - 'ubuntu-test' is initialized
lxc 20160410214402.102 DEBUG lxc_start -
start.c:__lxc_start:1302 - Not dropping cap_sys_boot or watching utmp
lxc 20160410214402.102 INFO lxc_start -
start.c:resolve_clone_flags:999 - Cloning a new user namespace
lxc 20160410214402.112 DEBUG lxc_conf -
conf.c:instantiate_veth:2613 - instantiated veth 'vethAMHI20/vethM7FMG6',
index is '7'
lxc 20160410214402.113 INFO lxc_cgroup -
cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for
ubuntu-test
Post by Muneeb Ahmad
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214402.206 DEBUG lxc_conf -
conf.c:lxc_assign_network:3047 - move 'eth0' to '1465'
lxc 20160410214402.241 NOTICE lxc_start -
start.c:do_start:763 - switching to gid/uid 0/0 in new user namespace
lxc 20160410214402.243 DEBUG lxc_conf -
conf.c:setup_rootfs:1215 - mounted
'/var/lib/lxd/containers/ubuntu-test/rootfs' on
'/usr/lib/arm-linux-gnueabihf/lxc'
lxc 20160410214402.243 INFO lxc_conf -
conf.c:setup_utsname:843 - 'ubuntu-test' hostname has been setup
lxc 20160410214402.276 DEBUG lxc_conf -
conf.c:setup_hw_addr:2144 - mac address '00:16:3e:f1:c3:05' on 'eth0' has
been setup
lxc 20160410214402.277 DEBUG lxc_conf -
conf.c:setup_netdev:2371 - 'eth0' has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:setup_network:2392 - network has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:mount_autodev:1072 - Mounting container /dev
lxc 20160410214402.278 INFO lxc_conf -
conf.c:mount_autodev:1095 - Mounted tmpfs onto
/usr/lib/arm-linux-gnueabihf/lxc/dev
lxc 20160410214402.279 INFO lxc_conf -
conf.c:mount_autodev:1113 - Mounted container /dev
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /proc/sys/fs/binfmt_misc on
/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc to respect bind
or
Post by Muneeb Ahmad
remount options
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /proc/sys/fs/binfmt_misc
was 4096, required extra flags are 0
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/proc/sys/fs/binfmt_misc' on
'/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc', type 'none'
lxc 20160410214402.281 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/efivars'
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/fs/fuse/connections on
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections to respect bind
or
Post by Muneeb Ahmad
remount options
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/fs/fuse/connections
was 4096, required extra flags are 0
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/fs/fuse/connections' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections', type 'none'
lxc 20160410214402.281 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/kernel/debug on
/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug to respect bind or
remount options
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/kernel/debug was
4096, required extra flags are 0
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/kernel/debug' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug', type 'none'
lxc 20160410214402.282 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.282 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /dev/mqueue on
/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue to respect bind or remount
options
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /dev/mqueue was 4096,
required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/dev/mqueue' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue', type 'none'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/devlxd on
/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd to respect bind or remount
options
Post by Muneeb Ahmad
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /var/lib/lxd/devlxd was
1024, required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/devlxd' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd', type 'none'
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/shmounts/ubuntu-test on
/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts to respect bind or
remount
Post by Muneeb Ahmad
options
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/var/lib/lxd/shmounts/ubuntu-test was 1024, required extra flags are 0
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/shmounts/ubuntu-test' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts', type 'none'
lxc 20160410214402.284 INFO lxc_conf -
conf.c:mount_file_entries:1926 - mount points have been setup
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd read-only
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/systemd//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer read-only
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/freezer//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/blkio//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpu//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls read-only
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/net_cls//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/devices//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpuset//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.mount.hook' for container 'ubuntu-test', config
section 'lxc'
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:run_buffer:347 - Script exited with status 1
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:lxc_setup:3751 - failed to run mount hooks for container
'ubuntu-test'.
lxc 20160410214402.495 ERROR lxc_start -
start.c:do_start:819 - failed to setup the container
lxc 20160410214402.495 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process (expected
sequence number 2)
lxc 20160410214402.495 WARN lxc_conf -
conf.c:lxc_delete_network:2908 - failed to remove interface 7 'eth0'
lxc 20160410214402.497 ERROR lxc_start -
start.c:__lxc_start:1329 - failed to spawn 'ubuntu-test'
lxc 20160410214402.606 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 stop' for container 'ubuntu-test', config section 'lxc'
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc 20160410214402.831 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214402.832 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214513.362 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214513.363 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
Please someone help me out.
regards
Post by Serge Hallyn
Ok, fwiw rpi2 should work with Ubuntu as well iiuc.
Post by Muneeb Ahmad
I'm using Raspberry pi 2 actually. And I'll take a look at debian
and see
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
if their kernel have the userns_allow_unpriv option.
On Sat, Apr 9, 2016 at 9:00 AM, Serge Hallyn <
Post by Serge Hallyn
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the
userns_allow_unpriv
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova only)?
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or
should I
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Muneeb Ahmad
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom
kernel
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Muneeb Ahmad
2016-04-20 07:11:18 UTC
Permalink
Any ideas?
Has this anything to do with CGManager?
and this is what lxcfs status show:

*●* lxcfs.service - FUSE filesystem for LXC

Loaded: loaded (/lib/systemd/system/lxcfs.service; enabled; vendor
preset: enabled)

Active: *active (running)* since Wed 2016-04-20 11:17:05 PKT; 53min ago

Main PID: 391 (lxcfs)

Memory: 720.0K

CPU: 28ms

CGroup: /system.slice/lxcfs.service

└─391 /usr/bin/lxcfs /var/lib/lxcfs/


Apr 20 11:17:05 mate-desktop systemd[1]: Started FUSE filesystem for LXC.

Apr 20 11:17:05 mate-desktop lxcfs[391]: hierarchies: 0: blkio

Apr 20 11:17:05 mate-desktop lxcfs[391]: 1: cpu,cpuacct

Apr 20 11:17:05 mate-desktop lxcfs[391]: 2: devices

Apr 20 11:17:05 mate-desktop lxcfs[391]: 3: memory

Apr 20 11:17:05 mate-desktop lxcfs[391]: 4: freezer

Apr 20 11:17:05 mate-desktop lxcfs[391]: 5: net_cls,net_prio

Apr 20 11:17:05 mate-desktop lxcfs[391]: 6: pids

Apr 20 11:17:05 mate-desktop lxcfs[391]: 7: name=systemd
Post by Muneeb Ahmad
lxcfs=2.0.0
lxc=2.0.0.rc9
And the contents of lxc.mount.hook are;
#!/bin/sh -e
# We're dealing with mount entries, so expand any symlink
LXC_ROOTFS_MOUNT=$(readlink -f *${LXC_ROOTFS_MOUNT}*)
# /proc files
if [ -d /var/lib/lxcfs/proc/ ]; then
for entry in /var/lib/lxcfs/proc/*; do
[ -e *"${LXC_ROOTFS_MOUNT}/proc/$(basename $entry)"* ] || continue
mount -n --bind *$entry* *${LXC_ROOTFS_MOUNT}*/proc/$(basename
*$entry*)
done
fi
# Allow nesting lxcfs
if [ -d *${LXC_ROOTFS_MOUNT}*/var/lib/lxcfs/ ]; then
mount -n --bind /var/lib/lxcfs *${LXC_ROOTFS_MOUNT}*/var/lib/lxcfs/
fi
# no need for lxcfs cgroups if we have cgroup namespaces
[ -n *"$LXC_CGNS_AWARE"* ] && [ -f /proc/self/ns/cgroup ] && exit 0
# Don*'t mess with containers that don'*t have /sys/fs/cgroup configured
# (lxc.mount.auto = cgroup:mixed)
if *touch* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/lxcfs; then
*rm* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/lxcfs
else
exit 0
fi
# /sys/fs/cgroup files
if [ -d *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup"* ]; then
if [ -d /var/lib/lxcfs/cgroup ]; then
# Cleanup existing mounts
for entry in *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*; do
DEST=$(basename *$entry*)
if [ *"${DEST}"* = *"cgmanager"* ]; then
continue
fi
if [ ! -d *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"* ]; then
continue
fi
while *grep* -q *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"*
/proc/self/mountinfo; do
*grep* *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"*
/proc/self/mountinfo | cut -d*' '* -f5 | while read line; do
[ -e *"${line}"* ] && umount -l *"${line}"* || true
done
done
*rm* -Rf *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}*
done
# Mount the new entries
for entry in /var/lib/lxcfs/cgroup/*; do
DEST=$(basename *$entry*)
if [ *"$DEST"* = *"name=systemd"* ]; then
DEST=*"systemd"*
fi
if [ ! -d *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}* ]; then
*mkdir* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}*
fi
mount -n --bind *$entry* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/
*$DEST*
# make sure that cpu,cpuacct shows up as cpu and cpuacct
# separately, else systemd is unhappy
if *echo* *$DEST* | *grep* -q *","*; then
arr=$(*echo* *$DEST* | tr *","* *"\n"*)
for single in *$arr*
do
if [ ! -L *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/
*$single* ]; then
*ln* -s *$DEST* *${LXC_ROOTFS_MOUNT}*
/sys/fs/cgroup/*$single*
fi
done
fi
done
fi
fi
exit 0
Post by Serge Hallyn
/usr/share/lxcfs/lxc.mount.hook failed. Can you please who us its
contents? What are your versions of lxc and lxcfs?
Post by Muneeb Ahmad
I updated the kernel for user namespaces and everything is enabled when
I
Post by Muneeb Ahmad
run "lxc-checkconfig". But I encountered the same error when I tried to
run
Post by Muneeb Ahmad
Name: ubuntu-test
Architecture: armv7l
Created: 2016/04/10 21:41 UTC
Status: Stopped
Type: persistent
Profiles: default
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214401.815 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.816 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.833 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to
[lxc
Post by Muneeb Ahmad
monitor] /var/lib/lxd/containers ubuntu-test
lxc 20160410214401.836 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.837 INFO lxc_lsm -
lsm/lsm.c:lsm_init:48
Post by Muneeb Ahmad
- LSM security driver nop
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .reject_force_umount #
comment
Post by Muneeb Ahmad
this to allow umount -f; not recommended.
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for
reject_force_umount
Post by Muneeb Ahmad
action 0
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force
umounts
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .[all].
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for kexec_load action
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for open_by_handle_at
action 327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for init_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for finit_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.
lxc 20160410214401.842 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for delete_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.842 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 start' for container 'ubuntu-test', config section 'lxc'
lxc 20160410214401.842 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.858 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/d78a9d7e97b4b375//var/lib/lxd/containers
lxc 20160410214402.096 DEBUG lxc_start -
start.c:setup_signal_fd:289 - sigchild handler set
lxc 20160410214402.099 DEBUG lxc_console -
console.c:lxc_console_peer_default:473 - no console peer
lxc 20160410214402.099 INFO lxc_start -
start.c:lxc_init:488 - 'ubuntu-test' is initialized
lxc 20160410214402.102 DEBUG lxc_start -
start.c:__lxc_start:1302 - Not dropping cap_sys_boot or watching utmp
lxc 20160410214402.102 INFO lxc_start -
start.c:resolve_clone_flags:999 - Cloning a new user namespace
lxc 20160410214402.112 DEBUG lxc_conf -
conf.c:instantiate_veth:2613 - instantiated veth
'vethAMHI20/vethM7FMG6',
Post by Muneeb Ahmad
index is '7'
lxc 20160410214402.113 INFO lxc_cgroup -
cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for
ubuntu-test
Post by Muneeb Ahmad
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214402.206 DEBUG lxc_conf -
conf.c:lxc_assign_network:3047 - move 'eth0' to '1465'
lxc 20160410214402.241 NOTICE lxc_start -
start.c:do_start:763 - switching to gid/uid 0/0 in new user namespace
lxc 20160410214402.243 DEBUG lxc_conf -
conf.c:setup_rootfs:1215 - mounted
'/var/lib/lxd/containers/ubuntu-test/rootfs' on
'/usr/lib/arm-linux-gnueabihf/lxc'
lxc 20160410214402.243 INFO lxc_conf -
