Ubuntu
lxc package

lxc & swapoff: Not superuser

Bug #930652 reported by Andy Igoshin
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lxc (Ubuntu)
Won't Fix
Wishlist
Unassigned

Bug Description

inside the container during poweroff process i get such error:

 * Deactivating swap... swapoff: Not superuser.                    [fail]

---------------------------------------------------------------------------
root@relay1:~# lsb_release -rd
Description: Ubuntu 11.10
Release: 11.10

root@relay1:~# apt-cache policy lxc
lxc:
  Installed: 0.7.5-0ubuntu8.3
  Candidate: 0.7.5-0ubuntu8.3
  Version table:
 *** 0.7.5-0ubuntu8.3 0
        500 http://ru.archive.ubuntu.com/ubuntu/ oneiric-updates/universe amd64 Packages
        100 /var/lib/dpkg/status
     0.7.5-0ubuntu8 0
        500 http://ru.archive.ubuntu.com/ubuntu/ oneiric/universe amd64 Packages

---------------------------------------------------------------------------
root@relay1:~# lxc-start -n sbc

Ubuntu 11.10 sbc /dev/console

sbc login: root
Password:
Last login: Sat Feb 11 10:52:03 UTC 2012 on tty1
Welcome to Ubuntu 11.10 (GNU/Linux 3.0.0-15-server x86_64)

 * Documentation: https://help.ubuntu.com/11.10/serverguide/C
root@sbc:~# poweroff

Broadcast message from root@sbc
        (/dev/console) at 14:05 ...

The system is going down for power off NOW!
root@sbc:~# * Asking all remaining processes to terminate... [ OK ]
 * All processes ended within 1 seconds.... [ OK ]
 * Deconfiguring network interfaces... [ OK ]
 * Deactivating swap... swapoff: Not superuser.
                                                                         [fail]
 * Unmounting weak filesystems... [ OK ]
umount: /var/run: not mounted
mount: / is busy
 * Will now halt

See original description
Andy Igoshin (andy-igoshin)
description: updated
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Thanks for reporting this bug.

I see the message too. Of course the failure to unmount swap is a good thing :) I'll assume the real bug, as perceived, is that the container thinks it has something to swapoff. Fixing that will require /proc contents filtering.

We can use the apparmor policy to deny read access to /proc/swaps, which replaces the error with

/etc/rc0.d/S35networking: 61: /etc/rc0.d/S35networking: cannot open /proc/swaps: Permission denied
 * Deactivating swap... [ OK ]

Another possibility of course is for /etc/rc0.d/S35networking to detect it is in a container and not try to swapoff.

However, as no harm is being done to the container or the host, I"m going to mark this wishlist for now.

Changed in lxc (Ubuntu):
status: New → Confirmed
importance: Undecided → Low
importance: Low → Wishlist
Revision history for this message
Andy Igoshin (andy-igoshin) wrote :

ok, thanks!

Revision history for this message
Stéphane Graber (stgraber) wrote :

We're not going to fix this in LXC as the failure is obviously intended.

However with lxcfs we can now render /proc/swaps in a more consistent way, including hiding swap for containers which shouldn't have any swap access.

Changed in lxc (Ubuntu):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.