Public bug reported:
The s390x host used to Juju testing spontaneously broke today.
The disk filled up, we restarted so that we could remove unused
kernels. We discovered that lxc1 cannot create containers any more.
$ sudo lxc-create -t ubuntu-cloud -n curtis -- -r xenial -a s390x
$ sudo lxc-start -o lxc.log -n curtis
lxc-start: tools/lxc_start.c: main: 344 The container failed to start.
lxc-start: tools/lxc_start.c: main: 346 To get more details, run the container
in foreground mode.
lxc-start: tools/lxc_start.c: main: 348 Additional information can be obtained
by setting the --logfile and --logpriority options.
$ cat lxc.log
lxc-start 20161020121833.069 ERROR lxc_seccomp -
seccomp.c:get_new_ctx:224 - Seccomp error -17 (File exists) adding arch: 15
lxc-start 20161020121833.069 ERROR lxc_start - start.c:lxc_init:430 -
failed loading seccomp policy
lxc-start 20161020121833.069 ERROR lxc_start -
start.c:__lxc_start:1313 - failed to initialize the container
lxc-start 20161020121838.075 ERROR lxc_start_ui -
tools/lxc_start.c:main:344 - The container failed to start.
lxc-start 20161020121838.075 ERROR lxc_start_ui -
tools/lxc_start.c:main:346 - To get more details, run the container in
foreground mode.
lxc-start 20161020121838.075 ERROR lxc_start_ui -
tools/lxc_start.c:main:348 - Additional information can be obtained by setting
the --logfile and --logpriority options.
# <stgraber> sinzui: checking when s390x seccomp support was added to the
# kernel, to see if it's just a missing config in our kernel that'd fix that
# cleanly or if we'd need it backported to 4.4 which would be a bit more
# annoying
# <stgraber> sinzui: config-4.4.0-45-generic is what you're running right?
# <sinzui> stgraber uname-a says 4.4.0-45-generic
# stgraber> sinzui: you can workaround it by putting a file
# with lxc.seccomp=
# in /usr/share/lxc/config/common.conf.d/, that should get you going again
WORK AROUND
# on the s390x-slave
sudo vim /usr/share/lxc/config/common.conf.d/10-secomp-hack.conf
$ cat /usr/share/lxc/config/common.conf.d/10-secomp-hack.conf
# Advised to stgraber to add this file after seeing lxc-start fail with
# lxc-start 20161020121833.069 ERROR lxc_seccomp - seccomp.
lxc.seccomp=
** Affects: juju-ci-tools
Importance: Critical
Assignee: Curtis Hovey (sinzui)
Status: Fix Committed
** Affects: lxc (Ubuntu)
Importance: Undecided
Status: New
** Tags: jujuqa lxd regression s390x
** Also affects: lxc
Importance: Undecided
Status: New
** Project changed: lxc => juju-ci-tools
** Changed in: juju-ci-tools
Status: New => Fix Committed
** Changed in: juju-ci-tools
Importance: Undecided => Critical
** Changed in: juju-ci-tools
Assignee: (unassigned) => Curtis Hovey (sinzui)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1635639
Title:
Seccomp error with 2.0.5-0ubuntu1~ubuntu16.04.1 on s390x
Status in juju-ci-tools:
Fix Committed
Status in lxc package in Ubuntu:
New
Bug description:
The s390x host used to Juju testing spontaneously broke today.
The disk filled up, we restarted so that we could remove unused
kernels. We discovered that lxc1 cannot create containers any more.
$ sudo lxc-create -t ubuntu-cloud -n curtis -- -r xenial -a s390x
$ sudo lxc-start -o lxc.log -n curtis
lxc-start: tools/lxc_start.c: main: 344 The container failed to start.
lxc-start: tools/lxc_start.c: main: 346 To get more details, run the
container in foreground mode.
lxc-start: tools/lxc_start.c: main: 348 Additional information can be
obtained by setting the --logfile and --logpriority options.
$ cat lxc.log
lxc-start 20161020121833.069 ERROR lxc_seccomp -
seccomp.c:get_new_ctx:224 - Seccomp error -17 (File exists) adding arch: 15
lxc-start 20161020121833.069 ERROR lxc_start - start.c:lxc_init:430
- failed loading seccomp policy
lxc-start 20161020121833.069 ERROR lxc_start -
start.c:__lxc_start:1313 - failed to initialize the container
lxc-start 20161020121838.075 ERROR lxc_start_ui -
tools/lxc_start.c:main:344 - The container failed to start.
lxc-start 20161020121838.075 ERROR lxc_start_ui -
tools/lxc_start.c:main:346 - To get more details, run the container in
foreground mode.
lxc-start 20161020121838.075 ERROR lxc_start_ui -
tools/lxc_start.c:main:348 - Additional information can be obtained by setting
the --logfile and --logpriority options.
# <stgraber> sinzui: checking when s390x seccomp support was added to the
# kernel, to see if it's just a missing config in our kernel that'd fix that
# cleanly or if we'd need it backported to 4.4 which would be a bit more
# annoying
# <stgraber> sinzui: config-4.4.0-45-generic is what you're running right?
# <sinzui> stgraber uname-a says 4.4.0-45-generic
# stgraber> sinzui: you can workaround it by putting a file
# with lxc.seccomp=
# in /usr/share/lxc/config/common.conf.d/, that should get you going again
WORK AROUND
# on the s390x-slave
sudo vim /usr/share/lxc/config/common.conf.d/10-secomp-hack.conf
$ cat /usr/share/lxc/config/common.conf.d/10-secomp-hack.conf
# Advised to stgraber to add this file after seeing lxc-start fail with
# lxc-start 20161020121833.069 ERROR lxc_seccomp - seccomp.
lxc.seccomp=
To manage notifications about this bug go to:
https://bugs.launchpad.net/juju-ci-tools/+bug/1635639/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