conf.c:setup_utsname:843 - 'ubuntu-test' hostname has been setup
lxc 20160410214402.276 DEBUG lxc_conf -
conf.c:setup_hw_addr:2144 - mac address '00:16:3e:f1:c3:05' on 'eth0'
has
Post by Muneeb Ahmad
been setup
lxc 20160410214402.277 DEBUG lxc_conf -
conf.c:setup_netdev:2371 - 'eth0' has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:setup_network:2392 - network has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:mount_autodev:1072 - Mounting container /dev
lxc 20160410214402.278 INFO lxc_conf -
conf.c:mount_autodev:1095 - Mounted tmpfs onto
/usr/lib/arm-linux-gnueabihf/lxc/dev
lxc 20160410214402.279 INFO lxc_conf -
conf.c:mount_autodev:1113 - Mounted container /dev
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /proc/sys/fs/binfmt_misc on
/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc to respect
bind or
Post by Muneeb Ahmad
remount options
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/proc/sys/fs/binfmt_misc
Post by Muneeb Ahmad
was 4096, required extra flags are 0
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/proc/sys/fs/binfmt_misc' on
'/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc', type 'none'
lxc 20160410214402.281 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/efivars'
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/fs/fuse/connections on
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections to respect
bind or
Post by Muneeb Ahmad
remount options
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/sys/fs/fuse/connections
Post by Muneeb Ahmad
was 4096, required extra flags are 0
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/fs/fuse/connections' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections', type 'none'
lxc 20160410214402.281 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/kernel/debug on
/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug to respect bind or
remount options
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/kernel/debug was
4096, required extra flags are 0
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/kernel/debug' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug', type 'none'
lxc 20160410214402.282 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.282 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /dev/mqueue on
/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue to respect bind or remount
options
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /dev/mqueue was 4096,
required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/dev/mqueue' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue', type 'none'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/devlxd on
/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd to respect bind or remount
options
Post by Muneeb Ahmad
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /var/lib/lxd/devlxd was
1024, required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/devlxd' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd', type 'none'
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/shmounts/ubuntu-test
on
Post by Muneeb Ahmad
/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts to respect bind or
remount
Post by Muneeb Ahmad
options
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/var/lib/lxd/shmounts/ubuntu-test was 1024, required extra flags are 0
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/shmounts/ubuntu-test' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts', type 'none'
lxc 20160410214402.284 INFO lxc_conf -
conf.c:mount_file_entries:1926 - mount points have been setup
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd read-only
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/systemd//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer read-only
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/freezer//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/blkio//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpu//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls read-only
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/net_cls//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/devices//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpuset//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.mount.hook' for container 'ubuntu-test', config
section 'lxc'
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:run_buffer:347 - Script exited with status 1
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:lxc_setup:3751 - failed to run mount hooks for container
'ubuntu-test'.
lxc 20160410214402.495 ERROR lxc_start -
start.c:do_start:819 - failed to setup the container
lxc 20160410214402.495 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process (expected
sequence number 2)
lxc 20160410214402.495 WARN lxc_conf -
conf.c:lxc_delete_network:2908 - failed to remove interface 7 'eth0'
lxc 20160410214402.497 ERROR lxc_start -
start.c:__lxc_start:1329 - failed to spawn 'ubuntu-test'
lxc 20160410214402.606 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 stop' for container 'ubuntu-test', config section 'lxc'
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc 20160410214402.831 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214402.832 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214513.362 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214513.363 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
Please someone help me out.
regards
Post by Serge Hallyn
Ok, fwiw rpi2 should work with Ubuntu as well iiuc.
Post by Muneeb Ahmad
I'm using Raspberry pi 2 actually. And I'll take a look at debian
and see
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
if their kernel have the userns_allow_unpriv option.
On Sat, Apr 9, 2016 at 9:00 AM, Serge Hallyn <
Post by Serge Hallyn
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the
userns_allow_unpriv
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova only)?
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or
should I
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Muneeb Ahmad
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom
kernel
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Serge Hallyn
2016-04-20 21:16:53 UTC
Permalink
Hi,

