Bug#943981: Proposal: Switch to cgroupv2 by default
Michael Biebl
biebl at debian.org
Tue Apr 21 13:38:29 BST 2020
Am 21.04.20 um 11:04 schrieb Ryutaroh Matsumoto:
> LXC on cgroup v2 seems to have no problem with Debian CI.
> Autopkgtest on systemd gave no error as below.
Hm, I must be doing something wrong then.
- I installed lxc v4 from experimental
- Rebooted my Debian sid system with systemd.unified_cgroup_hierarchy=true
# findmnt /sys/fs/cgroup
TARGET SOURCE FSTYPE OPTIONS
/sys/fs/cgroup cgroup2 cgroup2 rw,nosuid,nodev,noexec,relatime,nsdelegate
- Tried to start an existing Debian sid container
# lxc-start -n autopkgtest-sid
<no error message>
- Tried to attach to it
# lxc-attach -n autopkgtest-sid
lxc-attach: autopkgtest-sid: attach.c: lxc_attach: 993 Failed to get
init pid
Attached is a debug log from running
# lxc-start -o /tmp/log -l debug -n autopkgtest-sid
Do you have any idea what's going wrong?
-------------- next part --------------
lxc-start autopkgtest-sid 20200421123647.496 INFO lxccontainer - lxccontainer.c:do_lxcapi_start:972 - Set process title to [lxc monitor] /var/lib/lxc autopkgtest-sid
lxc-start autopkgtest-sid 20200421123647.497 DEBUG lxccontainer - lxccontainer.c:wait_on_daemonized_start:830 - First child 2745 exited
lxc-start autopkgtest-sid 20200421123647.497 INFO lsm - lsm/lsm.c:lsm_init:29 - LSM security driver AppArmor
lxc-start autopkgtest-sid 20200421123647.498 DEBUG terminal - terminal.c:lxc_terminal_peer_default:655 - No such device - The process does not have a controlling terminal
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:770 - Processing "reject_force_umount # comment this to allow umount -f; not recommended"
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:do_resolve_add_rule:516 - Set seccomp rule to reject force umounts
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for reject_force_umount action 0(kill)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:do_resolve_add_rule:516 - Set seccomp rule to reject force umounts
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for reject_force_umount action 0(kill)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:do_resolve_add_rule:516 - Set seccomp rule to reject force umounts
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for reject_force_umount action 0(kill)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:do_resolve_add_rule:516 - Set seccomp rule to reject force umounts
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for reject_force_umount action 0(kill)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:770 - Processing "[all]"
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:770 - Processing "kexec_load errno 1"
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for kexec_load action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for kexec_load action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for kexec_load action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for kexec_load action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:770 - Processing "open_by_handle_at errno 1"
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for open_by_handle_at action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for open_by_handle_at action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for open_by_handle_at action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for open_by_handle_at action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:770 - Processing "init_module errno 1"
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for init_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for init_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for init_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for init_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:770 - Processing "finit_module errno 1"
