Bug 920732 - A fresh created F18 container cannot be started
Summary: A fresh created F18 container cannot be started
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: lxc
Version: 18
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Thomas Moschny
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-03-12 15:47 UTC by Enrique
Modified: 2013-12-14 03:27 UTC (History)
2 users (show)

Fixed In Version: lxc-0.9.0-2.fc20
Clone Of:
Environment:
Last Closed: 2013-12-05 03:22:58 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Enrique 2013-03-12 15:47:05 UTC
Description of problem:
 
 I am creating a F18 container within a F18 host but the LXC container wouldn't start with lxc-start, it gives some errors:
lxc-start: Invalid argument - pivot_root syscall failed
lxc-start: failed to setup pivot root
lxc-start: failed to set rootfs for 'spherical-x86_64'
lxc-start: failed to setup the container
lxc-start: invalid sequence number 1. expected 2
lxc-start: failed to spawn 'spherical-x86_64'

I can see with 'mount' that several filesystems have been mounted for the container (devpts, sysfs, proc...), so it looks like the start up was partially done.

 Regards,
 Enrique


Version-Release number of selected component (if applicable):

lxc-0.8.0-2.fc18.x86_64
lxc-libs-0.8.0-2.fc18.x86_64
lxc-templates-0.8.0-2.fc18.x86_64

How reproducible:
Always

Steps to Reproduce:
1.yum install lxc-templates
2.yum update --enablerepo=updates-testing lxc-0.8.0-2.fc18  (To fix Bug 835125)
3.lxc-create -t fedora -n spherical-x86_64 -- -R 18
4.lxc-start -n spherical-x86_64
  
Actual results:

lxc-start: Invalid argument - pivot_root syscall failed
lxc-start: failed to setup pivot root
lxc-start: failed to set rootfs for 'spherical-x86_64'
lxc-start: failed to setup the container
lxc-start: invalid sequence number 1. expected 2
lxc-start: failed to spawn 'spherical-x86_64'

Expected results:

The container starts are you are presented with the console.

Comment 1 Thomas Moschny 2013-03-12 17:17:19 UTC
This is a known issue. There's a work around, see https://bugzilla.redhat.com/show_bug.cgi?id=875778#c8 :

mount --make-rprivate /

This will be fixed by 0.9.0, once released.

Comment 2 Enrique 2013-03-14 15:19:30 UTC
 Hi, I have done that, and now when I start the container with lxc-start I don't get the console, but nothing instead. With lxc-console it doesn't work either.
 If I run lxc-ps I get:
CONTAINER          PID TTY          TIME CMD
spherical-x86_64  2585 ?        00:00:00 systemd
spherical-x86_64  2596 ?        00:00:00 systemd-udevd
spherical-x86_64  2697 ?        00:00:00 systemd-logind
spherical-x86_64  2698 ?        00:00:00 rsyslogd
spherical-x86_64  2701 ?        00:00:00 dbus-daemon
spherical-x86_64  2708 tty1     00:00:00 agetty
spherical-x86_64  2709 ?        00:00:00 agetty

 So some processes are running in the container. However, I get some errors in the host /var/log/messages from systemd. It somehow looks like the container is using the same systemd as the host. Also, very strangely, the X server on the host crashed.
 The host is a fresh installation of F18 with NIS and NFS+autofs configured on top of that.

 Best regards,
 Enrique

Comment 3 Enrique 2013-03-14 15:21:42 UTC
 BTW, if the "mount --make-rprivate /" command is not run, and one gets the error I reported in comment #1, a lot of file systems are left mounted in the host of type sysfs, devpts, proc. Maybe, even if it fails a cleanup should be performed.

Comment 4 Enrique 2013-03-14 15:43:59 UTC
 I have tried to create a Ubuntu container and it works fine, however, so it looks like an issue in the initialization (systemd?) of the Fedora guest.

Comment 5 Enrique 2013-03-14 15:48:50 UTC
 Something else that I discover is that the /etc/mtab in the Fedora guest leaked some of the filesystems mounted in hte host, for instance:

/dev/sda1 /boot ext4 rw,seclabel,relatime,data=ordered 0 0

I guess that this is a security issue, since the guest shouldn't know of those filesystems, right?

 Regards

Comment 6 Fedora Update System 2013-09-04 18:17:24 UTC
lxc-0.9.0-2.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/lxc-0.9.0-2.fc20

Comment 7 Fedora Update System 2013-09-04 18:17:57 UTC
lxc-0.9.0-2.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/lxc-0.9.0-2.fc18

Comment 8 Fedora Update System 2013-09-04 18:18:32 UTC
lxc-0.9.0-2.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/lxc-0.9.0-2.el6

Comment 9 Fedora Update System 2013-09-04 18:19:08 UTC
lxc-0.9.0-2.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/lxc-0.9.0-2.fc19

Comment 10 Fedora Update System 2013-09-05 17:51:14 UTC
Package lxc-0.9.0-2.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing lxc-0.9.0-2.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-15836/lxc-0.9.0-2.fc20
then log in and leave karma (feedback).

Comment 11 Fedora Update System 2013-12-05 03:22:58 UTC
lxc-0.9.0-2.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2013-12-05 10:31:26 UTC
lxc-0.9.0-2.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 13 Fedora Update System 2013-12-05 10:41:08 UTC
lxc-0.9.0-2.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 14 Fedora Update System 2013-12-14 03:27:12 UTC
lxc-0.9.0-2.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.