edit that script to do 'set -x', so that we can see what the script
is doing in the container debug log.
Post by Muneeb Ahmad
lxcfs=2.0.0
lxc=2.0.0.rc9
And the contents of lxc.mount.hook are;
#!/bin/sh -e
# We're dealing with mount entries, so expand any symlink
LXC_ROOTFS_MOUNT=$(readlink -f *${LXC_ROOTFS_MOUNT}*)
# /proc files
if [ -d /var/lib/lxcfs/proc/ ]; then
for entry in /var/lib/lxcfs/proc/*; do
[ -e *"${LXC_ROOTFS_MOUNT}/proc/$(basename $entry)"* ] || continue
mount -n --bind *$entry* *${LXC_ROOTFS_MOUNT}*/proc/$(basename
*$entry*)
done
fi
# Allow nesting lxcfs
if [ -d *${LXC_ROOTFS_MOUNT}*/var/lib/lxcfs/ ]; then
mount -n --bind /var/lib/lxcfs *${LXC_ROOTFS_MOUNT}*/var/lib/lxcfs/
fi
# no need for lxcfs cgroups if we have cgroup namespaces
[ -n *"$LXC_CGNS_AWARE"* ] && [ -f /proc/self/ns/cgroup ] && exit 0
# Don*'t mess with containers that don'*t have /sys/fs/cgroup configured
# (lxc.mount.auto = cgroup:mixed)
if *touch* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/lxcfs; then
*rm* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/lxcfs
else
exit 0
fi
# /sys/fs/cgroup files
if [ -d *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup"* ]; then
if [ -d /var/lib/lxcfs/cgroup ]; then
# Cleanup existing mounts
for entry in *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*; do
DEST=$(basename *$entry*)
if [ *"${DEST}"* = *"cgmanager"* ]; then
continue
fi
if [ ! -d *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"* ]; then
continue
fi
while *grep* -q *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"*
/proc/self/mountinfo; do
*grep* *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"*
/proc/self/mountinfo | cut -d*' '* -f5 | while read line; do
[ -e *"${line}"* ] && umount -l *"${line}"* || true
done
done
*rm* -Rf *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}*
done
# Mount the new entries
for entry in /var/lib/lxcfs/cgroup/*; do
DEST=$(basename *$entry*)
if [ *"$DEST"* = *"name=systemd"* ]; then
DEST=*"systemd"*
fi
if [ ! -d *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}* ]; then
*mkdir* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}*
fi
mount -n --bind *$entry* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/
*$DEST*
# make sure that cpu,cpuacct shows up as cpu and cpuacct
# separately, else systemd is unhappy
if *echo* *$DEST* | *grep* -q *","*; then
arr=$(*echo* *$DEST* | tr *","* *"\n"*)
for single in *$arr*
do
if [ ! -L *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*$single*
]; then
*ln* -s *$DEST* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/
*$single*
fi
done
fi
done
fi
fi
exit 0
Post by Serge Hallyn
/usr/share/lxcfs/lxc.mount.hook failed. Can you please who us its
contents? What are your versions of lxc and lxcfs?
Post by Muneeb Ahmad
I updated the kernel for user namespaces and everything is enabled when I
run "lxc-checkconfig". But I encountered the same error when I tried to
run
Post by Muneeb Ahmad
Name: ubuntu-test
Architecture: armv7l
Created: 2016/04/10 21:41 UTC
Status: Stopped
Type: persistent
Profiles: default
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214401.815 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.816 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.833 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to [lxc
monitor] /var/lib/lxd/containers ubuntu-test
lxc 20160410214401.836 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.837 INFO lxc_lsm -
lsm/lsm.c:lsm_init:48
Post by Muneeb Ahmad
- LSM security driver nop
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .reject_force_umount #
comment
Post by Muneeb Ahmad
this to allow umount -f; not recommended.
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for
reject_force_umount
Post by Muneeb Ahmad
action 0
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force
umounts
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .[all].
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for kexec_load action
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for open_by_handle_at
action 327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for init_module action
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for finit_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.
lxc 20160410214401.842 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for delete_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.842 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 start' for container 'ubuntu-test', config section 'lxc'
lxc 20160410214401.842 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.858 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/d78a9d7e97b4b375//var/lib/lxd/containers
lxc 20160410214402.096 DEBUG lxc_start -
start.c:setup_signal_fd:289 - sigchild handler set
lxc 20160410214402.099 DEBUG lxc_console -
console.c:lxc_console_peer_default:473 - no console peer
lxc 20160410214402.099 INFO lxc_start -
start.c:lxc_init:488 - 'ubuntu-test' is initialized
lxc 20160410214402.102 DEBUG lxc_start -
start.c:__lxc_start:1302 - Not dropping cap_sys_boot or watching utmp
lxc 20160410214402.102 INFO lxc_start -
start.c:resolve_clone_flags:999 - Cloning a new user namespace
lxc 20160410214402.112 DEBUG lxc_conf -
conf.c:instantiate_veth:2613 - instantiated veth 'vethAMHI20/vethM7FMG6',
index is '7'
lxc 20160410214402.113 INFO lxc_cgroup -
cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for
ubuntu-test
Post by Muneeb Ahmad
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214402.206 DEBUG lxc_conf -
conf.c:lxc_assign_network:3047 - move 'eth0' to '1465'
lxc 20160410214402.241 NOTICE lxc_start -
start.c:do_start:763 - switching to gid/uid 0/0 in new user namespace
lxc 20160410214402.243 DEBUG lxc_conf -
conf.c:setup_rootfs:1215 - mounted
'/var/lib/lxd/containers/ubuntu-test/rootfs' on
'/usr/lib/arm-linux-gnueabihf/lxc'
lxc 20160410214402.243 INFO lxc_conf -
conf.c:setup_utsname:843 - 'ubuntu-test' hostname has been setup
lxc 20160410214402.276 DEBUG lxc_conf -
conf.c:setup_hw_addr:2144 - mac address '00:16:3e:f1:c3:05' on 'eth0' has
been setup
lxc 20160410214402.277 DEBUG lxc_conf -
conf.c:setup_netdev:2371 - 'eth0' has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:setup_network:2392 - network has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:mount_autodev:1072 - Mounting container /dev
lxc 20160410214402.278 INFO lxc_conf -
conf.c:mount_autodev:1095 - Mounted tmpfs onto
/usr/lib/arm-linux-gnueabihf/lxc/dev
lxc 20160410214402.279 INFO lxc_conf -
conf.c:mount_autodev:1113 - Mounted container /dev
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /proc/sys/fs/binfmt_misc on
/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc to respect bind
or
Post by Muneeb Ahmad
remount options
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /proc/sys/fs/binfmt_misc
was 4096, required extra flags are 0
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/proc/sys/fs/binfmt_misc' on
'/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc', type 'none'
lxc 20160410214402.281 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/efivars'
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/fs/fuse/connections on
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections to respect bind
or
Post by Muneeb Ahmad
remount options
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/fs/fuse/connections
was 4096, required extra flags are 0
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/fs/fuse/connections' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections', type 'none'
lxc 20160410214402.281 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/kernel/debug on
/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug to respect bind or
remount options
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/kernel/debug was
4096, required extra flags are 0
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/kernel/debug' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug', type 'none'
lxc 20160410214402.282 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.282 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /dev/mqueue on
/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue to respect bind or remount
options
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /dev/mqueue was 4096,
required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/dev/mqueue' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue', type 'none'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/devlxd on
/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd to respect bind or remount
options
Post by Muneeb Ahmad
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /var/lib/lxd/devlxd was
1024, required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/devlxd' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd', type 'none'
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/shmounts/ubuntu-test on
/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts to respect bind or
remount
Post by Muneeb Ahmad
options
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/var/lib/lxd/shmounts/ubuntu-test was 1024, required extra flags are 0
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/shmounts/ubuntu-test' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts', type 'none'
lxc 20160410214402.284 INFO lxc_conf -
conf.c:mount_file_entries:1926 - mount points have been setup
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd read-only
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/systemd//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer read-only
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/freezer//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/blkio//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpu//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls read-only
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/net_cls//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/devices//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpuset//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second stage
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
lxc 20160410214402.289 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.mount.hook' for container 'ubuntu-test', config
section 'lxc'
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:run_buffer:347 - Script exited with status 1
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:lxc_setup:3751 - failed to run mount hooks for container
'ubuntu-test'.
lxc 20160410214402.495 ERROR lxc_start -
start.c:do_start:819 - failed to setup the container
lxc 20160410214402.495 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process (expected
sequence number 2)
lxc 20160410214402.495 WARN lxc_conf -
conf.c:lxc_delete_network:2908 - failed to remove interface 7 'eth0'
lxc 20160410214402.497 ERROR lxc_start -
start.c:__lxc_start:1329 - failed to spawn 'ubuntu-test'
lxc 20160410214402.606 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 stop' for container 'ubuntu-test', config section 'lxc'
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response
lxc 20160410214402.831 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214402.832 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214513.362 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214513.363 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 165536
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 165536
range 65536
Please someone help me out.
regards
Post by Serge Hallyn
Ok, fwiw rpi2 should work with Ubuntu as well iiuc.
Post by Muneeb Ahmad
I'm using Raspberry pi 2 actually. And I'll take a look at debian
and see
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
if their kernel have the userns_allow_unpriv option.
On Sat, Apr 9, 2016 at 9:00 AM, Serge Hallyn <
Post by Serge Hallyn
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the
userns_allow_unpriv
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova only)?
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or
should I
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Muneeb Ahmad
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom
kernel
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something like
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Muneeb Ahmad
2016-04-21 10:37:18 UTC
Permalink
I'm not getting this lxc.mount.hook problem anymore. Maybe because I
restart the lxcfs. There are a little different errors this time and fewer
ones. It has something like 'Error loading the seccomp policy'. And there
are some permissions related errors above.
The log look like this now, I'm highlighting the errors part:

