Bug 1100982

Summary: Systemd segfaults when launched in a user namespace (LXC 1.0.x)
Product: [Fedora] Fedora Reporter: rhn
Component: systemdAssignee: systemd-maint
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: agk, harald, johannbg, kay, lnykryn, lpoetter, mschmidt, msekleta, plautrba, s, systemd-maint, vpavlin, zbyszek
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-17 00:48:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
GDB session with systemd + debug logging none

Description rhn 2014-05-24 23:24:45 UTC 
Created attachment 898987 [details]
GDB session with systemd + debug logging

Description of problem:
When systemd is launched in a user namespace it will segfault in some control group code. I assume it's related to the fact that it cannot mount control groups for itself within the container.

Version-Release number of selected component (if applicable):
# rpm -q systemd
systemd-208-9.fc20.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Install Fedora 20 normally into a KVM virtual machine
2. Mount the virtual disk and copy it to an LXC root filesystem, including UID relabeling for user namespaces
3. Launch container.

Actual results:
systemd segfaults during startup and hangs, possibly with a debug shell if enabled

Expected results:
systemd boots

Additional info:

LXC config file:
==
lxc.utsname = fedora20

lxc.id_map = u 0 1040000 10000
lxc.id_map = g 0 1040000 10000

lxc.tty = 6
lxc.rootfs = /lxc/fedora20

lxc.network.type = veth
lxc.network.link = br0
lxc.network.veth.pair = fedora20
lxc.network.name = eth0

lxc.autodev = 0
lxc.mount.auto = proc:rw sys:rw cgroup:mixed
==

Mount points in the container:
==
# cat /proc/mounts
rootfs / rootfs rw 0 0
atmaweapon/lxc/fedora20 / zfs rw,noatime,xattr,noacl 0 0
/lxc/fedora20/dev /dev tmpfs rw,relatime,size=100k 0 0
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
sysfs /sys sysfs rw,nodev,relatime 0 0
cgroup_root /sys/fs/cgroup tmpfs rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755,uid=1040000,gid=1040000 0 0
cgroups /sys/fs/cgroup/blkio,net_cls,freezer,devices,memory,cpuacct,cpu,cpuset/lxc/fedora cgroup rw,relatime,blkio,net_cls,freezer,devices,memory,cpuacct,cpu,cpuset,clone_children 0 0
devpts /dev/console devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
devpts /dev/tty1 devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
devpts /dev/tty2 devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
devpts /dev/tty3 devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
devpts /dev/tty4 devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
devpts /dev/tty5 devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
devpts /dev/tty6 devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
==

GDB session is attached.
Comment 1 Lennart Poettering 2014-06-04 15:06:55 UTC 
Newer systemd version will simply refuse to boot now, rather than segfault.

We simply don't support cgroup-less boots, and have removed all support code for it.