On Tue, Feb 09, 2021 at 10:59:56PM -0600, Serge E. Hallyn wrote:
> On Sun, Feb 07, 2021 at 11:19:57PM +0100, Peter Carlsson wrote:
> > Hello!
> >
> > I am new to lxc and just signed up to this mailing list.
> >
> > As root I have created a lxc container and installed code-insiders to
>
> How did you create it as root, exactly?
lxc-create -t download -n VisualStudioCode -- -d debian -r buster -a amd64
> > run Visual Studio Code inside the container.
> >
> > After reading an article I added the following lines to the containers
> > config and verified that the UID/GID match host user UID/GID:
> >
> > # Container's UID/GID 0-65535 are mapped to host's 100000-165535,
> > # but UID/GID 1000 on the container is mapped to host's UID/GID 1000.
> > lxc.idmap = u 0 100000 1000
> > lxc.idmap = g 0 100000 1000
> > lxc.idmap = u 1000 1000 1
> > lxc.idmap = g 1000 1000 1
> > lxc.idmap = u 1001 101001 64535
> > lxc.idmap = g 1001 101001 64535
> >
> > When I try as user with UID 1000 to start the container I get:
> >
> > lxc-start -n VisualStudioCode -F
> > lxc-start: VisualStudioCode: tools/lxc_start.c: main: 214 You lack access
> > to /home/peter/.local/share/lxc
>
> Check the ownership and permissions on each directory in the path
> /home/peter/.local/share/lxc
> Give them all o+x so that your subuids can descend them.
Both /home/peter/.local/share/lxc and /root/.local/share/lxc does not
exist.
> >
> > When I try as root to start the container I get:
> >
> > lxc-start -n VisualStudioCode -F
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: mkdir_eexist_on_last: 1219
> > File exists - Failed to create directory
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: create_path_for_hierarchy:
> > 1243 Failed to create cgroup "/sys/fs/cgroup/unified//lxc/VisualStudioCode"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: cgfsng_payload_create:
> > 1321 Failed to create cgroup "/sys/fs/cgroup/unified//lxc/VisualStudioCode"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: mkdir_eexist_on_last: 1219
> > File exists - Failed to create directory
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-1"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: create_path_for_hierarchy:
> > 1243 Failed to create cgroup
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-1"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: cgfsng_payload_create:
> > 1321 Failed to create cgroup
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-1"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: mkdir_eexist_on_last: 1219
> > File exists - Failed to create directory
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-2"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: create_path_for_hierarchy:
> > 1243 Failed to create cgroup
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-2"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: cgfsng_payload_create:
> > 1321 Failed to create cgroup
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-2"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: mkdir_eexist_on_last: 1219
> > File exists - Failed to create directory
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-3"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: create_path_for_hierarchy:
> > 1243 Failed to create cgroup
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-3"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: cgfsng_payload_create:
> > 1321 Failed to create cgroup
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-3"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: mkdir_eexist_on_last: 1219
> > File exists - Failed to create directory
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-4"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: create_path_for_hierarchy:
> > 1243 Failed to create cgroup
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-4"
> > lxc-start: VisualStudioCode: cgroups/cgfsng.c: cgfsng_payload_create:
> > 1321 Failed to create cgroup
> > "/sys/fs/cgroup/unified//lxc/VisualStudioCode-4"
> > lxc-start: VisualStudioCode: conf.c: lxc_map_ids: 3023 newuidmap failed
> > to write mapping "newuidmap: uid range [0-1000) -> [100000-101000) not
> > allowed": newuidmap 26576 0 100000 1000 1000 1000 1 1001 101001 64535
> > lxc-start: VisualStudioCode: start.c: lxc_spawn: 1720 Failed to set up id
> > mapping.
>
> This is probably because you'd need /etc/subid and /etc/subgid
> mappings for the root user to use your ranges. But it's best
> to get it running as non-root.
Those files does not even exist. Should I create them manually or are
they part of the lxc installation?
I also notice that in the output above there are two / in the paths
after unified. Is that only in the output or is it an error?
> > lxc-start: VisualStudioCode: start.c: __lxc_start: 1951 Failed to spawn
> > container "VisualStudioCode"
> > lxc-start: VisualStudioCode: conf.c: lxc_map_ids: 3023 newuidmap failed
> > to write mapping "newuidmap: uid range [0-1000) -> [100000-101000) not
> > allowed": newuidmap 26612 0 100000 1000 65536 0 1
> > lxc-start: VisualStudioCode: conf.c: userns_exec_1: 4391 Error setting up
> > {g,u}id mappings for child process "26612"
> > lxc-start: VisualStudioCode: tools/lxc_start.c: main: 330 The container
> > failed to start
> > lxc-start: VisualStudioCode: tools/lxc_start.c: main: 336 Additional
> > information can be obtained by setting the --logfile and --logpriority
> > options
> >
> > I am running Debian Buster with lxc version 3.1.0.
> >
> > Obviously I am doing something wrong in my configuration or how I use lxc.
> >
> > Any help would be appreciated.
> >
> > Best regards,
> > Peter Carlsson
Thanks for your help!
/Peter
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
