Comment 6 for bug 1253669

I've been trying to narrow it down by running lxc-execute on a few other systems, including a 12.04.3 with the 3.2.0-55-generic Kernel, no success. As you said, the debug output unfortunately does not provide any details.

What I know so far:
* lxc 0.7.5-3 (standard precise version) and 0.8.0~rc1 (backport) work fine on 3.2 and 3.8 kernels
* as soon as I upgrade to 1.0.0~alpha1 and any kernel, it does not work anymore
* upgrading to the latest daily (1.0.0~alpha3+master~20131122-0500-0ubuntu1~ppa1~precise1) does not resolve the issue on 3.2 and 3.8

I also tried to use a custom container (see attached lxc configuration) using # lxc-execute -n foo -f lxc.conf -- /bin/bash, but no luck. Note that I run lxc-execute directly from the command line on the host, not inside a OS container.

FYI: I use lxc to isolate Apache2 instances on my webservers, using complex container setups with my own templates. As I said, this worked perfectly with 0.8.0~rc1 and earlier, and with 1.0.0~alpha1 the containers work as well - except it is impossible to drop cap_sys_admin.