Hi Thanks for your followup here and those on IRC:
On Sat, Aug 10, 2019 at 09:59:17PM +0200, Pierre-Elliott Bécue wrote: > I'll follow up to github to ask for some help, but have you tried to > debug the "no space left on device" part? Are cgroups properly > available? Not on the first, but cgroups are properly available (and used as systemd needs those as well): cat /proc/cgroups #subsys_name hierarchy num_cgroups enabled cpuset 9 44 1 cpu 5 93 1 cpuacct 5 93 1 blkio 6 93 1 memory 3 251 1 devices 8 94 1 freezer 2 9 1 net_cls 10 4 1 perf_event 11 4 1 net_prio 10 4 1 pids 7 107 1 rdma 4 4 1 following our discussion on IRC I tested a couple of things. Setting "lxc.apparmor.profile = unconfined" did not change, the containers can still not be started. Next I builded a version on top of the one in sid uncommenting 0001-0003 patches in series file, and as well updated the symbols file according to the now not anymore available symbols added via the 0001 patch. Here as well uncommented the lxc.apparmor.allow_nesting option settings. Regards, Salvatore
