Ubuntu
lxc package

LXC Ubuntu containers do not start in Ubuntu 14.04

Bug #1294284 reported by Juho Lehto
18
This bug affects 4 people
Affects Status Importance Assigned to Milestone
lxc (Ubuntu)
Confirmed
High
Tyler Hicks
Ubuntu ubuntu-14.04

Bug Description

I have a testing server which I installed Ubuntu 13.10 and then upgraded to Ubuntu 14.04 beta using do-release-upgrade -d. I do not have the option to create clean install with 14.04 directly as hosting provider does not offer it yet (for obvious reasons).

Anyhow, after installing lxc and creating a new Ubuntu container using lxc-create -t ubuntu -n ubuntu I tried to start it using lxc-start -n ubuntu.

I receive lots of errors and it never reaches login prompt. I have to stop the server from another shell session using lxc-stop -n ubuntu. Combined output of start and stop below.

<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<3>init: Error while reading from descriptor: Bad file descriptor
<3>init: Error while reading from descriptor: Bad file descriptor
<4>init: hostname main process (4) terminated with status 6
<4>init: plymouth-ready (startup) main process (6) terminated with status 6
<4>init: plymouth main process (8) terminated with status 6
<4>init: hwclock main process (10) terminated with status 6
<4>init: ureadahead main process (12) terminated with status 6
<4>init: startpar-bridge (hostname--started) main process (14) terminated with status 6
<4>init: startpar-bridge (plymouth-ready-startup-started) main process (16) terminated with status 6
<4>init: startpar-bridge (hwclock--started) main process (18) terminated with status 6
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<3>init: Error while reading from descriptor: Bad file descriptor
<4>init: mountall main process (20) terminated with status 6
<4>init: startpar-bridge (hostname--stopped) main process (22) terminated with status 6
<4>init: startpar-bridge (plymouth-ready-startup-stopped) main process (24) terminated with status 6
<4>init: startpar-bridge (plymouth--stopped) main process (26) terminated with status 6
<4>init: startpar-bridge (hwclock--stopped) main process (28) terminated with status 6
<4>init: startpar-bridge (ureadahead--stopped) main process (30) terminated with status 6
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<4>init: mountall post-stop process (32) terminated with status 6
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<3>init: Error while reading from descriptor: Bad file descriptor
<4>init: startpar-bridge (mountall--stopped) main process (34) terminated with status 6
<4>init: console-setup main process (36) terminated with status 6
<4>init: plymouth-stop pre-start process (38) terminated with status 6
<4>init: startpar-bridge (console-setup--started) main process (40) terminated with status 6
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<3>init: Error while reading from descriptor: Bad file descriptor
<4>init: mountall-shell main process (42) terminated with status 6
<4>init: startpar-bridge (mountall-shell--started) main process (44) terminated with status 6
<4>init: startpar-bridge (console-setup--stopped) main process (46) terminated with status 6
<4>init: startpar-bridge (plymouth-stop--stopped) main process (48) terminated with status 6
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<3>init: Error while reading from descriptor: Bad file descriptor
<4>init: mountall-shell post-stop process (50) terminated with status 6
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<4>init: startpar-bridge (mountall-shell--stopped) main process (52) terminated with status 6
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<4>init: shutdown main process (54) terminated with status 6
<4>init: startpar-bridge (shutdown--started) main process (56) terminated with status 6
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<4>init: startpar-bridge (shutdown--stopped) main process (58) terminated with status 6

Then I tried to create another container using lxc-create -t debian-n debian, which progresses to login as you would expect. Output below.

Mount point '/dev/tty3' does not exist. Skipping mount. ... (warning).
Mount point '/dev/tty4' does not exist. Skipping mount. ... (warning).
Mount point '/dev/ptmx' does not exist. Skipping mount. ... (warning).
Activating lvm and md swap...done.
Checking file systems...fsck from util-linux 2.20.1
done.
Mounting local filesystems...done.
/etc/init.d/mountall.sh: 59: kill: Illegal number: 4 1
Activating swapfile swap...done.
Cleaning up temporary files....
Setting kernel variables ...done.
Configuring network interfaces...Internet Systems Consortium DHCP Client 4.2.2
Copyright 2004-2011 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth0/00:16:3e:d5:9b:3f
Sending on LPF/eth0/00:16:3e:d5:9b:3f
Sending on Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on eth0 to 255.255.255.255 port 67
DHCPOFFER from 10.0.3.1
DHCPACK from 10.0.3.1
bound to 10.0.3.46 -- renewal in 1545 seconds.
done.
Cleaning up temporary files....
INIT: Entering runlevel: 3

Last I tried creating third Ubuntu container with debootstrap --include=lxc --arch=amd64 trusty rootfs that resulted with same errors as the first container and it never gets to login either.

