touch-packages team mailing list archive

Thread
Date

[Bug 1347020] Re: systemd does not boot in a container

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Martin Pitt <martin.pitt@xxxxxxxxxx>
Date: Mon, 17 Nov 2014 08:50:48 -0000
Reply-to: Bug 1347020 <1347020@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I prepared a minimal vivid container with systemd-sysv, and tried to
boot it (vivid host):

$ sudo lxc-start -n vivid-systemd -F
Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission denied
[... hangs ...]

In apparmor I see:
[10072.122514] audit: type=1400 audit(1416213339.298:50): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default" name="/sys/fs/cgroup/systemd/" pid=16469 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec"

After setting "lxc.aa_profile = unconfined", the container boots (with
similar error message spew as in #1, which we can ignore for now), but
logging in on the console takes a long time. systemd-journal (in the
guest) starts spinning the CPU to 100%. "sudo journalctl" shows me the
logs. stracing shows

read(9, "", 8192)                       = 0
epoll_wait(7, {{EPOLLIN|EPOLLERR|EPOLLHUP, {u32=3073693008, u64=140547288520016}}, {EPOLLIN, {u32=3073692768, u64=140547288519776}}, {EPOLLIN, {u32=3073692288, u64=140547288519296}}, {EPOLLIN, {u32=3073692528, u64=140547288519536}}}, 14, 0) = 4
clock_gettime(0x7 /* CLOCK_??? */, {10618, 410721720}) = 0
writev(2, [{"/dev/kmsg buffer overrun, some m"..., 45}, {"\n", 1}], 2) = 46

I tried to set "lxc.kmsg = 0" as Serge indicated in comment 2, but this
doesn't seem to have the intended effect: in the container I still see
"/dev/kmsg -> console".

For the record: booting and journal work fine in systemd-nspawn; but
this has neither apparmor protection nor does it do the /dev/kmsg ->
/dev/lxc/console trick; instead, /dev/kmsg does not exist at all there.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1347020

Title:
  systemd does not boot in a container

Status in “lxc” package in Ubuntu:
  Triaged
Status in “lxc” source package in Trusty:
  Triaged

Bug description:
  Opening against cloud-init for now, but ultimately might end up as
  bug-fixes / srus against some other packages in trusty.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020/+subscriptions