PrivateNetwork=yes (hostnamed, localed) does not work in lxd

Bug #1635382 reported by Scott Moser on 2016-10-20
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Undecided
Unassigned

Bug Description

$ lxc launch ubuntu-daily:yakkety y-hostname1
$ sleep 10
$ lxc exec y-hostname1 -- hostnamectl set-hostname smoser
<hang>
Could not set property: Connection timed out

$ lxc exec y-hostname1 -- systemctl status --no-pager -l systemd-hostnamed
● systemd-hostnamed.service - Hostname Service
   Loaded: loaded (/lib/systemd/system/systemd-hostnamed.service; static; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2016-10-20 19:19:16 UTC; 1min 9s ago
     Docs: man:systemd-hostnamed.service(8)
           man:hostname(5)
           man:machine-info(5)
           http://www.freedesktop.org/wiki/Software/systemd/hostnamed
  Process: 561 ExecStart=/lib/systemd/systemd-hostnamed (code=exited, status=225/NETWORK)
 Main PID: 561 (code=exited, status=225/NETWORK)

Oct 20 19:19:16 y-hostname1 systemd[1]: Starting Hostname Service...
Oct 20 19:19:16 y-hostname1 systemd[1]: systemd-hostnamed.service: Main process exited, code=exited, status=225/NETWORK
Oct 20 19:19:16 y-hostname1 systemd[1]: Failed to start Hostname Service.
Oct 20 19:19:16 y-hostname1 systemd[1]: systemd-hostnamed.service: Unit entered failed state.
Oct 20 19:19:16 y-hostname1 systemd[1]: systemd-hostnamed.service: Failed with result 'exit-code'.

ProblemType: Bug
DistroRelease: Ubuntu 16.10
Package: systemd 231-9git1
ProcVersionSignature: Ubuntu 4.8.0-22.24-generic 4.8.0
Uname: Linux 4.8.0-22-generic x86_64
ApportVersion: 2.20.3-0ubuntu8
Architecture: amd64
Date: Thu Oct 20 19:02:29 2016
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.8.0-22-generic.efi.signed root=UUID=f897b32a-eacf-4191-9717-844918947069 ro quiet splash vt.handoff=7
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.vendor: Intel Corporation

Scott Moser (smoser) wrote :

Confirmed. systemd-hostnamed.service has "PrivateNetwork=yes" (to lock down privileges), but unprivileged lxd containers cannot create new network namespaces, thus you get the 225/NETWORK .

summary: - hostnamectl does not work
+ hostnamectl does not work in lxd
Changed in systemd (Ubuntu):
status: New → Triaged
Martin Pitt (pitti) on 2016-10-20
summary: - hostnamectl does not work in lxd
+ PrivateNetwork=yes (hostnamed, localed) does not work in lxd
Christian Brauner (cbrauner) wrote :

What? That's totally possible. Simply try unshare -n inside an unprivileged container as root.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers