Comment 4 for bug 1504781

Running lxc test against trusty-release in the CI production environment still works fine (against kernel -65). I do get the hang with running against -proposed, under otherwise the exact same circumstances.

The dist-upgrade to -proposed does the following:

The following NEW packages will be installed:
  linux-headers-3.13.0-66 linux-headers-3.13.0-66-generic
  linux-image-3.13.0-66-generic
The following packages will be upgraded:
  apport grub-common grub-pc grub-pc-bin grub2-common libpam-systemd
  libpython3.4-minimal libpython3.4-stdlib libsystemd-daemon0
  libsystemd-login0 libudev1 linux-headers-generic linux-headers-virtual
  linux-image-virtual linux-virtual ntpdate python3-apport
  python3-problem-report python3.4 python3.4-minimal systemd-services udev

I obviously hangs in lxc-test-ubuntu. I wonder if that's the first test which actually uses a bootstrapped full ubuntu image, not just a simple busybox one?

When it hangs, the following test related processes are running:

lxc-dns+ 3298 0.0 0.0 28204 956 ? S 09:07 0:00 dnsmasq -u lxc-dnsmasq --strict-order --bind-interfaces --pid-file=/run/lxc/dnsmasq.pid --conf-file= --listen-address 10.0.3.1 --dhcp-range 10.0.3.2,10.0.3.254 --dhcp-lease-max=253 --dhcp-no-override --except-interface=lo --interface=lxcbr0 --dhcp-leasefile=/var/lib/misc/dnsmasq.lxcbr0.leases --dhcp-authoritative
root 12758 0.0 0.0 4440 656 ? S 09:11 0:00 /bin/sh /usr/bin/lxc-test-ubuntu
root 31374 0.0 0.0 34724 1348 ? Ss 09:13 0:00 /usr/lib/x86_64-linux-gnu/lxc/lxc-monitord /var/lib/lxc 5
root 31426 0.0 0.0 34712 1504 ? S 09:13 0:00 lxc-wait -n 4a5f2adb-d593-4837-8698-f5455e95729e -s RUNNING

$ sudo lxc-ls -f
NAME STATE IPV4 IPV6 AUTOSTART
--------------------------------------------------------------------
4a5f2adb-d593-4837-8698-f5455e95729e STOPPED - - NO

so it seems the container never starts up? /var/lib/lxc/4a5f2adb-d593-4837-8698-f5455e95729e/rootfs/ looks like a normal rootfs, and /var/lib/lxc/4a5f2adb-d593-4837-8698-f5455e95729e/config exists too.

However, dmesg contains

[ 352.395653] type=1400 audit(1444554813.144:26): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="/usr/bin/lxc-start" name="/dev/ptmx" pid=31390 comm="lxc-start" srcname="/dev/pts/ptmx" flags="rw, bind"

and when I try to start it, I indeed get

root@adt:~# lxc-start -n 4a5f2adb-d593-4837-8698-f5455e95729e -F
lxc-start: conf.c: setup_pts: 1772 Permission denied - mount failed '/dev/pts/ptmx'->'/dev/ptmx'
lxc-start: conf.c: lxc_setup: 4230 failed to setup the new pts instance
lxc-start: start.c: do_start: 688 failed to setup the container
lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 2
lxc-start: start.c: __lxc_start: 1080 failed to spawn '4a5f2adb-d593-4837-8698-f5455e95729e'
lxc-start: lxc_start.c: main: 342 The container failed to start.
lxc-start: lxc_start.c: main: 346 Additional information can be obtained by setting the --logfile and --logpriority options.

and the same apparmor error repeated. So this surely does look like some lxc/kernel/apparmor related change to me, and I'd hold back that kernel until this gets examined more closely.