| View previous topic :: View next topic |
| Author |
Message |
as.gentoo
Guru
Joined: 07 Aug 2004
Posts: 319
|
 Posted: Wed Dec 23, 2015 12:07 am Post subject: lxc-start - permission / cgmanager invalid request - errors |
 |
|
EDIT: there are updates at the end of this post.
Hello,
I just put lxc on my box and followed the instructions here https://linuxcontainers.org/lxc/getting-started/ and here https://wiki.gentoo.org/wiki/LXC
The container shall run unprivileged started by the user "lxc".
When I try to start a container - that I created as user lxc - I get this in the logs:
| Code: | lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:lxc_cgroupfs_create:956 - Permission denied - Could not create cgroup '/lxc' in '/sys/fs/cgroup/pids'.
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/pids/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/perf_event/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/net_cls/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/freezer/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/devices/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/memory/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/blkio/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/cpuacct/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/cpu/
lxc-start 1450826135.280 ERROR lxc_cgfs - cgfs.c:cgroup_rmdir:207 - Permission denied - cgroup_rmdir: failed to delete /sys/fs/cgroup/cpuset/
lxc-start 1450826135.280 ERROR lxc_start - start.c:lxc_spawn:955 - failed creating cgroups
lxc-start 1450826135.280 ERROR lxc_start - start.c:__lxc_start:1192 - failed to spawn 'playtime' |
output when creating container
| Code: | lxc $> lxc-create -t download -n playtime -f ~/.config/lxc/guest.conf -- -d ubuntu -r trusty -a amd64
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
Using image from local cache
Unpacking the rootfs
---
You just created an Ubuntu container (release=trusty, arch=amd64, variant=default)
To enable sshd, run: apt-get install openssh-server
For security reason, container images ship without user accounts
and without a root password.
Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts |
somehow this doesn't look right
| Code: | lxc $> chroot ~/.local/share/lxc/playtime/rootfs /bin/bash
chroot: cannot change root directory to ‘/home/lxc/.local/share/lxc/playtime/rootfs’: Operation not permitted |
even as root
| Code: | root #> chroot rootfs /bin/bash
groups: cannot find name for group ID 11 |
shouldn't rootfs be accessible for user lxc?
| Code: | lxc $> ls -al /home/lxc/.local/share/lxc/playtime/
total 16
drwxrwx--- 3 100000 lxc 4096 Dec 23 00:41 .
drwxr-xr-x 3 lxc lxc 4096 Dec 23 00:41 ..
-rw-r--r-- 1 lxc lxc 992 Dec 23 00:41 config
drwxr-xr-x 21 100000 100000 4096 Dec 22 04:53 rootfs |
cgmanager is only mentioned in the howto on the LXC page. Is it obsolete?
| Code: | xxx $> psgrep cgmanager
5245 0.0 0.0 13588 2136 pts/3 S+ 00:04 0:00 | \_ grep --colour=auto cgmanager
xxx $> sudo cgmanager --daemon
cgmanager: Unable to write pid file: No such file or directory
xxx $> sudo cgmanager --daemon
Password:
cgmanager:setup_cgroup_dir: cgmanager is already running
cgmanager: Failed to set up cgmanager socke
xxx $> |
here's the config file
| Code: | # Distribution configuration
lxc.include = /usr/share/lxc/config/ubuntu.common.conf
lxc.include = /usr/share/lxc/config/ubuntu.userns.conf
lxc.arch = x86_64
# Container specific configuration
lxc.id_map = u 0 100000 65536
lxc.id_map = g 0 100000 65536
lxc.tty = 1
# lxc.kmsg = 0
lxc.mount.entry = tmpfs tmp tmpfs defaults
lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir
lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir
lxc.mount.entry = /tmp/.X11-unix tmp/.X11-unix none bind,optional,create=dir
lxc.mount.entry = /dev/video0 dev/video0 none bind,optional,create=file
lxc.rootfs = /home/lxc/.local/share/lxc/playtime/rootfs
lxc.utsname = playtime
# Network configuration
lxc.network.type = none |
I'm not sure if it's connected. I have this output for some time.
