strangely enough, adding the aa_allow_incomplete option doesn't seem to
make a difference;  container startup keeps failing at the same point.

In any case, it does seem to initialize the container correctly, and I
seem to hit a different issue.  The entire cgroup thing seems to work
now, at least:


lxc-start 1455916829.396 INFO     lxc_start - start.c:lxc_init:474 - 
'aansluitform-deploy' is initialized
      lxc-start 1455916829.396 DEBUG    lxc_start - start.c:__lxc_start:1186 - 
Not dropping cap_sys_boot or watching utmp
      lxc-start 1455916829.396 INFO     lxc_start - 
start.c:resolve_clone_flags:883 - Cloning a new user namespace
      lxc-start 1455916829.396 INFO     lxc_cgroup - cgroup.c:cgroup_init:65 - 
cgroup driver cgmanager initing for aansluitform-deploy
      lxc-start 1455916829.507 NOTICE   lxc_start - start.c:do_start:699 - 
switching to gid/uid 0 in new user namespace
      lxc-start 1455916829.509 DEBUG    lxc_conf - conf.c:setup_rootfs:1295 - 
mounted '/home/bas/.local/share/lxc/aansluitform-deploy/rootfs' on 
'/usr/lib/x86_64-linux-gnu/lxc'
      lxc-start 1455916829.509 INFO     lxc_conf - conf.c:setup_utsname:928 - 
'aansluitform-deploy' hostname has been setup
      lxc-start 1455916829.509 DEBUG    lxc_conf - conf.c:setup_netdev:2595 - 
'eth0' has been setup
      lxc-start 1455916829.509 INFO     lxc_conf - conf.c:setup_network:2616 - 
network has been setup
      lxc-start 1455916829.509 INFO     lxc_conf - conf.c:mount_autodev:1157 - 
Mounting container /dev
      lxc-start 1455916829.509 INFO     lxc_conf - conf.c:mount_autodev:1179 - 
Mounted tmpfs onto /usr/lib/x86_64-linux-gnu/lxc/dev
      lxc-start 1455916829.509 INFO     lxc_conf - conf.c:mount_autodev:1197 - 
Mounted container /dev

which seems to pass the point where it failed before.

A little bit later, it now fails with

    lxc-start 1455916829.616 WARN     lxc_apparmor - 
lsm/apparmor.c:apparmor_process_label_set:167 - Incomplete AppArmor support in 
your kernel
      lxc-start 1455916829.616 ERROR    lxc_apparmor - 
lsm/apparmor.c:apparmor_process_label_set:183 - No such file or directory - 
failed to change apparmor profile to lxc-container-default
      lxc-start 1455916829.616 ERROR    lxc_sync - sync.c:__sync_wait:51 - 
invalid sequence number 1. expected 4
      lxc-start 1455916829.616 ERROR    lxc_start - start.c:__lxc_start:1213 - 
failed to spawn 'aansluitform-deploy'
      lxc-start 1455916829.616 WARN     lxc_commands - 
commands.c:lxc_cmd_rsp_recv:172 - command get_init_pid failed to receive 
response
      lxc-start 1455916829.616 WARN     lxc_cgmanager - cgmanager.c:cgm_get:994 
- do_cgm_get exited with error
      lxc-start 1455916829.616 ERROR    lxc_cgmanager - 
cgmanager.c:cgm_remove_cgroup:523 - call to cgmanager_remove_sync failed: 
invalid request
      lxc-start 1455916829.616 ERROR    lxc_cgmanager - 
cgmanager.c:cgm_remove_cgroup:525 - Error removing 
all:lxc/aansluitform-deploy-10
      lxc-start 1455916834.621 ERROR    lxc_start_ui - lxc_start.c:main:344 - 
The container failed to start.
      lxc-start 1455916834.621 ERROR    lxc_start_ui - lxc_start.c:main:346 - 
To get more details, run the container in foreground mode.
      lxc-start 1455916834.621 ERROR    lxc_start_ui - lxc_start.c:main:348 - 
Additional information can be obtained by setting the --logfile and 
--logpriority options.

even if the apparmor setting is set in the config file.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1533833

Title:
  unprivileged lxc containers won't start, need to put sessions into
  "pids"  cgroup controller

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1533833/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to