[pkg-lxc-devel] Bug#978065: lxc: After upgrade lxc to 4.0.5-1, cannot start with lxc.cap.drop sys_admin
Antonio Terceiro
terceiro at debian.org
Mon Dec 28 13:07:11 GMT 2020
Control: tag -1 + moreinfo
Hi John, thanks for your bug report.
On Fri, Dec 25, 2020 at 06:27:23PM +0800, John Wong wrote:
> Package: lxc
> Version: 1:4.0.5-1
> Severity: normal
>
[...]
> As title, rollback to previous version or remove
> "lxc.cap.drop=sys_admin" solved the issue.
> I found this error in debug.log
> conf - conf.c:lxc_mount_auto_mounts:728 - Invalid cross-device
> link - Failed to mount "/sys/fs/cgroup"
>
> * What led up to the situation?
> * What exactly did you do (or not do) that was effective (or
> ineffective)?
> * What was the outcome of this action?
> * What outcome did you expect instead?
I tried to reproduce this and I cannot start a container with
lxc.cap.drop = sys_admin at all, even with the previous lxc from testing
(4.0.4):
root at lemur:~# dpkg-query --show lxc
lxc 1:4.0.4-6
root at lemur:~# grep lxc.cap.drop /var/lib/lxc/test/config
lxc.cap.drop = sys_admin
root at lemur:~# lxc-start -F -n test -o - -l DEBUG
Failed to mount tmpfs at /dev/shm: Operation not permitted
Failed to mount tmpfs at /run: Operation not permitted
Failed to mount tmpfs at /run/lock: Operation not permitted
[!!!!!!] Failed to mount API filesystems.
Exiting PID 1...
Can you please clarify how exactly is it that you do this in the first
place? Can you reproduce this, and the bug you claim 4.0.5-1 has, in a
clean virtual machine?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-lxc-devel/attachments/20201228/8ae6198c/attachment.sig>
More information about the Pkg-lxc-devel
mailing list