>From my current experience on Ubuntu 16.10 and LXC managed by Proxmox with Neo4j:
+ The service starts but does not create listening sockets after the initial run, when the /etc/neo4j/neo4j.conf configuration is changed to the following below: neo4j.conf >> ++ dbms.connectors.default_listen_address=0.0.0.0 root@neo4j-nmap:~# service neo4j status * neo4j.service - LSB: Neo4j Graph Database server Loaded: loaded (/etc/init.d/neo4j; generated; vendor preset: enabled) Active: active (exited) since Fri 2017-02-17 04:24:15 UTC; 5 days ago Docs: man:systemd-sysv-generator(8) Process: 486 ExecStart=/etc/init.d/neo4j start (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 4915) CGroup: /system.slice/neo4j.service Feb 17 04:24:15 neo4j-nmap systemd[1]: neo4j.service: Failed to reset devices.list: Operation n Feb 17 04:24:15 neo4j-nmap systemd[1]: Starting LSB: Neo4j Graph Database server... Feb 17 04:24:15 neo4j-nmap neo4j[486]: Starting Neo4j. Feb 17 04:24:15 neo4j-nmap neo4j[486]: WARNING: Max 1024 open files allowed, minimum of 40000 r Feb 17 04:24:15 neo4j-nmap neo4j[486]: Started neo4j (pid 579). By default, it is available at Feb 17 04:24:15 neo4j-nmap neo4j[486]: There may be a short delay until the server is ready. Feb 17 04:24:15 neo4j-nmap neo4j[486]: See /var/log/neo4j/neo4j.log for current status. Feb 17 04:24:15 neo4j-nmap systemd[1]: Started LSB: Neo4j Graph Database server. Feb 17 04:38:44 neo4j-nmap systemd[1]: neo4j.service: Failed to reset devices.list: Operation n root@neo4j-nmap:~# netstat -ant|grep LISTEN tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp6 0 0 :::5355 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN tcp6 0 0 ::1:25 :::* LISTEN -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1582364 Title: Failure to reset devices.list on LXC privileged containers on Xenial Status in lxc package in Ubuntu: Invalid Bug description: I created a privilege container on Xenial using command "sudo lxc- create -n test-privilege -t ubuntu", and container hits failed to reset devices.list errors for every boot: root@psyduck-maas20:/var/lib/lxc# sudo lxc-start -n test-privilege -F systemd 229 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN) Detected virtualization lxc. Detected architecture x86-64. Welcome to Ubuntu 16.04 LTS! Set hostname to <test-privilege>. Failed to install release agent, ignoring: No such file or directory [ OK ] Reached target Swap. [ OK ] Listening on Syslog Socket. Failed to reset devices.list on /system.slice: Operation not permitted [ OK ] Created slice System Slice. Failed to reset devices.list on /system.slice/system-getty.slice: Operation not permitted [ OK ] Created slice system-getty.slice. [ OK ] Reached target Encrypted Volumes. [ OK ] Reached target Remote File Systems (Pre). [ OK ] Reached target Remote File Systems. [ OK ] Listening on Journal Socket (/dev/log). [ OK ] Started Forward Password Requests to Wall Directory Watch. [ OK ] Listening on Journal Audit Socket. [ OK ] Listening on Journal Socket. Failed to reset devices.list on /system.slice/dev-hugepages.mount: Operation not permitted Mounting Huge Pages File System... Failed to reset devices.list on /system.slice/systemd-journald.service: Operation not permitted Starting Journal Service... Failed to reset devices.list on /system.slice/resolvconf.service: Operation not permitted Starting Nameserver information manager... Failed to reset devices.list on /system.slice/systemd-remount-fs.service: Operation not permitted Starting Remount Root and Kernel File Systems... [ OK ] Started Dispatch Password Requests to Console Directory Watch. Failed to reset devices.list on /system.slice/system-container\x2dgetty.slice: Operation not permitted [ OK ] Created slice system-container\x2dgetty.slice. [ OK ] Reached target Slices. [ OK ] Listening on /dev/initctl Compatibility Named Pipe. [ OK ] Reached target Sockets. Failed to reset devices.list on /system.slice/dev-lxc-tty4.mount: Operation not permitted Failed to reset devices.list on /system.slice/sys-kernel-debug.mount: Operation not permitted Failed to reset devices.list on /system.slice/dev-lxc-tty2.mount: Operation not permitted Failed to reset devices.list on /system.slice/-.mount: Operation not permitted Failed to reset devices.list on /system.slice/dev-lxc-tty1.mount: Operation not permitted Failed to reset devices.list on /system.slice/dev-mqueue.mount: Operation not permitted Failed to reset devices.list on /system.slice/dev-lxc-tty3.mount: Operation not permitted Failed to reset devices.list on /system.slice/proc-diskstats.mount: Operation not permitted Failed to reset devices.list on /system.slice/sys-fs-fuse-connections.mount: Operation not permitted Failed to reset devices.list on /system.slice/proc-meminfo.mount: Operation not permitted Failed to reset devices.list on /system.slice/proc-uptime.mount: Operation not permitted Failed to reset devices.list on /system.slice/sys-devices-virtual-net.mount: Operation not permitted Failed to reset devices.list on /system.slice/dev-lxc-console.mount: Operation not permitted Failed to reset devices.list on /system.slice/proc-sys-net.mount: Operation not permitted Failed to reset devices.list on /system.slice/proc-swaps.mount: Operation not permitted Failed to reset devices.list on /system.slice/proc-sysrq\x2dtrigger.mount: Operation not permitted Failed to reset devices.list on /system.slice/proc-stat.mount: Operation not permitted Failed to reset devices.list on /system.slice/proc-cpuinfo.mount: Operation not permitted Failed to reset devices.list on /init.scope: Operation not permitted [ OK ] Mounted Huge Pages File System. [ OK ] Started Remount Root and Kernel File Systems. Failed to reset devices.list on /system.slice/systemd-random-seed.service: Operation not permitted Starting Load/Save Random Seed... [ OK ] Reached target Local File Systems (Pre). [ OK ] Reached target Local File Systems. Failed to reset devices.list on /system.slice/systemd-remount-fs.service: Operation not permitted [ OK ] Started Journal Service. Starting Flush Journal to Persistent Storage... [ OK ] Started Nameserver information manager. Starting Raise network interfaces... [ OK ] Started Load/Save Random Seed. [ OK ] Started Flush Journal to Persistent Storage. Starting Create Volatile Files and Directories... [ OK ] Started Create Volatile Files and Directories. Starting Update UTMP about System Boot/Shutdown... [ OK ] Reached target System Time Synchronized. [ OK ] Started Update UTMP about System Boot/Shutdown. [ OK ] Reached target System Initialization. [ OK ] Started Trigger resolvconf update for networkd DNS. [ OK ] Reached target Paths. [ OK ] Reached target Basic System. [ OK ] Started Regular background program processing daemon. Starting System Logging Service... Starting getty on tty2-tty6 if dbus and logind are not available... Starting Permit User Sessions... [ OK ] Started Daily Cleanup of Temporary Directories. Starting LSB: Set the CPU Frequency Scaling governor to "ondemand"... [ OK ] Started Daily apt activities. [ OK ] Reached target Timers. [ OK ] Started System Logging Service. [ OK ] Started Permit User Sessions. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Started LSB: Set the CPU Frequency Scaling governor to "ondemand". [ OK ] Started Raise network interfaces. [ OK ] Reached target Network. Starting /etc/rc.local Compatibility... Starting OpenBSD Secure Shell server... [ OK ] Started /etc/rc.local Compatibility. [ OK ] Started Console Getty. [ OK ] Started Container Getty on /dev/pts/1. [ OK ] Started Container Getty on /dev/pts/2. [ OK ] Started Container Getty on /dev/pts/0. [ OK ] Started Container Getty on /dev/pts/3. [ OK ] Reached target Login Prompts. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Ubuntu 16.04 LTS test-privilege console test-privilege login: These are the package versions: root@psyduck-maas20:~# dpkg -l|grep lxc ii liblxc1 2.0.0-0ubuntu2 amd64 Linux Containers userspace tools (library) ii lxc 2.0.0-0ubuntu2 all Transitional package for lxc1 ii lxc-common 2.0.0-0ubuntu2 amd64 Linux Containers userspace tools (common tools) ii lxc-templates 2.0.0-0ubuntu2 amd64 Linux Containers userspace tools (templates) ii lxc1 2.0.0-0ubuntu2 amd64 Linux Containers userspace tools ii lxcfs 2.0.0-0ubuntu2.1 amd64 FUSE based filesystem for LXC ii python3-lxc 2.0.0-0ubuntu2 amd64 Linux Containers userspace tools (Python 3.x bindings) root@psyduck-maas20:~# uname -a Linux psyduck-maas20 4.4.0-22-generic #39-Ubuntu SMP Thu May 5 16:53:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux root@psyduck-maas20:~# Per IRC conversation with hallyn, we should not be seeing those given that the container is privileged. Additional data: ubuntu@maas-development-may:/proc/self$ cat uid_map 0 0 4294967295 ubuntu@maas-development-may:/proc/self$ cat /proc/self/cgroups cat: /proc/self/cgroups: No such file or directory ubuntu@maas-development-may:/proc/self$ cat /proc/self/ attr/ cmdline environ io mem ns/ pagemap schedstat stat timers autogroup comm exe limits mountinfo numa_maps personality sessionid statm uid_map auxv coredump_filter fd/ loginuid mounts oom_adj projid_map setgroups status wchan cgroup cpuset fdinfo/ map_files/ mountstats oom_score root/ smaps syscall clear_refs cwd/ gid_map maps net/ oom_score_adj sched stack task/ ubuntu@maas-development-may:/proc/self$ cat /proc/self/cgroup 11:hugetlb:/ 10:freezer:/ 9:perf_event:/ 8:net_cls,net_prio:/ 7:pids:/system.slice/ssh.service 6:memory:/ 5:blkio:/ 4:devices:/system.slice/ssh.service 3:cpu,cpuacct:/ 2:cpuset:/ 1:name=systemd:/system.slice/ssh.service To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1582364/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp