O LXC Container não privilegiado falha ao inicializar na inicialização com 'call to cgmanager_create_sync failed'

0

Tenho alguns problemas ao tentar iniciar um contêiner LVC sem privilégios na minha máquina.

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.3 LTS
Release:    14.04
Codename:   trusty

$ uname -a
Linux e2180 3.19.0-30-generic #34~14.04.1-Ubuntu SMP Fri Oct 2 22:10:15 UTC 2015 i686 i686 i686 GNU/Linux

Eu coloquei isso no cron do meu usuário usando crontab -e :

@reboot lxc-start --daemon --name apache --logfile=/tmp/lxc-apache.log --logpriority=DEBUG

Em seguida, reiniciei minha máquina e obtive isso em /tmp/lxc-apache.log :

  lxc-start 1445290224.096 INFO     lxc_start_ui - lxc_start.c:main:265 - using rcfile /home/eduar/.local/share/lxc/apache/config
  lxc-start 1445290224.147 INFO     lxc_utils - utils.c:get_rundir:409 - XDG_RUNTIME_DIR isn't set in the environment.
  lxc-start 1445290224.201 INFO     lxc_confile - confile.c:config_idmap:1325 - read uid map: type u nsid 0 hostid 100000 range 65536
  lxc-start 1445290224.201 INFO     lxc_confile - confile.c:config_idmap:1325 - read uid map: type g nsid 0 hostid 100000 range 65536
  lxc-start 1445290224.201 WARN     lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized
  lxc-start 1445290224.202 WARN     lxc_cgmanager - cgmanager.c:cgm_get:954 - do_cgm_get exited with error
  lxc-start 1445290224.203 INFO     lxc_start - start.c:lxc_check_inherited:209 - closed inherited fd 4
  lxc-start 1445290224.225 INFO     lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
  lxc-start 1445290224.225 INFO     lxc_utils - utils.c:get_rundir:409 - XDG_RUNTIME_DIR isn't set in the environment.
  lxc-start 1445290224.226 DEBUG    lxc_conf - conf.c:lxc_create_tty:3667 - allocated pty '/dev/pts/3' (5/6)
  lxc-start 1445290224.226 DEBUG    lxc_conf - conf.c:lxc_create_tty:3667 - allocated pty '/dev/pts/4' (7/8)
  lxc-start 1445290224.226 DEBUG    lxc_conf - conf.c:lxc_create_tty:3667 - allocated pty '/dev/pts/5' (9/10)
  lxc-start 1445290224.226 DEBUG    lxc_conf - conf.c:lxc_create_tty:3667 - allocated pty '/dev/pts/7' (11/12)
  lxc-start 1445290224.226 INFO     lxc_conf - conf.c:lxc_create_tty:3678 - tty's configured
  lxc-start 1445290224.226 DEBUG    lxc_start - start.c:setup_signal_fd:247 - sigchild handler set
  lxc-start 1445290224.226 DEBUG    lxc_console - console.c:lxc_console_peer_default:536 - no console peer
  lxc-start 1445290224.227 INFO     lxc_start - start.c:lxc_check_inherited:209 - closed inherited fd 4
  lxc-start 1445290224.230 INFO     lxc_monitor - monitor.c:lxc_monitor_sock_name:177 - using monitor sock name lxc/2f34e2e8b7bf55bd//home/eduar/.local/share/lxc
  lxc-start 1445290224.464 INFO     lxc_start - start.c:lxc_init:443 - 'apache' is initialized
  lxc-start 1445290224.465 DEBUG    lxc_start - start.c:__lxc_start:1058 - Not dropping cap_sys_boot or watching utmp
  lxc-start 1445290224.465 INFO     lxc_start - start.c:lxc_spawn:802 - Cloning a new user namespace
