touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #50433
[Bug 1413927] Re: user lxc containers fail to start under systemd: login name=systemd cgroup is not owned by user
This bug was fixed in the package systemd - 218-6ubuntu1
---------------
systemd (218-6ubuntu1) vivid; urgency=medium
* Merge with Debian unstable. Remaining Ubuntu changes:
- Hack to support system-image read-only /etc, and modify files in
/etc/writable/ instead.
- Keep our much simpler udev maintainer scripts (all platforms must
support udev, no debconf).
- initramfs init-top: Drop $ROOTDELAY, we do that in a more sensible way
with wait-for-root. Will get applicable to Debian once Debian gets
wait-for-root in initramfs-tools.
- initramfs init-bottom: If LVM is installed, settle udev,
otherwise we get missing LV symlinks. Workaround for LP #1185394.
- Add debian/udev.lvm2.init: Dummy SysV init script to satisfy insserv
dependencies to "lvm2" which is handled with udev rules in Ubuntu.
- Provide shutdown fallback for upstart. (LP: #1370329)
- debian/extra/ifup@.service: Additionally run for "auto" class. We don't
really support "allow-hotplug" in Ubuntu at the moment, so we need to
deal with "auto" devices appearing after "/etc/init.d/networking start"
already ran. (LP: #1374521)
- Add Get-RTC-is-in-local-time-setting-from-etc-default-rc.patch: In
Ubuntu we currently keep the setting whether the RTC is in local or UTC
time in /etc/default/rcS "UTC=yes|no", instead of /etc/adjtime.
(LP: #1377258)
- Put session scopes into all cgroup controllers. This makes unprivileged
user LXC containers work under systemd. (LP: #1346734)
- Lower Breaks: to plymouth version which has the udev inotify fix in
Ubuntu.
- Lower libappamor1 dep to the Ubuntu version where it moved to /lib.
- Make failure of boot-and-services NSpawn.test_boot non-fatal for now.
This currently fails when being triggered by Jenkins, but is totally
unreproducible when running this manually on the exact same machine.
Upgrade fixes, keep until 16.04 LTS release:
- systemd Conflicts/Replaces/Provides systemd-services.
- Remove obsolete systemd-logind upstart job.
- Clean up obsolete /etc/udev/rules.d/README.
* Make the "systemd" controller session scope cgroup directory owned by the
user as well. This fixes user containers with latest LXC, and with systemd
in the container. (LP: #1413927)
* ifup@.service: Drop dependency on networking.service (i. e.
/etc/init.d/networking), and merely ensure that /run/network exists. This
avoids unnecessary dependencies/waiting during boot and dependency cycles
if hooks wait for other interfaces to come up (like ifenslave with bonding
interfaces). (LP: #1414544)
systemd (218-6) experimental; urgency=medium
[ Martin Pitt ]
* initramfs hook: Install 61-persistant-storage-android.rules if it exists.
* Generate POT file during package build, for translators.
* Pull latest keymaps from upstream git.
* Order ifup@.service and networking.service after network-pre.target.
(Closes: #766938)
* Tone down "Network interface NamePolicy= disabled on kernel commandline,
ignoring" info message to debug, as we expect this while we disable
net.ifnames by default. (Closes: #762101, LP: #1411992)
[ Michael Biebl ]
* Ship bash-completion for udevadm. (Closes: #776166)
* Drop rc-local generator in favor of statically enabling rc-local.service,
and drop halt-local.service which is unnecessary on Debian.
(Closes: #776170)
* Drop the obsolete libsystemd-* libraries, there are no reverse
dependencies left.
-- Martin Pitt <martin.pitt@xxxxxxxxxx> Mon, 26 Jan 2015 17:43:20 +0100
** Changed in: systemd (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1413927
Title:
user lxc containers fail to start under systemd: login name=systemd
cgroup is not owned by user
Status in systemd package in Ubuntu:
Fix Released
Bug description:
When a user logs in, systemd-logind should create cgroups for the
user, with the directory (i.e.
/user.slice/user-1000.slice/session-c2.scope) owned by the user. This
is no longer hapening for the name=systemd cgroup. This prevents
containers from starting. (If lxc were to simply not create/use that
controller, then it would prevent system in the container from using
it).
I wanted to test the new lxc with lxcfs. A system container (with
upstart or systemd) works perfectly well now (great!), but user
containers regressed:
$ lxc-create -n v1 -t download -- -d ubuntu -r vivid -a amd64
$ lxc-start -n v1 -F
lxc-start: cgmanager.c: lxc_cgmanager_enter: 694 call to cgmanager_move_pid_sync failed: invalid request
lxc-start: start.c: __lxc_start: 1099 failed to spawn 'v1'
lxc-start: lxc_start.c: main: 345 The container failed to start.
My host is running systemd, but cgmanager is running (i. e. it's not
bug 1400394, I enabled cgmanager.service).
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: lxc 1.1.0~rc1-0ubuntu1
ProcVersionSignature: Ubuntu 3.18.0-9.10-generic 3.18.2
Uname: Linux 3.18.0-9-generic x86_64
ApportVersion: 2.15.1-0ubuntu2
Architecture: amd64
CurrentDesktop: Unity
Date: Fri Jan 23 10:35:55 2015
EcryptfsInUse: Yes
InstallationDate: Installed on 2014-11-20 (63 days ago)
InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Alpha amd64 (20141119)
SourcePackage: lxc
UpgradeStatus: No upgrade log present (probably fresh install)
defaults.conf:
lxc.network.type = veth
lxc.network.link = lxcbr0
lxc.network.flags = up
lxc.network.hwaddr = 00:16:3e:xx:xx:xx
lxc.conf: lxc.lxcpath = /srv/lxc
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1413927/+subscriptions
References