Does anyone have a good guess as to what's wrong? All containers were starting unchanged, no modifications were made to their configs prior to starting.
---
ApportVersion: 2.13.3-0ubuntu1
Architecture: amd64
DistroRelease: Ubuntu 14.04
InstallationDate: Installed on 2013-10-16 (154 days ago)
InstallationMedia:

Package: lxc 1.0.1-0ubuntu1
PackageArchitecture: amd64
ProcCmdline: BOOT_IMAGE=/vmlinuz-3.13.0-17-generic root=UUID=afaacfac-da69-4553-b84e-53a08f93ba28 ro nomdmonddf nomdmonisw nomdmonddf nomdmonisw nomdmonddf nomdmonisw
ProcEnviron:
 SHELL=/bin/sh
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_GB.UTF-8
ProcVersionSignature: Ubuntu 3.13.0-17.37-generic 3.13.6
Tags: trusty apparmor
Uname: Linux 3.13.0-17-generic x86_64
UpgradeStatus: Upgraded to trusty on 2014-03-09 (10 days ago)
UserGroups:

_MarkForUpload: True
defaults.conf:
 lxc.network.type = veth
 lxc.network.link = lxcbr0
 lxc.network.flags = up
 lxc.network.hwaddr = 00:16:3e:xx:xx:xx

See original description
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Thanks for reporting this bug. This is definately very odd.

If you create a container with

  sudo lxc-create -t download -n u1 -- -d ubuntu -r trusty -a amd64
  sudo lxc-start -n u1

does that container start fine?

Can you do

  sudo lxc-start -n ubuntu -l trace -o debug.out

then kill the container and paste debug.out here?

Is there anything else custom about your system? Who is your hosting provider?

Changed in lxc (Ubuntu):
importance: Undecided → High
status: New → Incomplete
Revision history for this message
Juho Lehto (keeperb5-1) wrote :
Download full text (12.9 KiB)

I created new container with the command you suggested, same results as original Ubuntu container I created.

Here's trace output.

      lxc-start 1395236983.307 INFO lxc_start_ui - using rcfile /var/lib/lxc/ubuntu/config
      lxc-start 1395236983.309 WARN lxc_log - lxc_log_init called with log already initialized
      lxc-start 1395236983.309 INFO lxc_lsm - LSM security driver AppArmor
      lxc-start 1395236983.311 DEBUG lxc_conf - allocated pty '/dev/pts/1' (5/6)
      lxc-start 1395236983.311 DEBUG lxc_conf - allocated pty '/dev/pts/2' (7/8)
      lxc-start 1395236983.312 DEBUG lxc_conf - allocated pty '/dev/pts/3' (9/10)
      lxc-start 1395236983.312 DEBUG lxc_conf - allocated pty '/dev/pts/5' (11/12)
      lxc-start 1395236983.312 INFO lxc_conf - tty's configured
      lxc-start 1395236983.312 DEBUG lxc_start - sigchild handler set
      lxc-start 1395236983.312 DEBUG lxc_console - opening /dev/tty for console peer
      lxc-start 1395236983.312 DEBUG lxc_console - using '/dev/tty' as console
      lxc-start 1395236983.312 DEBUG lxc_console - 4057 got SIGWINCH fd 17
      lxc-start 1395236983.312 DEBUG lxc_console - set winsz dstfd:14 cols:237 rows:63
      lxc-start 1395236983.312 INFO lxc_start - 'ubuntu' is initialized
      lxc-start 1395236983.325 DEBUG lxc_start - Not dropping cap_sys_boot or watching utmp
      lxc-start 1395236983.331 DEBUG lxc_conf - instanciated veth 'veth8TFYFI/veth7V6YKY', index is '24'
      lxc-start 1395236983.331 INFO lxc_cgroup - cgroup driver cgroupfs initing for ubuntu
      lxc-start 1395236983.332 ERROR lxc_cgfs - Device or resource busy - failed to set memory.use_hierarchy to 1; continuing
      lxc-start 1395236983.332 ERROR lxc_cgfs - Device or resource busy - failed to set memory.use_hierarchy to 1; continuing
      lxc-start 1395236983.341 DEBUG lxc_cgfs - cgroup 'devices.deny' set to 'a'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c *:* m'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'b *:* m'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 1:3 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 1:5 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 5:0 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 5:1 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 1:8 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 1:9 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 5:2 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 136:* rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 254:0 rm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 10:229 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgfs - cgroup 'devices.allow' set to 'c 10:200 rwm'
      lxc-start 1395236983.342 DEBUG lxc_cgf...

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Thanks for the info. Really this sounds like a bug in upstart - the lxc startup all goes fine.