  lxc-start 1445290224.465 INFO     lxc_cgroup - cgroup.c:cgroup_init:62 - cgroup driver cgmanager initing for apache
  lxc-start 1445290224.465 ERROR    lxc_cgmanager - cgmanager.c:lxc_cgmanager_create:299 - call to cgmanager_create_sync failed: invalid request
  lxc-start 1445290224.465 ERROR    lxc_cgmanager - cgmanager.c:lxc_cgmanager_create:301 - Failed to create hugetlb:apache
  lxc-start 1445290224.465 ERROR    lxc_cgmanager - cgmanager.c:cgm_create:646 - Error creating cgroup hugetlb:apache
  lxc-start 1445290224.466 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: hugetlb:apache did not exist
  lxc-start 1445290224.466 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: net_prio:apache did not exist
  lxc-start 1445290224.466 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: perf_event:apache did not exist
  lxc-start 1445290224.466 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: blkio:apache did not exist
  lxc-start 1445290224.466 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: net_cls:apache did not exist
  lxc-start 1445290224.467 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: freezer:apache did not exist
  lxc-start 1445290224.467 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: devices:apache did not exist
  lxc-start 1445290224.467 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: memory:apache did not exist
  lxc-start 1445290224.467 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: cpuacct:apache did not exist
  lxc-start 1445290224.467 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: cpu:apache did not exist
  lxc-start 1445290224.468 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: cpuset:apache did not exist
  lxc-start 1445290224.468 INFO     lxc_cgmanager - cgmanager.c:cgm_remove_cgroup:523 - cgroup removal attempt: name=systemd:apache did not exist
  lxc-start 1445290224.468 ERROR    lxc_start - start.c:lxc_spawn:861 - failed creating cgroups
  lxc-start 1445290224.468 INFO     lxc_utils - utils.c:get_rundir:409 - XDG_RUNTIME_DIR isn't set in the environment.
  lxc-start 1445290224.468 ERROR    lxc_start - start.c:__lxc_start:1080 - failed to spawn 'apache'
  lxc-start 1445290224.468 INFO     lxc_utils - utils.c:get_rundir:409 - XDG_RUNTIME_DIR isn't set in the environment.
  lxc-start 1445290224.468 INFO     lxc_utils - utils.c:get_rundir:409 - XDG_RUNTIME_DIR isn't set in the environment.
  lxc-start 1445290224.468 WARN     lxc_commands - commands.c:lxc_cmd_rsp_recv:172 - command get_init_pid failed to receive response
  lxc-start 1445290224.469 WARN     lxc_cgmanager - cgmanager.c:cgm_get:954 - do_cgm_get exited with error
  lxc-start 1445290229.474 ERROR    lxc_start_ui - lxc_start.c:main:342 - The container failed to start.
  lxc-start 1445290229.474 ERROR    lxc_start_ui - lxc_start.c:main:344 - To get more details, run the container in foreground mode.
  lxc-start 1445290229.474 ERROR    lxc_start_ui - lxc_start.c:main:346 - Additional information can be obtained by setting the --logfile and --logpriority options.