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for finit_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for finit_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for finit_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for finit_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:770 - Processing "delete_module errno 1"
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:965 - Added native rule for arch 0 for delete_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:974 - Added compat rule for arch 1073741827 for delete_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741886 for delete_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:994 - Added native rule for arch -1073741762 for delete_module action 327681(errno)
lxc-start autopkgtest-sid 20200421123647.498 INFO seccomp - seccomp.c:parse_config_v2:1000 - Merging compat seccomp contexts into main context
lxc-start autopkgtest-sid 20200421123647.870 INFO start - start.c:lxc_init:850 - Container "autopkgtest-sid" is initialized
lxc-start autopkgtest-sid 20200421123647.883 INFO cgfsng - cgroups/cgfsng.c:cgfsng_monitor_create:1277 - The monitor process uses "lxc.monitor.autopkgtest-sid" as cgroup
lxc-start autopkgtest-sid 20200421123647.883 INFO cgfsng - cgroups/cgfsng.c:cgfsng_payload_create:1356 - The container process uses "lxc.payload.autopkgtest-sid" as cgroup
lxc-start autopkgtest-sid 20200421123647.884 INFO start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWNS
lxc-start autopkgtest-sid 20200421123647.884 INFO start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWPID
lxc-start autopkgtest-sid 20200421123647.884 INFO start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWUTS
lxc-start autopkgtest-sid 20200421123647.884 INFO start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWIPC
lxc-start autopkgtest-sid 20200421123647.884 INFO start - start.c:lxc_spawn:1664 - Cloned CLONE_NEWNET
lxc-start autopkgtest-sid 20200421123647.884 DEBUG start - start.c:lxc_try_preserve_namespaces:165 - Preserved mnt namespace via fd 19
lxc-start autopkgtest-sid 20200421123647.884 DEBUG start - start.c:lxc_try_preserve_namespaces:165 - Preserved pid namespace via fd 20
lxc-start autopkgtest-sid 20200421123647.884 DEBUG start - start.c:lxc_try_preserve_namespaces:165 - Preserved uts namespace via fd 21
lxc-start autopkgtest-sid 20200421123647.884 DEBUG start - start.c:lxc_try_preserve_namespaces:165 - Preserved ipc namespace via fd 22
lxc-start autopkgtest-sid 20200421123647.884 DEBUG start - start.c:lxc_try_preserve_namespaces:165 - Preserved net namespace via fd 23
lxc-start autopkgtest-sid 20200421123647.884 WARN cgfsng - cgroups/cgfsng.c:cgfsng_setup_limits_legacy:2716 - Invalid argument - Ignoring legacy cgroup limits on pure cgroup2 system
lxc-start autopkgtest-sid 20200421123647.885 INFO network - network.c:instantiate_veth:290 - Retrieved mtu 1500 from lxcbr0
lxc-start autopkgtest-sid 20200421123647.887 INFO network - network.c:instantiate_veth:334 - Attached "vethldG7Aw" to bridge "lxcbr0"
lxc-start autopkgtest-sid 20200421123647.887 DEBUG network - network.c:instantiate_veth:450 - Instantiated veth tunnel "vethldG7Aw <--> vethaUthnv"
lxc-start autopkgtest-sid 20200421123647.887 INFO start - start.c:do_start:1211 - Unshared CLONE_NEWCGROUP
lxc-start autopkgtest-sid 20200421123647.888 DEBUG storage - storage/storage.c:get_storage_by_name:211 - Detected rootfs type "dir"
lxc-start autopkgtest-sid 20200421123647.888 DEBUG conf - conf.c:lxc_mount_rootfs:1258 - Mounted rootfs "/var/lib/lxc/autopkgtest-sid/rootfs" onto "/usr/lib/x86_64-linux-gnu/lxc/rootfs" with options "(null)"
lxc-start autopkgtest-sid 20200421123647.888 INFO conf - conf.c:setup_utsname:751 - Set hostname to "autopkgtest-sid"
lxc-start autopkgtest-sid 20200421123647.919 DEBUG network - network.c:setup_hw_addr:3388 - Mac address "00:16:3e:c8:5f:9f" on "eth0" has been setup
lxc-start autopkgtest-sid 20200421123647.919 DEBUG network - network.c:lxc_network_setup_in_child_namespaces_common:3538 - Network device "eth0" has been setup
