← Back to team overview

touch-packages team mailing list archive

[Bug 1386840] Re: [SRU] failure to start a container

 

Sponsored for Utopic.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1386840

Title:
  [SRU] failure to start a container

Status in lxc package in Ubuntu:
  Fix Released
Status in lxc source package in Trusty:
  Incomplete
Status in lxc source package in Utopic:
  In Progress

Bug description:
  [Impact]

  Without this patch containers that don't have a complete apparmor
  configuration fail to start. Making lxc unusable to run Debian Sid and Jessie
  (at least).

  This bug is not present in Trusty, which ships 1.0.7 (Debian Sid runs
  OK).

  [Test Case]

  - Create a debian sid container
    $ sudo env SUITE=sid lxc-create -t debian -n sid

  - Start the container
    $ sudo lxc-start -n sid

  Expected behavior:

  The container is started

  Actual behavior:

  $ sudo lxc-start -F -n sid
  lxc-start: lsm/apparmor.c: mount_feature_enabled: 61 Permission denied - Error mounting securityfs
  lxc-start: lsm/apparmor.c: apparmor_process_label_set: 186 If you really want to start this container, set
  lxc-start: lsm/apparmor.c: apparmor_process_label_set: 187 lxc.aa_allow_incomplete = 1
  lxc-start: lsm/apparmor.c: apparmor_process_label_set: 188 in your container configuration file
  lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 4
  lxc-start: start.c: __lxc_start: 1087 failed to spawn 'sid'
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing name=systemd:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing perf_event:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing net_prio:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing net_cls:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing memory:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing hugetlb:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing freezer:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing devices:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing cpuset:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing cpuacct:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing cpu:lxc/sid-2
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing blkio:lxc/sid-2
  lxc-start: lxc_start.c: main: 337 The container failed to start.
  lxc-start: lxc_start.c: main: 341 Additional information can be obtained by setting the --logfile and --logpriority options.

  
  [Regression Potential]

  No regressions expected, different versions of Ubuntu and Debian containers
  were tested with this patch applied.

  [Other Info]

  On utopic using lxc version 1.1.0~alpha2-0ubuntu3, I was unable to
  start a container.

  $ sudo lxc-start -F -n lxc-errors
  lxc-start: lsm/apparmor.c: mount_feature_enabled: 61 Permission denied - Error mounting securityfs
  lxc-start: lsm/apparmor.c: apparmor_process_label_set: 186 If you really want to start this container, set
  lxc-start: lsm/apparmor.c: apparmor_process_label_set: 187 lxc.aa_allow_incomplete = 1
  lxc-start: lsm/apparmor.c: apparmor_process_label_set: 188 in your container configuration file
  lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 4
  lxc-start: start.c: __lxc_start: 1087 failed to spawn 'lxc-errors'
  lxc-start: cgmanager.c: cgm_remove_cgroup: 503 call to cgmanager_remove_sync failed: invalid request
  lxc-start: cgmanager.c: cgm_remove_cgroup: 505 Error removing name=systemd:lxc/lxc-errors-2

  Switching to the version of lxc in http://ppa.launchpad.net/ubuntu-
  lxc/daily/ resolved the failure to start for me.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1386840/+subscriptions


References