No entanto, se eu fizer login e, em seguida, executar exatamente o mesmo comando:

$ lxc-start --daemon --name apache --logfile=/tmp/lxc-apache.log --logpriority=DEBUG

Em seguida, meu contêiner é iniciado com sucesso:

  lxc-start 1445290659.479 INFO     lxc_start_ui - lxc_start.c:main:265 - using rcfile /home/eduar/.local/share/lxc/apache/config
  lxc-start 1445290659.479 INFO     lxc_confile - confile.c:config_idmap:1325 - read uid map: type u nsid 0 hostid 100000 range 65536
  lxc-start 1445290659.479 INFO     lxc_confile - confile.c:config_idmap:1325 - read uid map: type g nsid 0 hostid 100000 range 65536
  lxc-start 1445290659.479 WARN     lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized
  lxc-start 1445290659.481 WARN     lxc_cgmanager - cgmanager.c:cgm_get:954 - do_cgm_get exited with error
  lxc-start 1445290659.482 INFO     lxc_start - start.c:lxc_check_inherited:209 - closed inherited fd 4
  lxc-start 1445290659.486 INFO     lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
  lxc-start 1445290659.487 INFO     lxc_start - start.c:lxc_check_inherited:209 - closed inherited fd 4
  lxc-start 1445290659.487 DEBUG    lxc_conf - conf.c:lxc_create_tty:3667 - allocated pty '/dev/pts/1' (5/6)
  lxc-start 1445290659.487 DEBUG    lxc_conf - conf.c:lxc_create_tty:3667 - allocated pty '/dev/pts/2' (7/8)
  lxc-start 1445290659.487 DEBUG    lxc_conf - conf.c:lxc_create_tty:3667 - allocated pty '/dev/pts/4' (9/10)
  lxc-start 1445290659.487 DEBUG    lxc_conf - conf.c:lxc_create_tty:3667 - allocated pty '/dev/pts/5' (11/12)
  lxc-start 1445290659.487 INFO     lxc_conf - conf.c:lxc_create_tty:3678 - tty's configured
  lxc-start 1445290659.487 DEBUG    lxc_start - start.c:setup_signal_fd:247 - sigchild handler set
  lxc-start 1445290659.487 DEBUG    lxc_console - console.c:lxc_console_peer_default:536 - no console peer
  lxc-start 1445290659.491 INFO     lxc_monitor - monitor.c:lxc_monitor_sock_name:177 - using monitor sock name lxc/2f34e2e8b7bf55bd//home/eduar/.local/share/lxc
  lxc-start 1445290659.679 INFO     lxc_start - start.c:lxc_init:443 - 'apache' is initialized
  lxc-start 1445290659.680 DEBUG    lxc_start - start.c:__lxc_start:1058 - Not dropping cap_sys_boot or watching utmp
  lxc-start 1445290659.680 INFO     lxc_start - start.c:lxc_spawn:802 - Cloning a new user namespace
  lxc-start 1445290659.680 INFO     lxc_cgroup - cgroup.c:cgroup_init:62 - cgroup driver cgmanager initing for apache
  lxc-start 1445290659.833 NOTICE   lxc_start - start.c:do_start:656 - switching to gid/uid 0 in new user namespace
  lxc-start 1445290659.835 DEBUG    lxc_conf - conf.c:setup_rootfs:1613 - mounted '/home/eduar/.local/share/lxc/apache/rootfs' on '/usr/lib/i386-linux-gnu/lxc'
  lxc-start 1445290659.835 INFO     lxc_conf - conf.c:setup_utsname:900 - 'apache' hostname has been setup
  lxc-start 1445290659.836 DEBUG    lxc_conf - conf.c:setup_netdev:2786 - 'eth0' has been setup
  lxc-start 1445290659.836 INFO     lxc_conf - conf.c:setup_network:2807 - network has been setup
  lxc-start 1445290659.836 DEBUG    lxc_conf - conf.c:check_autodev:3908 - Set exec command to /sbin/init
  lxc-start 1445290659.857 INFO     lxc_conf - conf.c:check_autodev:3946 - Autodev not required.
  lxc-start 1445290659.862 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted 'proc' on '/usr/lib/i386-linux-gnu/lxc/proc', type 'proc'
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted 'sysfs' on '/usr/lib/i386-linux-gnu/lxc/sys', type 'sysfs'
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /sys/fs/fuse/connections on /usr/lib/i386-linux-gnu/lxc/sys/fs/fuse/connections to respect bind or remount options
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /sys/fs/fuse/connections was 4096, required extra flags are 0
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/sys/fs/fuse/connections' on '/usr/lib/i386-linux-gnu/lxc/sys/fs/fuse/connections', type 'none'
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /sys/kernel/debug on /usr/lib/i386-linux-gnu/lxc/sys/kernel/debug to respect bind or remount options
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /sys/kernel/debug was 4096, required extra flags are 0
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/sys/kernel/debug' on '/usr/lib/i386-linux-gnu/lxc/sys/kernel/debug', type 'none'
