[pkg-lxc-devel] Bug#958507: lxc: jessie LXC container does not start on hosts with cgroup2 / unified hierarchy

Ryutaroh Matsumoto ryutaroh at ict.e.titech.ac.jp
Thu Apr 23 04:39:38 BST 2020


Package: lxc
Version: 1:4.0.2-1~1
Severity: minor
Tags: wontfix
User: pkg-systemd-maintainers at lists.alioth.debian.org
Usertags: cgroupv2

Dear Maintainer,

Make a Jessie LXC container either by
lxc-create -t debian -- -r jessie, or
lxc-create -t download -- -r jessie -d debian -a amd64.
Then container's /sbin/init is very old systemd that
does not know CGroup2...

When host Linux is booted with the unified CGroup hierarchy
(systemd.unified_cgroup_hierarchy=1), there seems no quick way to
start Debian Jessie LXC container.
Maybe replacing /sbin/init with sysvinit-core package helps.

I have no problem to start Stretch&Buster&Bullseye LXC containers on
a host with the unified CGroup hierarchy, with the following change:

--- usr/share/lxc/config/orig-common.conf	2020-04-19 07:31:46.000000000 +0900
+++ usr/share/lxc/config/common.conf	2020-04-23 08:38:17.221673157 +0900
@@ -43,7 +43,7 @@
 lxc.cgroup.devices.allow = c 10:229 rwm
 
 # Setup the default mounts
-lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
+lxc.mount.auto = cgroup:rw:force proc:mixed sys:mixed
 lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0
 
 # Blacklist some syscalls which are not safe in privileged


I attach "wontfix" tag.

Best regards, Ryutaroh Matsumoto

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.5.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), LANGUAGE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lxc depends on:
ii  debconf [debconf-2.0]  1.5.73
ii  libc6                  2.30-4
ii  libgcc-s1              10-20200411-1
ii  liblxc1                1:4.0.2-1~1
ii  lsb-base               11.1.0

Versions of packages lxc recommends:
ii  apparmor                     2.13.4-1+b1
ii  bridge-utils                 1.6-2
ii  debootstrap                  1.0.123
ii  dirmngr                      2.2.20-1
ii  dnsmasq-base [dnsmasq-base]  2.80-1.1
ii  gnupg                        2.2.20-1
ii  iproute2                     5.6.0-1
ii  iptables                     1.8.4-3
pn  libpam-cgfs                  <none>
ii  lxc-templates                3.0.4-3
pn  lxcfs                        <none>
ii  openssl                      1.1.1f-1
ii  rsync                        3.1.3-8
ii  uidmap                       1:4.8.1-1

Versions of packages lxc suggests:
ii  btrfs-progs  5.6-1
pn  lvm2         <none>
pn  python3-lxc  <none>

-- Configuration Files:
/etc/lxc/default.conf changed:
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up


-- debconf information:
  lxc/auto_update_config:



More information about the Pkg-lxc-devel mailing list