Name: t7

Architecture: armv7l

Created: 2016/04/21 10:15 UTC

Status: Stopped

Type: persistent

Profiles: default


Log:


lxc 20160421151526.802 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160421151526.803 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160421151846.029 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160421151846.030 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160421151846.191 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3

lxc 20160421151846.191 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8

lxc 20160421151846.208 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to [lxc
monitor] /var/lib/lxd/containers t7

lxc 20160421151846.211 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8

lxc 20160421151846.212 INFO lxc_lsm - lsm/lsm.c:lsm_init:48
- LSM security driver nop

lxc 20160421151846.215 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .reject_force_umount # comment
this to allow umount -f; not recommended.

lxc 20160421151846.215 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for reject_force_umount
action 0

lxc 20160421151846.215 INFO lxc_seccomp -
seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force
umounts


lxc 20160421151846.215 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .[all].

lxc 20160421151846.216 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.

lxc 20160421151846.216 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for kexec_load action
327681

lxc 20160421151846.216 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1.

lxc 20160421151846.216 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for open_by_handle_at
action 327681

lxc 20160421151846.216 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.

lxc 20160421151846.216 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for init_module action
327681

lxc 20160421151846.216 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.

lxc 20160421151846.216 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for finit_module action
327681

lxc 20160421151846.217 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.

lxc 20160421151846.217 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for delete_module action
327681

lxc 20160421151846.217 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 18 start' for container 't7', config section 'lxc'

lxc 20160421151846.217 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3

lxc 20160421151846.218 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8

lxc 20160421151846.246 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/d78a9d7e97b4b375//var/lib/lxd/containers

lxc 20160421151846.605 DEBUG lxc_start -
start.c:setup_signal_fd:289 - sigchild handler set

lxc 20160421151846.609 DEBUG lxc_console -
console.c:lxc_console_peer_default:473 - no console peer

lxc 20160421151846.610 INFO lxc_start -
start.c:lxc_init:488 - 't7' is initialized

lxc 20160421151846.613 DEBUG lxc_start -
start.c:__lxc_start:1302 - Not dropping cap_sys_boot or watching utmp

lxc 20160421151846.613 INFO lxc_start -
start.c:resolve_clone_flags:999 - Cloning a new user namespace

lxc 20160421151846.644 DEBUG lxc_conf -
conf.c:instantiate_veth:2613 - instantiated veth 'vethGRAE0B/vethCQVHU6',
index is '13'

lxc 20160421151846.644 INFO lxc_cgroup -
cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for t7

lxc 20160421151846.837 DEBUG lxc_conf -
conf.c:lxc_assign_network:3047 - move 'eth0' to '2913'

lxc 20160421151846.884 NOTICE lxc_start -
start.c:do_start:763 - switching to gid/uid 0/0 in new user namespace

lxc 20160421151846.886 DEBUG lxc_conf -
conf.c:setup_rootfs:1215 - mounted '/var/lib/lxd/containers/t7/rootfs' on
'/usr/lib/arm-linux-gnueabihf/lxc'

lxc 20160421151846.886 INFO lxc_conf -
conf.c:setup_utsname:843 - 't7' hostname has been setup

lxc 20160421151846.931 DEBUG lxc_conf -
conf.c:setup_hw_addr:2144 - mac address '00:16:3e:06:a4:8d' on 'eth0' has
been setup

lxc 20160421151846.932 DEBUG lxc_conf -
conf.c:setup_netdev:2371 - 'eth0' has been setup

lxc 20160421151846.932 INFO lxc_conf -
conf.c:setup_network:2392 - network has been setup

lxc 20160421151846.933 INFO lxc_conf -
conf.c:mount_autodev:1072 - Mounting container /dev

lxc 20160421151846.933 INFO lxc_conf -
conf.c:mount_autodev:1095 - Mounted tmpfs onto
/usr/lib/arm-linux-gnueabihf/lxc/dev

lxc 20160421151846.933 INFO lxc_conf -
conf.c:mount_autodev:1113 - Mounted container /dev

lxc 20160421151846.935 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /proc/sys/fs/binfmt_misc on
/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc to respect bind or
remount options

lxc 20160421151846.935 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /proc/sys/fs/binfmt_misc
was 4096, required extra flags are 0

lxc 20160421151846.935 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount

lxc 20160421151846.936 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/proc/sys/fs/binfmt_misc' on
'/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc', type 'none'

lxc 20160421151846.936 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'

lxc 20160421151846.936 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/efivars'

lxc 20160421151846.936 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/fs/fuse/connections on
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections to respect bind or
remount options

lxc 20160421151846.936 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/fs/fuse/connections
was 4096, required extra flags are 0

lxc 20160421151846.936 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount

lxc 20160421151846.937 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/fs/fuse/connections' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections', type 'none'

lxc 20160421151846.937 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'

lxc 20160421151846.937 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'

lxc 20160421151846.937 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/kernel/debug on
/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug to respect bind or
remount options

lxc 20160421151846.937 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/kernel/debug was 4096,
required extra flags are 0

lxc 20160421151846.937 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount

lxc 20160421151846.938 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/kernel/debug' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug', type 'none'

lxc 20160421151846.938 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'

lxc 20160421151846.938 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount target
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'

lxc 20160421151846.938 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /dev/mqueue on
/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue to respect bind or remount
options

lxc 20160421151846.938 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /dev/mqueue was 4096,
required extra flags are 0

lxc 20160421151846.938 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping remount

lxc 20160421151846.938 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/dev/mqueue' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue', type 'none'

lxc 20160421151846.939 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/devlxd on
/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd to respect bind or remount options

lxc 20160421151846.939 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /var/lib/lxd/devlxd was
1024, required extra flags are 0

lxc 20160421151846.939 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount

lxc 20160421151846.939 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/devlxd' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd', type 'none'

lxc 20160421151846.939 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/shmounts/t7 on
/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts to respect bind or remount
options

lxc 20160421151846.939 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /var/lib/lxd/shmounts/t7
was 1024, required extra flags are 0

lxc 20160421151846.940 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping remount

lxc 20160421151846.940 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/shmounts/t7' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts', type 'none'

lxc 20160421151846.940 INFO lxc_conf -
conf.c:mount_file_entries:1926 - mount points have been setup

lxc 20160421151846.941 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.mount.hook' for container 't7', config section 'lxc'

lxc 20160421151847.131 INFO lxc_conf -
conf.c:fill_autodev:1141 - Creating initial consoles under container /dev

lxc 20160421151847.131 INFO lxc_conf -
conf.c:fill_autodev:1152 - Populating container /dev

lxc 20160421151847.132 INFO lxc_conf -
conf.c:fill_autodev:1189 - Populated container /dev

lxc 20160421151847.133 INFO lxc_conf -
conf.c:setup_dev_console:1437 - console has been setup

lxc 20160421151847.133 INFO lxc_utils -
utils.c:mount_proc_if_needed:1726 - I am 1, /proc/self points to '1'

lxc 20160421101847.170 DEBUG lxc_conf -
conf.c:setup_rootfs_pivot_root:1050 - pivot_root syscall to
'/usr/lib/arm-linux-gnueabihf/lxc' successful

lxc 20160421101847.172 INFO lxc_conf - conf.c:setup_tty:995
- 0 tty(s) has been setup

lxc 20160421101847.172 INFO lxc_conf -
conf.c:setup_personality:1393 - set personality to '0x8'

lxc 20160421101847.172 DEBUG lxc_conf -
conf.c:setup_caps:2055 - drop capability 'mac_admin' (33)

lxc 20160421101847.172 DEBUG lxc_conf -
conf.c:setup_caps:2055 - drop capability 'mac_override' (32)

lxc 20160421101847.172 DEBUG lxc_conf -
conf.c:setup_caps:2055 - drop capability 'sys_time' (25)

lxc 20160421101847.172 DEBUG lxc_conf -
conf.c:setup_caps:2055 - drop capability 'sys_module' (16)

lxc 20160421101847.172 DEBUG lxc_conf -
conf.c:setup_caps:2055 - drop capability 'sys_rawio' (17)

lxc 20160421101847.172 DEBUG lxc_conf -
conf.c:setup_caps:2064 - capabilities have been setup

lxc 20160421101847.172 NOTICE lxc_conf -
conf.c:lxc_setup:3838 - 't7' is setup.