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /sys/kernel/security on /usr/lib/i386-linux-gnu/lxc/sys/kernel/security to respect bind or remount options
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /sys/kernel/security was 4096, required extra flags are 0
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/sys/kernel/security' on '/usr/lib/i386-linux-gnu/lxc/sys/kernel/security', type 'none'
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /sys/fs/pstore on /usr/lib/i386-linux-gnu/lxc/sys/fs/pstore to respect bind or remount options
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /sys/fs/pstore was 4096, required extra flags are 0
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.863 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/sys/fs/pstore' on '/usr/lib/i386-linux-gnu/lxc/sys/fs/pstore', type 'none'
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /dev/console on /usr/lib/i386-linux-gnu/lxc/dev/console to respect bind or remount options
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /dev/console was 4096, required extra flags are 0
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/dev/console' on '/usr/lib/i386-linux-gnu/lxc/dev/console', type 'none'
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /dev/full on /usr/lib/i386-linux-gnu/lxc/dev/full to respect bind or remount options
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /dev/full was 4096, required extra flags are 0
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/dev/full' on '/usr/lib/i386-linux-gnu/lxc/dev/full', type 'none'
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /dev/null on /usr/lib/i386-linux-gnu/lxc/dev/null to respect bind or remount options
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /dev/null was 4096, required extra flags are 0
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/dev/null' on '/usr/lib/i386-linux-gnu/lxc/dev/null', type 'none'
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /dev/random on /usr/lib/i386-linux-gnu/lxc/dev/random to respect bind or remount options
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /dev/random was 4096, required extra flags are 0
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/dev/random' on '/usr/lib/i386-linux-gnu/lxc/dev/random', type 'none'
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /dev/tty on /usr/lib/i386-linux-gnu/lxc/dev/tty to respect bind or remount options
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /dev/tty was 4096, required extra flags are 0
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/dev/tty' on '/usr/lib/i386-linux-gnu/lxc/dev/tty', type 'none'
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /dev/urandom on /usr/lib/i386-linux-gnu/lxc/dev/urandom to respect bind or remount options
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /dev/urandom was 4096, required extra flags are 0
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.882 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/dev/urandom' on '/usr/lib/i386-linux-gnu/lxc/dev/urandom', type 'none'
  lxc-start 1445290659.883 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /dev/zero on /usr/lib/i386-linux-gnu/lxc/dev/zero to respect bind or remount options
  lxc-start 1445290659.883 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /dev/zero was 4096, required extra flags are 0
  lxc-start 1445290659.883 DEBUG    lxc_conf - conf.c:mount_entry:2082 - mountflags already was 4096, skipping remount
  lxc-start 1445290659.883 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/dev/zero' on '/usr/lib/i386-linux-gnu/lxc/dev/zero', type 'none'
  lxc-start 1445290659.883 ERROR    lxc_utils - utils.c:safe_mount:1434 - No such file or directory - Mount of '/sys/firmware/efi/efivars' onto '/usr/lib/i386-linux-gnu/lxc/sys/firmware/efi/efivars' failed
  lxc-start 1445290659.883 INFO     lxc_conf - conf.c:mount_entry:2047 - failed to mount '/sys/firmware/efi/efivars' on '/usr/lib/i386-linux-gnu/lxc/sys/firmware/efi/efivars' (optional): No such file or directory
  lxc-start 1445290659.883 DEBUG    lxc_conf - conf.c:mount_entry:2058 - remounting /proc/sys/fs/binfmt_misc on /usr/lib/i386-linux-gnu/lxc/proc/sys/fs/binfmt_misc to respect bind or remount options