lxc-start autopkgtest-sid 20200421123647.919 INFO network - network.c:lxc_setup_network_in_child_namespaces:3560 - Network has been setup
lxc-start autopkgtest-sid 20200421123647.919 INFO conf - conf.c:mount_autodev:1059 - Preparing "/dev"
lxc-start autopkgtest-sid 20200421123647.919 DEBUG conf - conf.c:mount_autodev:1065 - Using mount options: size=500000,mode=755
lxc-start autopkgtest-sid 20200421123647.920 INFO conf - conf.c:mount_autodev:1108 - Prepared "/dev"
lxc-start autopkgtest-sid 20200421123647.921 DEBUG conf - conf.c:mount_entry:1860 - Remounting "/sys/fs/fuse/connections" on "/usr/lib/x86_64-linux-gnu/lxc/rootfs/sys/fs/fuse/connections" to respect bind or remount options
lxc-start autopkgtest-sid 20200421123647.921 DEBUG conf - conf.c:mount_entry:1879 - Flags for "/sys/fs/fuse/connections" were 4110, required extra flags are 14
lxc-start autopkgtest-sid 20200421123647.921 DEBUG conf - conf.c:mount_entry:1923 - Mounted "/sys/fs/fuse/connections" on "/usr/lib/x86_64-linux-gnu/lxc/rootfs/sys/fs/fuse/connections" with filesystem type "none"
lxc-start autopkgtest-sid 20200421123647.921 DEBUG conf - conf.c:mount_entry:1923 - Mounted "proc" on "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/.lxc/proc" with filesystem type "proc"
lxc-start autopkgtest-sid 20200421123647.921 DEBUG conf - conf.c:mount_entry:1923 - Mounted "sys" on "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/.lxc/sys" with filesystem type "sysfs"
lxc-start autopkgtest-sid 20200421123647.921 INFO conf - conf.c:run_script_argv:339 - Executing script "/usr/share/lxcfs/lxc.mount.hook" for container "autopkgtest-sid", config section "lxc"
lxc-start autopkgtest-sid 20200421123647.927 INFO conf - conf.c:lxc_fill_autodev:1152 - Populating "/dev"
lxc-start autopkgtest-sid 20200421123647.927 DEBUG conf - conf.c:lxc_fill_autodev:1167 - Created device node "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/full"
lxc-start autopkgtest-sid 20200421123647.927 DEBUG conf - conf.c:lxc_fill_autodev:1167 - Created device node "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/null"
lxc-start autopkgtest-sid 20200421123647.927 DEBUG conf - conf.c:lxc_fill_autodev:1167 - Created device node "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/random"
lxc-start autopkgtest-sid 20200421123647.927 DEBUG conf - conf.c:lxc_fill_autodev:1167 - Created device node "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/tty"
lxc-start autopkgtest-sid 20200421123647.927 DEBUG conf - conf.c:lxc_fill_autodev:1167 - Created device node "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/urandom"
lxc-start autopkgtest-sid 20200421123647.927 DEBUG conf - conf.c:lxc_fill_autodev:1167 - Created device node "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/zero"
lxc-start autopkgtest-sid 20200421123647.927 INFO conf - conf.c:lxc_fill_autodev:1222 - Populated "/dev"
lxc-start autopkgtest-sid 20200421123647.927 DEBUG conf - conf.c:lxc_setup_dev_console:1618 - Mounted pts device "/dev/pts/1" onto "/usr/lib/x86_64-linux-gnu/lxc/rootfs/dev/console"
lxc-start autopkgtest-sid 20200421123647.927 INFO utils - utils.c:lxc_mount_proc_if_needed:1200 - I am 1, /proc/self points to "1"
lxc-start autopkgtest-sid 20200421123647.928 ERROR conf - conf.c:lxc_setup_boot_id:3249 - Permission denied - Failed to mount /dev/.lxc-boot-id to /proc/sys/kernel/random/boot_id
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_setup_devpts:1521 - Mount new devpts instance with options "gid=5,newinstance,ptmxmode=0666,mode=0620,max=1024"
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_setup_devpts:1536 - Created dummy "/dev/ptmx" file as bind mount target
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_setup_devpts:1541 - Bind mounted "/dev/pts/ptmx" to "/dev/ptmx"
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_allocate_ttys:938 - Created tty "/dev/pts/0" with master fd 17 and slave fd 18
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_allocate_ttys:938 - Created tty "/dev/pts/1" with master fd 19 and slave fd 20