lxc 20160421101847.173 ERROR lxc_seccomp -
seccomp.c:lxc_seccomp_load:615 - Error loading the seccomp policy

lxc 20160421151847.174 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process (expected
sequence number 4)

lxc 20160421151847.174 ERROR lxc_start -
start.c:__lxc_start:1329 - failed to spawn 't7'

lxc 20160421151847.174 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.reboot.hook' for container 't7', config section 'lxc'

lxc 20160421151847.688 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 18 stop' for container 't7', config section 'lxc'

lxc 20160421151847.814 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive
response

lxc 20160421151914.895 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160421151914.896 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160421151914.952 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160421151914.953 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160421152853.688 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160421152853.688 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536

lxc 20160421152853.742 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid 231072
range 65536

lxc 20160421152853.742 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid 231072
range 65536
Post by Serge Hallyn
Hi,
edit that script to do 'set -x', so that we can see what the script
is doing in the container debug log.
Post by Muneeb Ahmad
lxcfs=2.0.0
lxc=2.0.0.rc9
And the contents of lxc.mount.hook are;
#!/bin/sh -e
# We're dealing with mount entries, so expand any symlink
LXC_ROOTFS_MOUNT=$(readlink -f *${LXC_ROOTFS_MOUNT}*)
# /proc files
if [ -d /var/lib/lxcfs/proc/ ]; then
for entry in /var/lib/lxcfs/proc/*; do
[ -e *"${LXC_ROOTFS_MOUNT}/proc/$(basename $entry)"* ] ||
continue
Post by Muneeb Ahmad
mount -n --bind *$entry* *${LXC_ROOTFS_MOUNT}*/proc/$(basename
*$entry*)
done
fi
# Allow nesting lxcfs
if [ -d *${LXC_ROOTFS_MOUNT}*/var/lib/lxcfs/ ]; then
mount -n --bind /var/lib/lxcfs *${LXC_ROOTFS_MOUNT}*/var/lib/lxcfs/
fi
# no need for lxcfs cgroups if we have cgroup namespaces
[ -n *"$LXC_CGNS_AWARE"* ] && [ -f /proc/self/ns/cgroup ] && exit 0
# Don*'t mess with containers that don'*t have /sys/fs/cgroup configured
# (lxc.mount.auto = cgroup:mixed)
if *touch* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/lxcfs; then
*rm* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/lxcfs
else
exit 0
fi
# /sys/fs/cgroup files
if [ -d *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup"* ]; then
if [ -d /var/lib/lxcfs/cgroup ]; then
# Cleanup existing mounts
for entry in *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*; do
DEST=$(basename *$entry*)
if [ *"${DEST}"* = *"cgmanager"* ]; then
continue
fi
if [ ! -d *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"* ];
then
Post by Muneeb Ahmad
continue
fi
while *grep* -q *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"*
/proc/self/mountinfo; do
*grep* *"${LXC_ROOTFS_MOUNT}/sys/fs/cgroup/${DEST}"*
/proc/self/mountinfo | cut -d*' '* -f5 | while read line; do
[ -e *"${line}"* ] && umount -l *"${line}"* || true
done
done
*rm* -Rf *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}*
done
# Mount the new entries
for entry in /var/lib/lxcfs/cgroup/*; do
DEST=$(basename *$entry*)
if [ *"$DEST"* = *"name=systemd"* ]; then
DEST=*"systemd"*
fi
if [ ! -d *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}* ];
then
Post by Muneeb Ahmad
*mkdir* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*${DEST}*
fi
mount -n --bind *$entry* *${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/
*$DEST*
# make sure that cpu,cpuacct shows up as cpu and cpuacct
# separately, else systemd is unhappy
if *echo* *$DEST* | *grep* -q *","*; then
arr=$(*echo* *$DEST* | tr *","* *"\n"*)
for single in *$arr*
do
if [ ! -L
*${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/*$single*
Post by Muneeb Ahmad
]; then
*ln* -s *$DEST*
*${LXC_ROOTFS_MOUNT}*/sys/fs/cgroup/
Post by Muneeb Ahmad
*$single*
fi
done
fi
done
fi
fi
exit 0
Post by Serge Hallyn
/usr/share/lxcfs/lxc.mount.hook failed. Can you please who us its
contents? What are your versions of lxc and lxcfs?
Post by Muneeb Ahmad
I updated the kernel for user namespaces and everything is enabled
when I
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
run "lxc-checkconfig". But I encountered the same error when I tried
to
Post by Muneeb Ahmad
Post by Serge Hallyn
run
Post by Muneeb Ahmad
Name: ubuntu-test
Architecture: armv7l
Created: 2016/04/10 21:41 UTC
Status: Stopped
Type: persistent
Profiles: default
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214156.082 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214401.643 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214401.815 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.816 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.833 INFO lxc_container -
lxccontainer.c:do_lxcapi_start:797 - Attempting to set proc title to
[lxc
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
monitor] /var/lib/lxd/containers ubuntu-test
lxc 20160410214401.836 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.837 INFO lxc_lsm -
lsm/lsm.c:lsm_init:48
Post by Muneeb Ahmad
- LSM security driver nop
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .reject_force_umount #
comment
Post by Muneeb Ahmad
this to allow umount -f; not recommended.
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for
reject_force_umount
Post by Muneeb Ahmad
action 0
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject
force
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
umounts
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .[all].
lxc 20160410214401.840 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for kexec_load
action
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno
1.
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for
open_by_handle_at
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
action 327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for init_module
action
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for finit_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_seccomp -
seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.
lxc 20160410214401.842 INFO lxc_seccomp -
seccomp.c:parse_config_v2:436 - Adding native rule for delete_module
action
Post by Muneeb Ahmad
327681
lxc 20160410214401.841 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 3
lxc 20160410214401.842 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 start' for container 'ubuntu-test', config section
'lxc'
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214401.842 INFO lxc_start -
start.c:lxc_check_inherited:251 - closed inherited fd 8
lxc 20160410214401.858 INFO lxc_monitor -
monitor.c:lxc_monitor_sock_name:178 - using monitor sock name
lxc/d78a9d7e97b4b375//var/lib/lxd/containers
lxc 20160410214402.096 DEBUG lxc_start -
start.c:setup_signal_fd:289 - sigchild handler set
lxc 20160410214402.099 DEBUG lxc_console -
console.c:lxc_console_peer_default:473 - no console peer
lxc 20160410214402.099 INFO lxc_start -
start.c:lxc_init:488 - 'ubuntu-test' is initialized
lxc 20160410214402.102 DEBUG lxc_start -
start.c:__lxc_start:1302 - Not dropping cap_sys_boot or watching utmp
lxc 20160410214402.102 INFO lxc_start -
start.c:resolve_clone_flags:999 - Cloning a new user namespace
lxc 20160410214402.112 DEBUG lxc_conf -
conf.c:instantiate_veth:2613 - instantiated veth
'vethAMHI20/vethM7FMG6',
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
index is '7'
lxc 20160410214402.113 INFO lxc_cgroup -
cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for
ubuntu-test
Post by Muneeb Ahmad
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214402.129 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214402.206 DEBUG lxc_conf -
conf.c:lxc_assign_network:3047 - move 'eth0' to '1465'
lxc 20160410214402.241 NOTICE lxc_start -
start.c:do_start:763 - switching to gid/uid 0/0 in new user namespace
lxc 20160410214402.243 DEBUG lxc_conf -
conf.c:setup_rootfs:1215 - mounted
'/var/lib/lxd/containers/ubuntu-test/rootfs' on
'/usr/lib/arm-linux-gnueabihf/lxc'
lxc 20160410214402.243 INFO lxc_conf -
conf.c:setup_utsname:843 - 'ubuntu-test' hostname has been setup
lxc 20160410214402.276 DEBUG lxc_conf -
conf.c:setup_hw_addr:2144 - mac address '00:16:3e:f1:c3:05' on
'eth0' has
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
been setup
lxc 20160410214402.277 DEBUG lxc_conf -
conf.c:setup_netdev:2371 - 'eth0' has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:setup_network:2392 - network has been setup
lxc 20160410214402.277 INFO lxc_conf -
conf.c:mount_autodev:1072 - Mounting container /dev
lxc 20160410214402.278 INFO lxc_conf -
conf.c:mount_autodev:1095 - Mounted tmpfs onto
/usr/lib/arm-linux-gnueabihf/lxc/dev
lxc 20160410214402.279 INFO lxc_conf -
conf.c:mount_autodev:1113 - Mounted container /dev
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /proc/sys/fs/binfmt_misc on
/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc to respect
bind
Post by Muneeb Ahmad
Post by Serge Hallyn
or
Post by Muneeb Ahmad
remount options
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/proc/sys/fs/binfmt_misc
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
was 4096, required extra flags are 0
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping
remount
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.280 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/proc/sys/fs/binfmt_misc' on
'/usr/lib/arm-linux-gnueabihf/lxc/proc/sys/fs/binfmt_misc', type
'none'
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.281 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount
target
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/efivars'
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/fs/fuse/connections on
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections to respect
bind
Post by Muneeb Ahmad
Post by Serge Hallyn
or
Post by Muneeb Ahmad
remount options
