Ubuntu
lxc package

After some time of LXC usage SSH fails with `openpty: Permission denied`

Bug #1425477 reported by gozdal on 2015-02-25

6

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	lxc (Ubuntu)	Invalid	Undecided	Unassigned

Bug Description

I'm running Ubuntu 14.04.2 LTS on GNU/Linux 3.13.0-45-generic x86_64 as a host machine for tests run on LXC guests.

After a few test runs on LXC machines, startup of next LXC machine hangs indefinitely.
At the same time SSH connections to the host machine display "PTY allocation request failed on channel 0" and SSH logs in auth.log

Feb 25 05:19:28 remotedev sshd[18578]: error: openpty: Permission denied
Feb 25 05:19:28 remotedev sshd[18628]: error: session_pty_req: session 0 alloc failed

Only reboot brings the machine back to usable state.
I've tried destroying the non-starting LXC guest, stopping removing all guests, purging lxc and lxc-templates.

Revision history for this message

Serge Hallyn (serge-hallyn) wrote on 2015-02-25: Re: [Bug 1425477] [NEW] After some time of LXC usage SSH fails with `openpty: Permission denied`

#1

Please show us the exact commands you used to create
and run the containers. Please show us the userids
you are running them as, and contents of /etc/subuid.

Please show /proc/slef/mountinfo both from the host
and a container.

status: incomplete

Changed in lxc (Ubuntu):
status:	New → Incomplete

Revision history for this message

gozdal (gozdal) wrote on 2015-03-05:

#2

It seems that the problem was caused by autodev parameter that I added as per https://wiki.archlinux.org/index.php/Lxc-systemd. After removing extra options and using bare CentOS template the problem went away.

Revision history for this message

Serge Hallyn (serge-hallyn) wrote on 2015-03-06:

#3

Interesting, thanks for the information.

Changed in lxc (Ubuntu):
status:	Incomplete → Invalid

Revision history for this message

Arkadiy Kulev (eth-ethaniel) wrote on 2016-03-11:

#4

I am having exactly the same problem (I tried installing a openvpn server inside the LXC and needed to use autodev to setup TUN interface). My host machine failed shortly after:

cat > /usr/share/lxc/config/common.conf.d/02-openvpn-auto-tun.conf << EOL
lxc.hook.autodev = /usr/share/lxc/hooks/openvpn-auto-tun
EOL

cat > /usr/share/lxc/hooks/openvpn-auto-tun << EOL
#!/bin/bash
cd ${LXC_ROOTFS_MOUNT}/dev
mkdir net
mknod net/tun c 10 200
chmod 0666 net/tun
EOL

chmod 755 /usr/share/lxc/hooks/openvpn-auto-tun

Revision history for this message

Arkadiy Kulev (eth-ethaniel) wrote on 2016-03-11:

#5

This is an old bug (2 years ago): http://lxc-users.linuxcontainers.narkive.com/QwhqLl5M/lxc-leaking-ptys

Revision history for this message

Serge Hallyn (serge-hallyn) wrote on 2016-03-11:

#6

Did you say your *host* fails shortly after starting that container? In what way does the host fail?

Commenting out the line in 02-openvpn-auto-tun.conf avoids the problem?

Revision history for this message

Arkadiy Kulev (eth-ethaniel) wrote on 2016-03-14:

#7

If you want to install openvpn inside LXC, here is how you do it cleanly without invoking autodev:
https://forum.proxmox.com/threads/tun-devices-in-ve-4-lxc.23473/#post-132952

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.