If you chroot into the container, does that go all right?

  sudo chroot /var/lib/lxc/ubuntu/rootfs

Changed in lxc (Ubuntu):
status: Incomplete → New
Revision history for this message
Juho Lehto (keeperb5-1) wrote :

Yeah, I can use chroot without issues.

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Please install strace in the container

   sudo chroot /var/lib/lxc/ubuntu/rootfs apt-get install strace

and then strace init:

   sudo lxc-start -n ubuntu -- /usr/bin/strace /sbin/init

Also, does
 sudo lxc-execute -n ubuntu -- /bin/bash
work?

Revision history for this message
Juho Lehto (keeperb5-1) wrote :
Download full text (16.6 KiB)

lxc-execute appears to work, but it does output two errors.
lxc-execute: Device or resource busy - failed to set memory.use_hierarchy to 1; continuing
lxc-execute: Device or resource busy - failed to set memory.use_hierarchy to 1; continuing

And here's the output from strace:

lxc-start: Device or resource busy - failed to set memory.use_hierarchy to 1; continuing
lxc-start: Device or resource busy - failed to set memory.use_hierarchy to 1; continuing
execve("/sbin/init", ["/sbin/init"], [/* 1 var */]) = 0
brk(0) = 0x7f2679976000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2679372000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=10673, ...}) = 0
mmap(NULL, 10673, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f267936f000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnih.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`G\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=96280, ...}) = 0
mmap(NULL, 2191776, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f2678f3a000
mprotect(0x7f2678f51000, 2093056, PROT_NONE) = 0
mmap(0x7f2679150000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7f2679150000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnih-dbus.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340,\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=38920, ...}) = 0
mmap(NULL, 2134040, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f2678d30000
mprotect(0x7f2678d38000, 2097152, PROT_NONE) = 0
mmap(0x7f2678f38000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x7f2678f38000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libdbus-1.so.3", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@h\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=281552, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f267936e000
mmap(NULL, 2377344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f2678aeb000
mprotect(0x7f2678b2f000, 2093056, PROT_NONE) = 0
mmap(0x7f2678d2e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x43000) = 0x7f2678d2e000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0[\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=134296, ...}) = 0
mmap...

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Please show the output of

sudo lxc-start -n ubuntu -- /sbin/init --debug --verbose

Revision history for this message
Juho Lehto (keeperb5-1) wrote :
Download full text (30.2 KiB)

lxc-start: Device or resource busy - failed to set memory.use_hierarchy to 1; continuing
lxc-start: Device or resource busy - failed to set memory.use_hierarchy to 1; continuing
<6>init: Handling startup event
<6>init: mountall goal changed from stop to start
<6>init: mountall state changed from waiting to starting
<6>init: hostname goal changed from stop to start
<6>init: hostname state changed from waiting to starting
<6>init: plymouth-ready (startup) goal changed from stop to start
<6>init: plymouth-ready (startup) state changed from waiting to starting
<6>init: Handling starting event
<6>init: plymouth goal changed from stop to start
<6>init: plymouth state changed from waiting to starting
<6>init: hwclock goal changed from stop to start
<6>init: hwclock state changed from waiting to starting
<6>init: ureadahead goal changed from stop to start
<6>init: ureadahead state changed from waiting to starting
<6>init: Handling starting event
<6>init: hostname state changed from starting to security
<6>init: hostname state changed from security to pre-start
<6>init: hostname state changed from pre-start to spawned
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<6>init: hostname main process (4)
<6>init: hostname state changed from spawned to post-start
<6>init: hostname state changed from post-start to running
<6>init: Handling starting event
<6>init: plymouth-ready (startup) state changed from starting to security
<6>init: plymouth-ready (startup) state changed from security to pre-start
<6>init: plymouth-ready (startup) state changed from pre-start to spawned
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<6>init: plymouth-ready (startup) main process (6)
<6>init: plymouth-ready (startup) state changed from spawned to post-start
<6>init: plymouth-ready (startup) state changed from post-start to running
<6>init: Handling starting event
<6>init: plymouth state changed from starting to security
<6>init: plymouth state changed from security to pre-start
<6>init: plymouth state changed from pre-start to spawned
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<6>init: plymouth main process (8)
<6>init: Handling starting event
<6>init: hwclock state changed from starting to security
<6>init: hwclock state changed from security to pre-start
<6>init: hwclock state changed from pre-start to spawned
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<6>init: hwclock main process (10)
<6>init: hwclock state changed from spawned to post-start
<6>init: hwclock state changed from post-start to running
<6>init: Handling starting event
<6>init: ureadahead state changed from starting to security
<6>init: ureadahead state changed from security to pre-start
<6>init: ureadahead state changed from pre-start to spawned
<2>init: error.c:219: Assertion failed in _nih_error_raise_system: errno > 0
<2>init: Caught abort, core dumped
<6>init: ureadahead main process (12)
<6>init: Handling started event
<6>init: startpar-br...