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/sys/fs/fuse/connections
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
was 4096, required extra flags are 0
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping
remount
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.281 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/fs/fuse/connections' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/fuse/connections', type
'none'
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.281 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.281 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount
target
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /sys/kernel/debug on
/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug to respect bind or
remount options
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /sys/kernel/debug
was
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
4096, required extra flags are 0
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping
remount
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.282 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/sys/kernel/debug' on
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/debug', type 'none'
lxc 20160410214402.282 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.282 WARN lxc_conf -
conf.c:mount_entry_create_dir_file:1755 - Failed to create mount
target
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /dev/mqueue on
/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue to respect bind or
remount
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
options
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /dev/mqueue was
4096,
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 20480, skipping
remount
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/dev/mqueue' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/mqueue', type 'none'
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting /var/lib/lxd/devlxd on
/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd to respect bind or remount
options
Post by Muneeb Ahmad
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for /var/lib/lxd/devlxd
was
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
1024, required extra flags are 0
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping
remount
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.283 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted '/var/lib/lxd/devlxd' on
'/usr/lib/arm-linux-gnueabihf/lxc/dev/lxd', type 'none'
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1657 - remounting
/var/lib/lxd/shmounts/ubuntu-test on
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts to respect bind or
remount
Post by Muneeb Ahmad
options
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1672 - (at remount) flags for
/var/lib/lxd/shmounts/ubuntu-test was 1024, required extra flags are
0
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1681 - mountflags already was 4096, skipping
remount
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.284 DEBUG lxc_conf -
conf.c:mount_entry:1707 - mounted
'/var/lib/lxd/shmounts/ubuntu-test' on
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
'/usr/lib/arm-linux-gnueabihf/lxc/dev/.lxd-mounts', type 'none'
lxc 20160410214402.284 INFO lxc_conf -
conf.c:mount_file_entries:1926 - mount points have been setup
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd read-only
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/systemd//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.285 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second
stage
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/systemd//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer read-only
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/freezer//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.286 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second
stage
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/freezer//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/blkio//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second
stage
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/blkio//lxc/ubuntu-test
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu read-only
lxc 20160410214402.287 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpu//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second
stage
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpu//lxc/ubuntu-test
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls read-only
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/net_cls//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.288 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second
stage
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/net_cls//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/devices//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second
stage
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/devices//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1292 - Remounted
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset read-only
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1298 - Mounting
/sys/fs/cgroup/cpuset//lxc/ubuntu-test onto
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.289 INFO lxc_cgfsng -
cgfsng.c:do_secondstage_mounts_if_needed:1306 - Completed second
stage
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
cgroup automounts for
/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/cgroup/cpuset//lxc/ubuntu-test
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.289 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script
'/usr/share/lxcfs/lxc.mount.hook' for container 'ubuntu-test', config
section 'lxc'
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:run_buffer:347 - Script exited with status 1
lxc 20160410214402.495 ERROR lxc_conf -
conf.c:lxc_setup:3751 - failed to run mount hooks for container
'ubuntu-test'.
lxc 20160410214402.495 ERROR lxc_start -
start.c:do_start:819 - failed to setup the container
lxc 20160410214402.495 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process
(expected
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
sequence number 2)
lxc 20160410214402.495 WARN lxc_conf -
conf.c:lxc_delete_network:2908 - failed to remove interface 7 'eth0'
lxc 20160410214402.497 ERROR lxc_start -
start.c:__lxc_start:1329 - failed to spawn 'ubuntu-test'
lxc 20160410214402.606 INFO lxc_conf -
conf.c:run_script_argv:367 - Executing script '/usr/bin/lxd callhook
/var/lib/lxd 2 stop' for container 'ubuntu-test', config section
'lxc'
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to
receive
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
response
lxc 20160410214402.793 WARN lxc_commands -
commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to
receive
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
response
lxc 20160410214402.831 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214402.832 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214513.301 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214513.362 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214513.363 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214826.048 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type u nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
lxc 20160410214826.117 INFO lxc_confile -
confile.c:config_idmap:1498 - read uid map: type g nsid 0 hostid
165536
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
range 65536
Please someone help me out.
regards
On Sat, Apr 9, 2016 at 9:25 PM, Serge Hallyn <
Post by Serge Hallyn
Ok, fwiw rpi2 should work with Ubuntu as well iiuc.
Post by Muneeb Ahmad
I'm using Raspberry pi 2 actually. And I'll take a look at debian
and see
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
if their kernel have the userns_allow_unpriv option.
On Sat, Apr 9, 2016 at 9:00 AM, Serge Hallyn <
Post by Serge Hallyn
Post by Muneeb Ahmad
It's not in there.
Do you have any Raspberry pi OS recommendations for me? I'm
This is a rpi , not 2 or 3, so ubuntu isn't an option? But
debian is, right? And their kernel should have the
userns_allow_unpriv
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
or whatever sysctl, which would let you do it.
Post by Muneeb Ahmad
interested in running lxc containers and openstack(nova
only)?
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Thanks. On Sat, Apr 09, 2016 at 2:51 AM, Serge Hallyn <
Post by Muneeb Ahmad
Thanks for the answer. Is there a work around for this? Or
should I
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Muneeb Ahmad
just go for some other OS?
Sorry I don't know the recommended way to build/use a custom
kernel
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
in mint.
Actually, check /proc/sys/kernel/*user*. Is there something
like
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
Post by Serge Hallyn
Post by Muneeb Ahmad
unpriv_userns_allow? You may be able to just echo 1 > that.
-serge
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Serge Hallyn
2016-04-25 13:54:14 UTC
Permalink
Quoting Muneeb Ahmad (***@gmail.com):
...
Post by Muneeb Ahmad
lxc 20160421151846.936 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'
...
Post by Muneeb Ahmad
lxc 20160421151846.937 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
...
Post by Muneeb Ahmad
lxc 20160421151846.938 ERROR lxc_utils - utils.c:mkdir_p:253
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160421101847.173 ERROR lxc_seccomp -
seccomp.c:lxc_seccomp_load:615 - Error loading the seccomp policy
lxc 20160421151847.174 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process (expected
sequence number 4)
I question your kernel support. Those directories, especially
/sys/kernel/security, should exist - you should be getting EEXIST not
EPERM. The seccomp policy load could be an architecture related bug
in lxc's code, but given your other errors seems just as likely to
be lack of seccomp support in the kernel.