* Starting metalog ...
* start-stop-daemon: fopen `/run/metalog.pid': No such file or directory
| Code: | * Detaching to start `/usr/sbin/metalog' ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* Starting consolekit ...
* start-stop-daemon: fopen `/var/run/ConsoleKit/pid': No such file or directory
* Detaching to start `/usr/sbin/console-kit-daemon' ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* Starting cronie ...
* start-stop-daemon: fopen `/var/run/crond.pid': No such file or directory
* Detaching to start `/usr/sbin/crond' ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* Starting cupsd ...
* Detaching to start `/usr/sbin/cupsd' ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* Starting gpm ...
* start-stop-daemon: fopen `/var/run/gpm.pid': No such file or directory
* Detaching to start `/usr/sbin/gpm' ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* MODULE_0 is not set in /etc/conf.d/lm_sensors, try running sensors-detect
* ERROR: lm_sensors failed to start
* runscript is deprecated; please use openrc-run instead.
* Mounting network filesystems ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* Setting up kdm ...
* start-stop-daemon: fopen `/run/kdm.pid': No such file or directory
* Detaching to start `/usr/bin/kdm' ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* Starting mcelog ...
* start-stop-daemon: fopen `/var/run/mcelog.pid': No such file or directory
* Detaching to start `/usr/sbin/mcelog' ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* Starting OpenNTPD ...
* start-stop-daemon: fopen `/run/ntpd.pid': No such file or directory
* Detaching to start `/usr/sbin/ntpd' ...
[ ok ]
* runscript is deprecated; please use openrc-run instead.
* Starting smartd ...
* start-stop-daemon: fopen `/run/smartd.pid': No such file or directory
* Detaching to start `/usr/sbin/smartd' ...
[ ok ] |
| Code: | $> ls -al /run/metalog.pid
-rw-r--r-- 1 root root 5 Dec 22 23:43 /run/metalog.pid |
UPDATE-01:
After a lot of trial and error this problem remains:
| Code: | $ lxc-start -n playtime1 -o lxc-start.log
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
WARN: could not reopen tty: Permission denied
lxc-start 1451059901.219 ERROR lxc_cgmanager - call to cgmanager_move_pid_sync failed: invalid request
lxc-start 1451059901.234 ERROR lxc_start - failed to spawn 'playtime1'
lxc-start 1451059901.235 ERROR lxc_start_ui - The container failed to start.
lxc-start: Additional information can be obtained by setting the --logfile and --logpriority options. |
I really can't tell what's different now. Except for that cgmanager is used by lxc. That's - as far as I understand - not mentioned as something that is needed here: https://wiki.gentoo.org/wiki/LXC
Connected to the LXC howto: shouldn't 'root # su - lxc' be be moved down right before the 'creation of ~/.config/lxc/guest.con'f and shouldn't the prompt from that place look like lxc $ instead of root #? As it is now it's quite misleading, maybe the user could be lxc_user that would make things easier for newbies like me too. 
Anyhow, I still can't start a container. What can I do?
PS: I tried the most recent version lxc-1.1.5 and lxc-1.0.7 - same result.
