Bug#989317: systemd kill background processes after user logs out (#825394 regression)
Michael Biebl
biebl at debian.org
Tue Jun 8 12:17:28 BST 2021
Am 01.06.21 um 17:26 schrieb Matt Corallo:
> The above command paste should basically do it, eg install lxc, then
> `lxc-create --name fuzzer -t download` to create a (debian) container,
> then install sshd inside of it via apt, then run the `systemd-run --user
> -p "Delegate=yes" --unit=fuzzer -- lxc-start --name fuzzer --
> /usr/sbin/sshd -D` command to spawn it, then log out of the ssh session
> which spawned it. There's likely some network configuration which needs
> to happen in between but I don't know off-hand how to set it up without
> public IPs for things.
I assume this means you run lxc-start as unprivileged user?
This requires additional configuration. At least I only get
> lxc-create: fuzzer: confile.c: parse_line: 2664 Invalid argument - Unknown configuration key "lxc.id_map"
> lxc-create: fuzzer: parse.c: lxc_file_for_each_line_mmap: 131 Failed to parse config file "/home/michael/.config/lxc/default.conf" at line "lxc.id_map = u 0 951968 65536"
> lxc-create: fuzzer: conf.c: userns_exec_mapped_root: 4489 No uid mapping for container root
> lxc-create: fuzzer: lxccontainer.c: do_storage_create: 1292 Error chowning "/home/michael/.local/share/lxc/fuzzer/rootfs" to container root
> lxc-create: fuzzer: conf.c: suggest_default_idmap: 4811 You must either run as root, or define uid mappings
> lxc-create: fuzzer: conf.c: suggest_default_idmap: 4812 To pass uid mappings to lxc-create, you could create
> lxc-create: fuzzer: conf.c: suggest_default_idmap: 4813 ~/.config/lxc/default.conf:
> lxc-create: fuzzer: conf.c: suggest_default_idmap: 4814 lxc.include = /etc/lxc/default.conf
> lxc-create: fuzzer: conf.c: suggest_default_idmap: 4815 lxc.idmap = u 0 951968 65536
> lxc-create: fuzzer: conf.c: suggest_default_idmap: 4816 lxc.idmap = g 0 951968 65536
> lxc-create: fuzzer: lxccontainer.c: do_lxcapi_create: 1871 Failed to create (none) storage for fuzzer
> lxc-create: fuzzer: tools/lxc_create.c: main: 319 Failed to create container fuzzer
Do you have a more minimal reproducer that doesn't involve lxc?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20210608/1874d263/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list