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Please run

   apport-collect 1294284

and attach /var/log/syslog (after making sure no sensitive information like usernames and passwords are there).

Please also show the contents of /proc/meminfo. It seems like services are starting fine and then being killed, which sounds like the OOM killer.

Revision history for this message
Juho Lehto (keeperb5-1) wrote : Dependencies.txt

apport information

tags: added: apparmor apport-collected trusty
description: updated
Revision history for this message
Juho Lehto (keeperb5-1) wrote : KernLog.txt

apport information

Revision history for this message
Juho Lehto (keeperb5-1) wrote : RelatedPackageVersions.txt

apport information

Revision history for this message
Juho Lehto (keeperb5-1) wrote : lxc-net.default.txt

apport information

Revision history for this message
Juho Lehto (keeperb5-1) wrote : lxc.default.txt

apport information

Revision history for this message
Juho Lehto (keeperb5-1) wrote : lxcsyslog.txt

apport information

Revision history for this message
Juho Lehto (keeperb5-1) wrote :

Syslog attached.

Revision history for this message
Juho Lehto (keeperb5-1) wrote :

Meminfo attached.

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Does the problem go away when you add the line

lxc.aa_profile = unconfined

to /var/lib/lxc/ubuntu/config?

your kern.log has a lot of deniels for filesystem mounts which should be allowed, like mounting /sys.

Revision history for this message
Juho Lehto (keeperb5-1) wrote :

Added the line but no change.

Revision history for this message
Juho Lehto (keeperb5-1) wrote :

As a matter of fact, even if I stop the apparmor service it doesn't change the problem with Ubuntu containers.

Revision history for this message
Stéphane Graber (stgraber) wrote :

Hmm, this is really quite weird...

Can you try:
 - lxc-create -t download -n p1 -- -d ubuntu -r trusty -a amd64
 - lxc-start -n p1

I want to know whether the issue is related to your rootfs or related to the host, that should tell us.

Revision history for this message
Stéphane Graber (stgraber) wrote :

Nevermind, just saw that Serge already asked you to do this...

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Just to be sure - I had used 'lxc-create -t download -n u1' but your results showed a container name 'ubuntu'. Did you use '-n u1' or '-n ubuntu when creating the new container?

Revision history for this message
Juho Lehto (keeperb5-1) wrote :

I never showed the results for the "u1" container as they were identical to "ubuntu".

Revision history for this message
Stéphane Graber (stgraber) wrote :

Ok, desperate times call for desperate measures... can you do the following:
 - sudo apt-get install debsums procenv
 - "sudo debsums -sa" and attach the output to this bug report
 - "sudo procenv" and attach the output to this bug report

Revision history for this message
Juho Lehto (keeperb5-1) wrote :

Output you requested attached.

Revision history for this message
Juho Lehto (keeperb5-1) wrote :

I may have solved the problem after re-installing the server.

Before upgrading to 14.04 I made sure to check if Ubuntu Saucy container starts and it did. Then I upgraded to 14.04 and created new Ubuntu Trusty container. Both Saucy and Trusty containers started properly, although both output some errors which I believe is normal.

Then I started re-applying all the changes I had made previously before re-install. A problem appeared after I edited fstab to add nodev/noexec/nosuid mount options. I already knew that I couldn't use noexec for /var, but now both Ubuntu containers refused to even try to start if I had nodev and nosuid mount options for /var. Debian Wheezy container does start even with nodev and nosuid mount options.

Before re-install I had created symlinks to point from /var/lib/lxc to /srv/lxc and /srv did not have these mount options. This might explain the difference in what happened when I started the containers before and after re-install.

So apparently I can't use nodev and nosuid mount options for /var even if I use another partition without these mount options by using symlinks. Meanwhile, Debian containers worked all this time.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in lxc (Ubuntu):
status: New → Confirmed
Jamie Strandboge (jdstrand)
Changed in lxc (Ubuntu):
assignee: nobody → Tyler Hicks (tyhicks)
milestone: none → ubuntu-14.04
Revision history for this message
Tyler Hicks (tyhicks) wrote :

I believe this issue was solved with apparmor 2.8.95~2430-0ubuntu3. It contains a fix for a regression in how apparmor_parser generates AppArmor policy containing mount rules.

I'm going to mark this bug as a duplicate of the bug I listed in the AppArmor changelog. Please respond if upgrading to apparmor 2.8.95~2430-0ubuntu3 does not fix your issue.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.