I posted a question in Ask Ubuntu, but I believe that my problem may be LXC-specific (though I'm not entirely sure), so I'll ask here too! I am attempting to run an Ubuntu 14.04 container within an Ubuntu 14.04 and have Spice access to it. After quite a bit of work, I was finally able to get it working within a Fedora LXC container using the newest Spice sources from git. However, I am not having the same luck within an Ubuntu 14.04 container.
Spice, being a Redhat project, relies on Systemd. Systemd's login implementation, specifically. This shouldn't be a problem since Ubuntu 14.04 uses the libsystemd-login0 to manage X sessions. However, when spice-vdagent starts up, spice-vdagentd attempts to get spice-vdagent's session information via a call to sd_pid_get_session(), which is handled by libsystemd-login0. spice-vdagentd then complains: spice-vdagent[1831]: debug: 0xbd9010 connected to /var/run/spice-vdagentd/spice-vdagent-sock spice-vdagentd: err: Error getting session for pid 1831: No such file or directory After digging around in the Ubuntu libsystemd-login0 source, it looks like this call is reliant on the existence of the systemd cgroup within /sys/fs/cgroup/systemd. However, this cgroup never gets populated within the LXC container. I thought I had tracked down the solution within the file /etc/init/systemd-logind.conf, which has a line that tests whether the system is running within a container and, if it is, doesn't mount the cgroup. It is prefixed by a comment that says "mounting the cgroup does not work in LXC, there it uses cgmanager," which isn't really that explanatory to me -- is it a problem that LXC uses cgmanager? I removed the container check, rebooted my container and, sure enough, the systemd cgroup did show up. Unfortunately, the cgroup does not actually get populated by any PIDs. /sys/fs/cgroup/systemd/cgroup.procs is always empty. I looked at my host Ubuntu 14.04 system, and the systemd cgroup seems to be working just fine in that regard. To try to eliminate the number of possible variables in this problem, so I am running my container using the "unrestricted" profile. Below are the configs for my working Fedora container and my problematic LXC container, though I don't believe it is a configuration problem per se. Fedora: lxc.tty = 4 lxc.pts = 1024 lxc.devttydir = lxc lxc.arch = x86_64 lxc.aa_profile = unconfined lxc.seccomp = /usr/share/lxc/config/common.seccomp lxc.autodev = 1 lxc.cgroup.devices.deny = a lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:5 rwm lxc.cgroup.devices.allow = c 1:7 rwm lxc.cgroup.devices.allow = c 5:0 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 5:2 rwm lxc.utsname = fedora2 lxc.network.type = veth lxc.network.flags = up lxc.network.link = lxcbr0 lxc.network.hwaddr = 00:16:3e:4a:58:88 lxc.cap.drop = mac_admin lxc.cap.drop = mac_override lxc.cap.drop = sys_module lxc.cap.drop = sys_nice lxc.cap.drop = sys_pacct lxc.cap.drop = sys_rawio lxc.cap.drop = sys_time lxc.hook.clone = /usr/share/lxc/hooks/clonehostname lxc.rootfs = overlayfs:/var/lib/lxc/fedora/rootfs:/var/lib/lxc/fedora2/delta0 Ubuntu 14.04: lxc.mount = /var/lib/lxc/ubuntu2/fstab lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 lxc.mount.entry = sysfs sys sysfs defaults 0 0 lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0 lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0 lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0 lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0 lxc.aa_profile = unconfined #lxc.mount.auto = cgroup:mixed #lxc.mount.auto = proc:mixed lxc.autodev = 1 lxc.tty = 4 lxc.pts = 1024 lxc.devttydir = lxc lxc.arch = x86_64 lxc.seccomp = /usr/share/lxc/config/common.seccomp lxc.cgroup.devices.deny = a lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:5 rwm lxc.cgroup.devices.allow = c 5:0 rwm lxc.cgroup.devices.allow = c 5:1 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 5:2 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 254:0 rm lxc.cgroup.devices.allow = c 10:229 rwm lxc.cgroup.devices.allow = c 10:200 rwm lxc.cgroup.devices.allow = c 1:7 rwm lxc.cgroup.devices.allow = c 10:228 rwm lxc.cgroup.devices.allow = c 10:232 rwm lxc.utsname = ubuntu2 lxc.network.type = veth lxc.network.flags = up lxc.network.link = lxcbr0 lxc.network.hwaddr = 00:16:3e:be:57:ad lxc.cap.drop = sys_module lxc.cap.drop = mac_admin lxc.cap.drop = mac_override lxc.cap.drop = sys_time lxc.rootfs = overlayfs:/var/lib/lxc/ubuntu/rootfs:/var/lib/lxc/ubuntu2/delta0 lxc.pivotdir = lxc_putold _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