In case this matters:
| Code: | $ cat /proc/self/cgroup
12:name=portage:/
11:pids:/
10:perf_event:/
9:net_cls:/
8:freezer:/
7:devices:/
6:memory:/
5:blkio:/
4:cpuacct:/
3:cpu:/
2:cpuset:/
1:name=openrc:/xdm |
Last edited by as.gentoo on Fri Dec 25, 2015 6:54 pm; edited 1 time in total |
|
| Back to top |
|
 |
Fog_Watch
Apprentice
Joined: 24 Jul 2006
Posts: 267
Location: Utility Muffin Research Kitchen
|
| Posted: Mon Dec 28, 2015 5:08 am Post subject: |
|
|
This might not be relevant but documentation suggests something like:
| Code: | user $ssh root@localhost cgm create all lxc
user $ssh root@localhost cgm chown all $USER $(id -u) $(id -g)
user $ssh root@localhost cgm chown all lxc $(id -u) $(id -g)
user $cgm movepid all lxc $$
user $cat /proc/self/cgroup #to check |
|
|
| Back to top |
|
|
as.gentoo
Guru
Joined: 07 Aug 2004
Posts: 319
|
| Posted: Mon Dec 28, 2015 2:53 pm Post subject: |
|
|
| Fog_Watch wrote: | This might not be relevant but documentation suggests something like:
| Code: | user $ssh root@localhost cgm create all lxc
user $ssh root@localhost cgm chown all $USER $(id -u) $(id -g)
user $ssh root@localhost cgm chown all lxc $(id -u) $(id -g)
user $cgm movepid all lxc $$
user $cat /proc/self/cgroup #to check |
|
Looks like that's the problem:
| Code: | player ~ $ sudo cgm chown all player 1111 1111
call to cgmanager_chown_sync failed: invalid request
player ~ $ |
Any idea what might cause this?
update:
I followed https://s3hh.wordpress.com/2014/03/25/introducing-cgmanager/ by doing
| Code: | #> cgm chown all player 1004 1004
#> cat /proc/self/cgroup
$ cgm movepid all player $$
$ cat /proc/self/cgroup
12:name=portage:/player
11:pids:/player
10:perf_event:/player
9:net_cls:/player
8:freezer:/player
7:devices:/player
6:memory:/player
5:blkio:/player
4:cpuacct:/player
3:cpu:/player
2:cpuset:/player
1:name=openrc:/xdm/player |
That looks better … There are new errors now: | Code: | lxc-start 1451392895.111 ERROR lxc_utils - utils.c:safe_mount:1692 - Operation not permitted - Failed to mount sysfs onto /var/lib/lxc/rootfs/sys
lxc-start 1451392895.111 ERROR lxc_conf - conf.c:lxc_mount_auto_mounts:828 - Operation not permitted - error mounting sysfs on /var/lib/lxc/rootfs/sys flags 14
lxc-start 1451392895.111 ERROR lxc_conf - conf.c:lxc_setup:3910 - failed to setup the automatic mounts for 'playtime1'
lxc-start 1451392895.111 ERROR lxc_start - start.c:do_start:717 - failed to setup the container
lxc-start 1451392895.111 ERROR lxc_sync - sync.c:__sync_wait:51 - invalid sequence number 1. expected 2
lxc-start 1451392895.111 ERROR lxc_start - start.c:__lxc_start:1192 - failed to spawn 'playtime1' |
|
|
| Back to top |
|
|
rarehh
n00b
Joined: 03 Jan 2016
Posts: 1
|
| Posted: Sun Jan 03, 2016 4:26 pm Post subject: |
|
|
as.gentoo
Hello, I have same problem with LXC (followed the instructions https://wiki.gentoo.org/wiki/LXC)
| Code: |
Permission denied - Could not create cgroup '/lxc/mylxc' in '/sys/fs/cgroup/perf_event'
|
You solved it? |
|
| Back to top |
|
|
as.gentoo
Guru
Joined: 07 Aug 2004
Posts: 319
|
| Posted: Sun Jan 03, 2016 6:33 pm Post subject: |
|
|
| rarehh wrote: | as.gentoo
Hello, I have same problem with LXC (followed the instructions https://wiki.gentoo.org/wiki/LXC)
| Code: |
Permission denied - Could not create cgroup '/lxc/mylxc' in '/sys/fs/cgroup/perf_event'
|
You solved it? |
EDIT:
Oh that. Did you try emerging lxc with the "cgmanager" USE flag? And doing the following by hand?
| Code: | lxcUser $> sudo cgm create all lxcUser
lxcUser $> sudo sudo cgm chown all lxcUser $(id -u) $(id -g)
lxcUser $> sudo cgm movepid all lxcUser $$ |
Anyhow, I still have problems like: Operation not permitted - Failed to mount sysfs onto /var/lib/lxc/rootfs/sys |
|
| Back to top |
|
|
|
Other Things Gentoo