What does lxc-checkconfig show?
Muneeb Ahmad
2016-04-26 09:55:12 UTC
Permalink
Probably it is an architecture problem. seccomp is enabled in kernel and
lxc-checkconfig shows everything enabled too. Though there's no security in
/sys/kernel.
I managed to run containers when I told LXD to ignore the policy by "lxc
profile set default raw.lxc lxc.seccomp=". I would like to write a policy
for ARM architecture. Any ideas?
Post by Muneeb Ahmad
...
Post by Muneeb Ahmad
lxc 20160421151846.936 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/firmware/efi/'
...
Post by Muneeb Ahmad
lxc 20160421151846.937 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/fs/pstore'
...
Post by Muneeb Ahmad
lxc 20160421151846.938 ERROR lxc_utils -
utils.c:mkdir_p:253
Post by Muneeb Ahmad
- Permission denied - failed to create directory
'/usr/lib/arm-linux-gnueabihf/lxc/sys/kernel/security'
lxc 20160421101847.173 ERROR lxc_seccomp -
seccomp.c:lxc_seccomp_load:615 - Error loading the seccomp policy
lxc 20160421151847.174 ERROR lxc_sync -
sync.c:__sync_wait:52 - An error occurred in another process (expected
sequence number 4)
I question your kernel support. Those directories, especially
/sys/kernel/security, should exist - you should be getting EEXIST not
EPERM. The seccomp policy load could be an architecture related bug
in lxc's code, but given your other errors seems just as likely to
be lack of seccomp support in the kernel.
What does lxc-checkconfig show?
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Serge Hallyn
2016-04-27 14:27:58 UTC
Permalink
Post by Muneeb Ahmad
Probably it is an architecture problem. seccomp is enabled in kernel and
lxc-checkconfig shows everything enabled too. Though there's no security in
/sys/kernel.
I managed to run containers when I told LXD to ignore the policy by "lxc
profile set default raw.lxc lxc.seccomp=". I would like to write a policy
for ARM architecture. Any ideas?
What exactly is your distro/release/kernel version?

Stéphane, do you have armv7l in your set of hardware? Is that something
you've ever run plain lxc containes on?
Stéphane Graber
2016-04-27 14:34:49 UTC
Permalink
Post by Serge Hallyn
Post by Muneeb Ahmad
Probably it is an architecture problem. seccomp is enabled in kernel and
lxc-checkconfig shows everything enabled too. Though there's no security in
/sys/kernel.
I managed to run containers when I told LXD to ignore the policy by "lxc
profile set default raw.lxc lxc.seccomp=". I would like to write a policy
for ARM architecture. Any ideas?
What exactly is your distro/release/kernel version?
Stéphane, do you have armv7l in your set of hardware? Is that something
you've ever run plain lxc containes on?
Yup, buildd02 is armhf (armv7l) and builds LXD and LXC images every day.
LXD on the host, nested LXC in the container, 2.0.0 everywhere.
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
Muneeb Ahmad
2016-04-28 11:23:12 UTC
Permalink
I'm using ubuntu mate 15.10 and 4.6.0-rc1-v7+ kernel.
Post by Serge Hallyn
Post by Muneeb Ahmad
Probably it is an architecture problem. seccomp is enabled in kernel and
lxc-checkconfig shows everything enabled too. Though there's no security
in
Post by Muneeb Ahmad
/sys/kernel.
I managed to run containers when I told LXD to ignore the policy by "lxc
profile set default raw.lxc lxc.seccomp=". I would like to write a policy
for ARM architecture. Any ideas?
What exactly is your distro/release/kernel version?
Stéphane, do you have armv7l in your set of hardware? Is that something
you've ever run plain lxc containes on?
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Serge Hallyn
2016-04-28 15:23:46 UTC
Permalink
Is it possible for you to try with the Ubuntu xenial kernel
4.4.0-21.37 ?
Post by Muneeb Ahmad
I'm using ubuntu mate 15.10 and 4.6.0-rc1-v7+ kernel.
Post by Serge Hallyn
Post by Muneeb Ahmad
Probably it is an architecture problem. seccomp is enabled in kernel and
lxc-checkconfig shows everything enabled too. Though there's no security
in
Post by Muneeb Ahmad
/sys/kernel.
I managed to run containers when I told LXD to ignore the policy by "lxc
profile set default raw.lxc lxc.seccomp=". I would like to write a policy
for ARM architecture. Any ideas?
What exactly is your distro/release/kernel version?
Stéphane, do you have armv7l in your set of hardware? Is that something
you've ever run plain lxc containes on?
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________
lxc-users mailing list
http://lists.linuxcontainers.org/listinfo/lxc-users
Continue reading on narkive:
Loading...