[pkg-lxc-devel] Bug#946725: lxc: Unprivileged containers fail with 'Failed to mount API filesystems'
bauerfichtner
bauerfichtner at gmail.com
Sat Dec 14 19:50:06 GMT 2019
Package: lxc
Version: 1:3.1.0+really3.0.3-8
Severity: important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
Created an unprivileged container.
* What exactly did you do (or not do) that was effective (or
ineffective)?
Tried to start the unprivileged container.
root at host:~# lxc-start --foreground --name testcontainer
Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission denied
[!!!!!!] Failed to mount API filesystems.
Exiting PID 1...
* What was the outcome of this action?
Container exited.
* What outcome did you expect instead?
Container starting up.
* Additional information
Debian buster amd64 container was created using
'lxc-create --template download'.
Unprivileged containers created the same way run
fine on the same host (only difference in configuration are the
lxc.idmap lines in the container configuration.
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages lxc depends on:
ii debconf [debconf-2.0] 1.5.71
ii libc6 2.28-10
ii libcap2 1:2.25-2
ii libgnutls30 3.6.7-4
ii liblxc1 1:3.1.0+really3.0.3-8
ii libseccomp2 2.3.3-4
ii libselinux1 2.8-1+b1
ii lsb-base 10.2019051400
Versions of packages lxc recommends:
ii apparmor 2.13.2-10
ii bridge-utils 1.6-2
ii debootstrap 1.0.114
ii dirmngr 2.2.12-1+deb10u1
ii dnsmasq-base [dnsmasq-base] 2.80-1
ii gnupg 2.2.12-1+deb10u1
ii iproute2 4.20.0-2
ii iptables 1.8.2-4
ii libpam-cgfs 1:3.1.0+really3.0.3-8
ii lxc-templates 3.0.3-1
ii lxcfs 3.0.3-2
ii nftables 0.9.0-2
ii openssl 1.1.1d-0+deb10u2
ii rsync 3.1.3-6
ii uidmap 1:4.5-1.1
Versions of packages lxc suggests:
pn btrfs-progs <none>
ii lvm2 2.03.02-3
pn python3-lxc <none>
-- Configuration Files:
/etc/lxc/default.conf changed:
lxc.net.0.type = veth
lxc.net.0.link = br0
lxc.net.0.flags = up
lxc.net.0.hwaddress = 00:16:3e:xx:xx:xx
lxc.start.auto = 0
lxc.idmap = u 0 886432 65536
lxc.idmap = g 0 886432 65536
lxc.cgroup.memory.limit_in_bytes = 256M
lxc.cgroup.cpuset.cpus = 3
lxc.apparmor.profile = unconfined
-- debconf information:
* lxc/auto_update_config: true
More information about the Pkg-lxc-devel
mailing list