The verification of the Stable Release Update for lxc has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1386840 Title: [SRU] failure to start a container Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Trusty: Incomplete Status in lxc source package in Utopic: Fix Released Bug description: [Impact] Without this patch containers that don't have a complete apparmor configuration fail to start. Making lxc unusable to run Debian Sid and Jessie (at least). This bug is not present in Trusty, which ships 1.0.7 (Debian Sid runs OK). [Test Case] - Create a debian sid container $ sudo env SUITE=sid lxc-create -t debian -n sid - Start the container $ sudo lxc-start -n sid Expected behavior: The container is started Actual behavior: $ sudo lxc-start -F -n sid lxc-start: lsm/apparmor.c: mount_feature_enabled: 61 Permission denied - Error mounting securityfs lxc-start: lsm/apparmor.c: apparmor_process_label_set: 186 If you really want to start this container, set lxc-start: lsm/apparmor.c: apparmor_process_label_set: 187 lxc.aa_allow_incomplete = 1 lxc-start: lsm/apparmor.c: apparmor_process_label_set: 188 in your container configuration file lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 4 lxc-start: start.c: __lxc_start: 1087 failed to spawn 'sid' lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing name=systemd:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing perf_event:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing net_prio:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing net_cls:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing memory:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing hugetlb:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing freezer:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing devices:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing cpuset:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing cpuacct:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing cpu:lxc/sid-2 lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing blkio:lxc/sid-2 lxc-start: lxc_start.c: main: 337 The container failed to start. lxc-start: lxc_start.c: main: 341 Additional information can be obtained by setting the --logfile and --logpriority options. [Regression Potential] No regressions expected, different versions of Ubuntu and Debian containers were tested with this patch applied. [Other Info] On utopic using lxc version 1.1.0~alpha2-0ubuntu3, I was unable to start a container. $ sudo lxc-start -F -n lxc-errors lxc-start: lsm/apparmor.c: mount_feature_enabled: 61 Permission denied - Error mounting securityfs lxc-start: lsm/apparmor.c: apparmor_process_label_set: 186 If you really want to start this container, set lxc-start: lsm/apparmor.c: apparmor_process_label_set: 187 lxc.aa_allow_incomplete = 1 lxc-start: lsm/apparmor.c: apparmor_process_label_set: 188 in your container configuration file lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 4 lxc-start: start.c: __lxc_start: 1087 failed to spawn 'lxc-errors' lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing name=systemd:lxc/lxc-errors-2 Switching to the version of lxc in http://ppa.launchpad.net/ubuntu- lxc/daily/ resolved the failure to start for me. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1386840/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp