I have confirmed that the fix for this indeed does fix my issue. Thanks
for your prompt attention!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1560120
Title:
Unprivileged nested
Public bug reported:
This is a follow up to bug #1543697 where I have a Trusty host with ppa
:ubuntu-lxc/stable installed and have a privileged Xenial LXC and a
nested unprivileged LXC.
After some recent update(s), the unprivileged nested LXC will not start
again. I've attached a debug log.
Hi Serge,
Thanks for working with me on this.
So it does work when I ssh into the privileged container as user ubuntu
and then start the unprivileged container.
I'm guessing there may be no way to start the unprivileged container
from lxc-attach like I want to, right?
Here is the output you
I tried adding "lxc.include = /usr/share/lxc/config/nesting.conf" as I
didn't know this existed. However, it didn't help.
As you say, I can create unprivileged containers as user ubuntu, I just
can't start them. Are you able to start unprivileged containers as user
ubuntu? If so, how are you
Sure, here is the requested info:
$ uname -a
Linux Slave1 4.4.0-9-generic #24-Ubuntu SMP Mon Feb 29 19:33:19 UTC 2016 x86_64
x86_64 x86_64 GNU/Linux
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
I have version 2.0.0~rc5-0ubuntu1 on both the Xenial host and Xenial
privileged container installed. I have rebooted the host and have also
stopped and restarted the privileged container.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed
This still doesn't seem fixed. I've attached the latest debug log.
** Attachment added: "start_test.out"
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1543697/+attachment/4588355/+files/start_test.out
--
You received this bug notification because you are a member of Ubuntu
Server
I have tried this again and the error is different now. I've attached a
debug log.
** Attachment added: "start_test.out"
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1543697/+attachment/4587021/+files/start_test.out
--
You received this bug notification because you are a member of
Public bug reported:
Using lxc package 2.0.0~rc4-0ubuntu1 on a Xenial host, I can start an
unprivileged Xenial LXC, but if I stop it, it will not start again
without rebooting the host.
I've attached the debug output.
** Affects: lxc (Ubuntu)
Importance: Undecided
Status: New
**
The containers now start after today's updates (2.0.0~rc4-0ubuntu1).
Also a new kernel was installed which may have fixed something too.
At any rate, looks like it's fixed for now.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed
I updated to the latest LXC (2.0.0~rc3-0ubuntu2) and the cgroup
permission issue still occurs. The unprivileged containers are created
by the user and started by the user, ie, not root.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
I have rebooted my machine multiple times and the issue(s) still occur.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1549363
Title:
Unprivileged LXC will not start after today's
After the latest lxc updates (2.0.0~rc3-0ubuntu1), a new failure is now
occurring. See attached debug log.
** Attachment added: "start_lxc.out"
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1549363/+attachment/4580930/+files/start_lxc.out
--
You received this bug notification because
Public bug reported:
After today's (Feb. 24, 2016) updates, unprivileged LXC's will no longer
start. Attaching 'start_lxc.out' debug log as well.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: lxc 2.0.0~rc2-0ubuntu2
ProcVersionSignature: Ubuntu 4.4.0-7.22-generic 4.4.2
Uname: Linux
** Description changed:
I have a host where I create a privileged Xenial container. Inside that
privileged container, I create an unprivileged Xenial container using
the ubuntu user in the privileged container. When I try starting the
unprivileged container, I get the following error:
Public bug reported:
I have a host where I create a privileged Xenial container. Inside that
privileged container, I create an unprivileged Xenial container using
the ubuntu user in the privileged container. When I try starting the
unprivileged container, I get the following error:
Ok, thanks, that might work.
I will have to think on how best to parse the log file for any error
messages that are only applicable to the actual LXC Python API call the
application is executing and pass these error messages back to the user
and present them in a meaningful manner.
--
You
Public bug reported:
I use the Python API extensively on the lp:libertine project. However,
when there is an error somewhere in the LXC layer, the only thing that
is returned is False which is not very useful when trying to figure out
what has gone wrong.
For example, I try to use the
Public bug reported:
I have a Xenial host with a Xenial LXC and as of today's updates, the
container no longer gets an IP address and systemd does not appear to
have run.
This same exact container worked fine last Friday, only packages on my
host changed.
Also, I'm not sure if other host/LXC
I've attached the list of packages that were updated when this issue
started to occur.
** Attachment added: "list_of_packages"
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1519079/+attachment/4524270/+files/list_of_packages
--
You received this bug notification because you are a
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1517107
Title:
$PATH is getting clobbered when starting a container
Public bug reported:
I have a script using the Python3 LXC API that starts up a container.
If I use an Upstart job to call the script, the $PATH env var is getting
clobbered and the container fails to start.
** Affects: lxc (Ubuntu)
Importance: Undecided
Status: New
--
You
Hey Stéphane,
I agree that hardcoding the phablet user is not the best way to go about
this. This is really only needed for The Future in which devices use a
kernel that supports unprivileged containers. I think at this juncture,
going about the way where members of a lxc-net group
Hi Serge,
Well, the problem is that /etc/lxc/lxc-usernet is read-only, so it can't
be modified by a user action. I'm not really sure how modifications of
system files is supposed to take place in the New World.
