lxc-execute fails to start container without rootfs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lxc (Ubuntu) |
Fix Released
|
Medium
|
Serge Hallyn | ||
Raring |
Fix Released
|
Medium
|
Unassigned |
Bug Description
=======
Impact: cannot lxc-execute in a container without private rootfs
Development fix: mount /proc when no rootfs is specified
Stable fix: same as development fix
Test case:
sudo lxc-execute --name test /bin/bash
Without the fix, this will fail. With the fix, it will
succeed.
Regression potential: This fix is cherrypicked from upstream, and
should not result in any regressions. The function
being modified is a crucial one though.
=======
I get the following output when trying to start a container just running bash as an app:
$ sudo lxc-execute --name test /bin/bash
lxc-execute: Permission denied - failed to change apparmor profile to lxc-container-
lxc-execute: invalid sequence number 1. expected 4
lxc-execute: failed to spawn 'test'
I'm attaching the contents of /var/log/
ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: lxc 0.9.0-0ubuntu3.2
ProcVersionSign
Uname: Linux 3.8.0-23-generic x86_64
NonfreeKernelMo
ApportVersion: 2.9.2-0ubuntu8.1
Architecture: amd64
Date: Fri Jun 7 08:09:18 2013
EcryptfsInUse: Yes
InstallationDate: Installed on 2012-04-27 (405 days ago)
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Beta amd64 (20120328)
MarkForUpload: True
SourcePackage: lxc
UpgradeStatus: Upgraded to raring on 2013-04-26 (41 days ago)
lxcsyslog:
Related branches
Changed in lxc (Ubuntu): | |
importance: | Undecided → Medium |
Changed in lxc (Ubuntu): | |
status: | New → Confirmed |
Changed in lxc (Ubuntu Raring): | |
importance: | Undecided → Medium |
status: | New → Confirmed |
description: | updated |
Changed in lxc (Ubuntu Raring): | |
status: | Confirmed → In Progress |
Thanks for reporting this bug. Your example pointed me to the root of the problem, which has been around for awhile.
This patch, plus upstream commit fabf7361da4845c d6cf268e0e85c3c 6a1c0b0be4 (from this morning), fixes the bug for me.