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_allocate_ttys:938 - Created tty "/dev/pts/2" with master fd 21 and slave fd 22
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_allocate_ttys:938 - Created tty "/dev/pts/3" with master fd 23 and slave fd 24
lxc-start autopkgtest-sid 20200421123647.928 INFO conf - conf.c:lxc_allocate_ttys:955 - Finished creating 4 tty devices
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_setup_ttys:893 - Bind mounted "/dev/pts/0" onto "/dev/tty1"
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_setup_ttys:893 - Bind mounted "/dev/pts/1" onto "/dev/tty2"
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_setup_ttys:893 - Bind mounted "/dev/pts/2" onto "/dev/tty3"
lxc-start autopkgtest-sid 20200421123647.928 DEBUG conf - conf.c:lxc_setup_ttys:893 - Bind mounted "/dev/pts/3" onto "/dev/tty4"
lxc-start autopkgtest-sid 20200421123647.928 INFO conf - conf.c:lxc_setup_ttys:900 - Finished setting up 4 /dev/tty<N> device(s)
lxc-start autopkgtest-sid 20200421123647.929 INFO conf - conf.c:setup_personality:1572 - Set personality to "0x0"
lxc-start autopkgtest-sid 20200421123647.929 DEBUG conf - conf.c:setup_caps:2335 - Dropped mac_admin (33) capability
lxc-start autopkgtest-sid 20200421123647.929 DEBUG conf - conf.c:setup_caps:2335 - Dropped mac_override (32) capability
lxc-start autopkgtest-sid 20200421123647.929 DEBUG conf - conf.c:setup_caps:2335 - Dropped sys_time (25) capability
lxc-start autopkgtest-sid 20200421123647.929 DEBUG conf - conf.c:setup_caps:2335 - Dropped sys_module (16) capability
lxc-start autopkgtest-sid 20200421123647.929 DEBUG conf - conf.c:setup_caps:2335 - Dropped sys_rawio (17) capability
lxc-start autopkgtest-sid 20200421123647.929 DEBUG conf - conf.c:setup_caps:2338 - Capabilities have been setup
lxc-start autopkgtest-sid 20200421123647.929 NOTICE conf - conf.c:lxc_setup:3433 - The container "autopkgtest-sid" is set up
lxc-start autopkgtest-sid 20200421123647.929 INFO lsm - lsm/lsm.c:lsm_process_label_set_at:157 - Set AppArmor label to "lxc-autopkgtest-sid_</var/lib/lxc>//&:lxc-autopkgtest-sid_<-var-lib-lxc>:"
lxc-start autopkgtest-sid 20200421123647.929 INFO apparmor - lsm/apparmor.c:apparmor_process_label_set:1185 - Changed AppArmor profile to lxc-autopkgtest-sid_</var/lib/lxc>//&:lxc-autopkgtest-sid_<-var-lib-lxc>:
lxc-start autopkgtest-sid 20200421123647.929 WARN cgfsng - cgroups/cgfsng.c:cgfsng_setup_limits_legacy:2716 - Invalid argument - Ignoring legacy cgroup limits on pure cgroup2 system
lxc-start autopkgtest-sid 20200421123647.929 DEBUG start - start.c:lxc_spawn:1808 - Preserved cgroup namespace via fd 7
lxc-start autopkgtest-sid 20200421123647.929 NOTICE utils - utils.c:lxc_setgroups:1366 - Dropped additional groups
lxc-start autopkgtest-sid 20200421123647.929 NOTICE start - start.c:start:2041 - Exec'ing "/sbin/init"
lxc-start autopkgtest-sid 20200421123647.929 NOTICE start - start.c:post_start:2052 - Started "/sbin/init" with pid "2749"
lxc-start autopkgtest-sid 20200421123647.929 NOTICE start - start.c:signal_handler:393 - Received 17 from pid 2747 instead of container init 2749
lxc-start autopkgtest-sid 20200421123647.936 DEBUG start - start.c:signal_handler:411 - Container init process 2749 exited
lxc-start autopkgtest-sid 20200421123647.936 INFO error - error.c:lxc_error_set_and_log:28 - Child <2749> ended on error (255)
lxc-start autopkgtest-sid 20200421123648.111 INFO network - network.c:lxc_delete_network_priv:3260 - Removed interface "vethldG7Aw" from "lxcbr0"
lxc-start autopkgtest-sid 20200421123648.111 DEBUG network - network.c:lxc_delete_network:3693 - Deleted network devices
lxc-start autopkgtest-sid 20200421123648.331 INFO conf - conf.c:run_script_argv:339 - Executing script "/usr/share/lxcfs/lxc.reboot.hook" for container "autopkgtest-sid", config section "lxc"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20200421/16d232ae/attachment-0001.sig>
More information about the Pkg-systemd-maintainers
mailing list