  lxc-start 1445290659.883 DEBUG    lxc_conf - conf.c:mount_entry:2073 - (at remount) flags for /proc/sys/fs/binfmt_misc was 4110, required extra flags are 14
  lxc-start 1445290659.883 DEBUG    lxc_conf - conf.c:mount_entry:2108 - mounted '/proc/sys/fs/binfmt_misc' on '/usr/lib/i386-linux-gnu/lxc/proc/sys/fs/binfmt_misc', type 'none'
  lxc-start 1445290659.883 INFO     lxc_conf - conf.c:mount_file_entries:2357 - mount points have been setup
  lxc-start 1445290659.883 INFO     lxc_conf - conf.c:setup_dev_console:1838 - console has been setup
  lxc-start 1445290659.884 INFO     lxc_conf - conf.c:setup_tty:1029 - 4 tty(s) has been setup
  lxc-start 1445290659.884 INFO     lxc_conf - conf.c:do_tmp_proc_mount:3972 - I am 1, /proc/self points to '1'
  lxc-start 1445290659.888 DEBUG    lxc_conf - conf.c:setup_rootfs_pivot_root:1199 - created '/usr/lib/i386-linux-gnu/lxc/lxc_putold' directory
  lxc-start 1445290659.888 DEBUG    lxc_conf - conf.c:setup_rootfs_pivot_root:1202 - mountpoint for old rootfs is '/usr/lib/i386-linux-gnu/lxc/lxc_putold'
  lxc-start 1445290659.888 DEBUG    lxc_conf - conf.c:setup_rootfs_pivot_root:1215 - pivot_root syscall to '/usr/lib/i386-linux-gnu/lxc' successful
  lxc-start 1445290659.902 INFO     lxc_conf - conf.c:umount_oldrootfs:1153 - lazy unmount of '/lxc_putold'
  lxc-start 1445290659.902 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/dev'
  lxc-start 1445290659.902 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/dev/pts'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/run'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/run/lock'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/run/shm'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/run/user'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/sys'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/sys/fs/cgroup'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/sys/fs/cgroup/systemd'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/sys/fs/fuse/connections'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/sys/kernel/debug'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/sys/kernel/security'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/sys/fs/pstore'
  lxc-start 1445290659.903 WARN     lxc_conf - conf.c:umount_oldrootfs:1163 - failed to unmount '/lxc_putold/proc'
  lxc-start 1445290659.905 INFO     lxc_conf - conf.c:setup_personality:1793 - set personality to '0x8'
  lxc-start 1445290659.905 NOTICE   lxc_conf - conf.c:lxc_setup:4255 - 'apache' is setup.
  lxc-start 1445290659.905 INFO     lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:157 - changed apparmor profile to lxc-container-default
  lxc-start 1445290659.905 NOTICE   lxc_start - start.c:start:1152 - exec'ing '/sbin/init'
  lxc-start 1445290659.932 NOTICE   lxc_start - start.c:post_start:1163 - '/sbin/init' started with pid '1276'
  lxc-start 1445290659.933 WARN     lxc_start - start.c:signal_handler:295 - invalid pid for SIGCHLD
  lxc-start 1445290659.933 DEBUG    lxc_commands - commands.c:lxc_cmd_handler:888 - peer has disconnected
  lxc-start 1445290659.935 DEBUG    lxc_commands - commands.c:lxc_cmd_handler:888 - peer has disconnected
  lxc-start 1445290659.935 DEBUG    lxc_commands - commands.c:lxc_cmd_get_state:574 - 'apache' is in 'RUNNING' state

O que devo fazer para que meus contêineres desprivilegiados sejam iniciados na inicialização da minha máquina? Por favor, note que este problema é apenas com contêineres na inicialização; se eu fizer login, todos os meus contêineres sem privilégios funcionarão conforme o esperado.

    
por Eduar 19.10.2015 / 23:50

1 resposta

0

Para o caso de alguém mais ter o mesmo problema, minha solução:

Parece que o cron não usa um login de shell completo, com todas as variáveis configuradas, entre elas o ambiente relacionado ao cgroup. Então, quando o cron tenta iniciar os containers, ele falha.

A única coisa que eu consegui encontrar para resolver o meu problema é fazer ssh na mesma máquina e depois iniciar os containers. Algo assim:

$ ssh-keygen -t rsa
$ ssh-copy-id localhost

Depois disso, coloquei meu crontab:

@reboot sleep 5 && ssh -l eduar localhost lxc-autostart
    
por Eduar 10.11.2015 / 03:16