Ubuntu
apparmor package

LXC ignores lxc.rootfs.options on container reboot

Bug #2003383 reported by MegaBrutal
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lxc
New
Undecided
Unassigned
apparmor (Ubuntu)
New
Undecided
Unassigned

Bug Description

When I issue a `systemctl reboot` within the container, instead of rebooting, it stops with an error.

This is my config:

# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r jessie
# Template script checksum (SHA-1): 70e3d3a3adf290e12fc3522b2066039e079d8f1d

# Common configuration
lxc.include = /usr/share/lxc/config/ubuntu.common.conf

lxc.net.0.type = veth
lxc.net.0.hwaddr = 00:16:3e:9c:68:09
lxc.net.0.flags = up
lxc.net.0.link = br0
lxc.rootfs.path = /dev/vmdata-vg/lxc-jessie
lxc.rootfs.options = subvol=@
lxc.mount.fstab = /var/lib/lxc/jessie/fstab
lxc.tty.max = 4
lxc.pty.max = 1024
lxc.arch = amd64
lxc.uts.name = jessie
lxc.cap.drop = sys_module mac_admin mac_override sys_time

I have a suspicion that it might ignore lxc.rootfs.options and tries to mount the root BTRFS volume directly and can't find /sbin/init there.

I found the following lines of interest in the log.

Correct mount on first boot (lxc-start):
lxc-start jessie 20230119225558.271 DEBUG conf - conf.c:lxc_mount_rootfs:1436 - Mounted rootfs "/dev/vmdata-vg/lxc-jessie" onto "/usr/lib/x86_64-linux-gnu/lxc" with options "subvol=@"

Here the container requests reboot:
lxc-start jessie 20230119225946.800 INFO lxccontainer - lxccontainer.c:do_lxcapi_start:1128 - Container requested reboot

After the reboot, the mount options are "(null)" instead of "subvol=@":
lxc-start jessie 20230119225947.374 DEBUG conf - conf.c:lxc_mount_rootfs:1436 - Mounted rootfs "/dev/vmdata-vg/lxc-jessie" onto "/usr/lib/x86_64-linux-gnu/lxc" with options "(null)"

LXC can't execute /sbin/init because the BTRFS root is mounted instead of the subvolume:
lxc-start jessie 20230119225947.853 NOTICE start - start.c:start:2161 - Exec'ing "/sbin/init"
lxc-start jessie 20230119225947.853 ERROR start - start.c:start:2164 - No such file or directory - Failed to exec "/sbin/init"

See original description
Tags: lxc
Revision history for this message
MegaBrutal (qbu6to) wrote :
MegaBrutal (qbu6to)
description: updated
summary: - Unable to reboot LXC container
+ LXC ignores lxc.rootfs.options on container reboot
Revision history for this message
Georgia Garcia (georgiag) wrote :

Hello,

Looking at the lxc logs exclusively I couldn't figure out what's going on, or if it's related to AppArmor.
Could you also provide the kernel logs from the host and from the container?

Thank you

Revision history for this message
MegaBrutal (qbu6to) wrote :

Whoa, I swear I reported against lxc, not apparmor. Has it been reassigned? OK, it's valid to check possible AppArmor impact. Here is the syslog (systemd journal) from the host machine. The container doesn't record kernel messages. Note that the logs are in different timezones.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.