I think for a short-term solution, we can take the Vivid lxc source
package and
Yes, I think that is the bug. Here is the output:
$ cat /proc/self/cgroup
10:cpuset:/user.slice
9:blkio:/user.slice
8:cpu,cpuacct:/user.slice
7:perf_event:/user.slice
6:devices:/user.slice
5:freezer:/user.slice
4:memory:/user.slice
3:net_cls,net_prio:/user.slice
2:hugetlb:/user.slice
Public bug reported:
After today's (June 30) updates, a Wily LXC created on a Wily host will
not start.
ProblemType: Bug
DistroRelease: Ubuntu 15.10
Package: lxc 1.1.2-0ubuntu3 [modified: usr/lib/x86_64-linux-gnu/lxc/lxc-net]
ProcVersionSignature: Ubuntu 3.19.0-22.22-generic 3.19.8-ckt1
Uname:
I'm also attaching the log during the failure.
** Attachment added: start.out
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1470135/+attachment/4422483/+files/start.out
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in
Also of note, there was an update to systemd today, which tends to cause
issues with lxc:(
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1470135
Title:
Wily lxc will not start on Wily
Hey Serge,
Yes, I can confirm that setting LXC_DHCP_CONFILE=/dev/null does indeed
make it work.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dnsmasq in Ubuntu.
https://bugs.launchpad.net/bugs/1468611
Title:
dnsmasq
I'm hitting this too. When the lxcbr0 device is not available, my
unpriv'd containers will not start due to not being able to set up the
network.
If I just touch /etc/dnsmasq.conf, then it all works as expected.
--
You received this bug notification because you are a member of Ubuntu
Server
The rootfs used Vivid and now Wily, but the issue remains with both.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1452451
Title:
failed to change apparmor profile to
Dang, I was afraid you might not be able to reproduce, being a race and
all. I'm not sure it's possible to hand off the system as it's my
primary development machine.
I think I will take a stab in trying to debug this. A quick looks shows
that it is failing in this block in lsm/apparmor.c:
if
So, if I remove the lxc-wait out of the start/wait/attach sequence, then
I always get the failure. This really points to a race where RUNNING is
being reported before it is really fully started.
It looks like the RUNNING state is set in start.c, so perhaps it is
being set a bit too early where
I've been trying to capture a log of the failure when running lxc-attach
and it seems to cause just enough delay to get by the race. Also, it
does not always occur, but more time than not, the error happens leading
more credence to this being a race. I've attached the config I use for
the
Actually, running sudo unity8-lxc-setup has a start/wait/attach
sequence that is causing failures. Another way I try to reproduce after
the whole container is setup is to create a little script with the
following:
lxc-start -n unity8-lxc
lxc-wait -t 5 -s RUNNING -n unity8-lxc
lxc-attach -n
Hi Serge,
This does not happen when doing this by hand, only in a script. And I
can't seem to reproduce on a container created using a template. So
far, I've only been able to reproduce this when creating the container
using the procedure in lp:unity8-preview-lxc. This is a project that
was
This may be an lxc only issue as well, so I'm adding that package to
this bug.
** Also affects: lxc (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
Public bug reported:
I develop and maintain the unity8-lxc package (lp:unity8-preview-lxc)
which uses an unpacked Ubuntu Next Desktop ISO as a privileged rootfs.
It uses the lxc-container-default-with-nesting apparmor profile since
we'd like to support containers within this.
When I try to do a
Any ideas when this will be fixed in Trusty? This is blocking
unity8-lxc from working anymore on Trusty hosts.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1347020
Title:
systemd
Public bug reported:
When I try using cgm on cgroups that have a comma, I get an Invalid
Request error.
For example, if I try cgm create net_cls,net_prio $USER inside a Vivid
container, the Vivid host's cgmanager will start to spin at 100% CPU and
the command fails.
ProblemType: Bug
Hey Serge,
Thanks for looking into this more and better documentation would be most
helpful.
I'm not really sure if it matters any more, but my python script does
indeed ask to load /usr/share/lxc/config/ubuntu.common.conf. Here is
the code snippet before I start adding custom config options:
Hi Serge,
Ok, I understand I can fix this issue by adding that line in my config.
However, my gripe now with this is that my configuration was working
with no issues prior to an update in LXC, then it broke for no apparent
reason. Why was it automounting /sys before and not now? Shouldn't
this
** Changed in: lxc (Ubuntu)
Status: Incomplete = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1417909
Title:
Container fails to start with error mounting
Hey Serge,
Yes, adding 'lxc.mount.auto = sys' fixes the issue.
The container is an extracted ISO from http://cdimage.ubuntu.com/ubuntu-
desktop-next/daily-live/current/vivid-desktop-amd64.iso for the Unity 8
in LXC project.
--
You received this bug notification because you are a member of
Public bug reported:
It seems a fairly recent update to LXC has caused this. This is a
privileged container. I will attach debug output when trying to start
the container.
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: lxc 1.1.0~rc4-0ubuntu1
ProcVersionSignature: Ubuntu
This is the debug output when starting the container.
** Attachment added: debug.txt
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1417909/+attachment/4311947/+files/debug.txt
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
This is the generated LXC config file.
** Attachment added: config
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1417909/+attachment/4311948/+files/config
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
Public bug reported:
I'm using the Python API to append entries to the LXC config file. When
I do the following:
container.set_config_item(lxc.mount.auto, cgroup:mixed)
I get an extra lxc.mount.auto entry in the config file. This is what it
looks like:
lxc.mount.auto =
lxc.mount.auto =
48 matches
Mail list logo
